• 888-966-4827
Menu

Category Archives:
Scams

Home / Blog / Scams
Working from Home Cybersecurity Tips

Working from Home Cybersecurity Tips

Coronavirus has forced millions of Americans to work remotely from their homes. Although working from home helps with social (physical) distancing by preventing the spread of COVID-19, there are many new challenges that have come with teleworking. For example, many states have closed schools for weeks, and for some, the entire rest of the school year. Parents may be juggling work while their children are learning remotely. You may find yourself becoming an expert with practicing mindfulness along with new software and conferencing programs, such as Zoom and GoToMeetings (or if you aren’t, your children blessedly are).

 

As we are being forced to slow down the pace of everyday life, we recognize that a lot of good can come out of this time. But, on the other side of the coin, there is the growing opportunity for cybercriminals to trick us into forking over passwords during this learning transitional period. Reuters reported last week that “some researchers have found hackers masquerading as the U.S. Centers for Disease Control and Prevention in a bid to break into emails or swindle users out of bitcoin, while others have spotted hackers using a malicious virus-themed app to hijack Android phones.” Our blogs last week provided some details on these new scams.

 

The Federal Trade Commission (FTC) has some tips to help protect your devices and personal information while working from home:

Start with cybersecurity basics. Keep your security software up-to-date. Use passwords on all your devices and apps. Make sure the passwords are long, strong and unique. The FTC suggests using at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters.

Secure your home network by starting with your router. Turn on encryption (WPA2 or WPA3), which scrambles information sent over your network so outsiders can’t read it. If no WPA2 or WPA3 options are available with your current router, considering replacing your router altogether.

Keep an eye on your laptop and make sure it is password-protected, locked when you aren’t using it and secure. We suggest that it is never unattended, such as out in plain sight in a vehicle. Even if your doors are locked, windows can easily be broken.

Securely store your physical files. Strong physical security is an important part of cybersecurity. If you don’t have a file cabinet at home that is lockable, consider using a locked room. Read this blog by the FTC to learn more tips about physical security.

Dispose of sensitive data securely. Invest in a shredder if you don’t already have one. Throwing paperwork you no longer need in the garbage or recycling bin can be a treasure for a pirate especially if it includes personal information about customers, vendors or employees.

Follow your employer’s security practices. Since your home is now an extension of your office, make sure that you understand the protocols that your employer has implemented.

 

Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 888,966.GUARD (4827) and [email protected].

.

And More Coronavirus Scams …

And More Coronavirus Scams …

We are monitoring updates surrounding the coronavirus (COVID-19) pandemic around the clock. This environment is a breeding ground for scams to take advantage of you and your identity. Rest assured that we are here to help and will communicate with you every step of the way.

 

The following is the latest information that we know of regarding coronavirus scams:

 

– The Federal Trade Commission (FTC) sent warning letters to seven sellers of scam coronavirus treatments. The FTC reported that “So far all of the companies have made big changes to their advertising to remove unsupported claims.” That is good news. But, scammers never take a break.

 

– Anyone can set up an e-commerce site and claim they have in-demand products. Be on the lookout for online ads that tout cleaning, household and health/medical supplies. Just because they have a website and you pay money doesn’t mean that you will receive any goods in return. The FTC suggests that you check out any seller by searching online for the person or company name, phone number and email address along with keywords such as “review,” “complaint” or “scam.”

 

– Anyone can also set up a fake charity to take advantage of a major health crisis. These scammers take advantage of your generosity and have names that are extremely close to the names of real charities. The FTC remarked that “Money lost to bogus charities means less donations to help those in need.” We suggest that you visit http://www.ftc.gov/charity to help you research charities. Also, if/when you do give, pay safely by credit card and never by gift card or wire transfer.

 

– As well, anyone can pretend to be someone you know. “Scammers use fake emails or texts to get you to share valuable personal information – like account numbers, Social Security numbers, or your login IDs and passwords.” If you accidentally click on a link, they can get access to your computer, network and/or install ransomware and other programs on your equipment that can lock you out. Please protect your smart phone and computer by keeping your software up to date and using multi-factor authentication. Backing up your data on a regular basis is also recommended.

 

– Surprisingly robocalls “pitching everything from scam coronavirus treatments to work-at-home schemes” are still in full force. Do not answer unless the call shows up as a contact in your phone. Let voicemail filter your messages. For more information on robocalls, visit https://www.consumer.ftc.gov/articles/0259-robocalls.

 

We understand that all of this is indeed nerve-wracking. One of the great things about our business is that we are always working in the moment … situations such as the coronavirus do not rattle our operations and team members. Not only do we have a team at a centralized location, but we have also always worked remotely. We will continue to be available for you 24 hours a day, 7 days a week, 365 days a year. We hope that this gives you some peace of mind knowing that we are on top of this crisis and will continue to communicate any dangerous scams related to the outbreak as soon as possible.

 

As always, please contact us immediately if you have any concerns at 888.966.GUARD (4827) or [email protected].

 

 

Coronavirus Scams are on the Rise

Coronavirus Scams are on the Rise

COVID-19 is a breeding ground for scams. The Federal Trade Commission (FTC) has alerted consumers that scammers are taking advantage of the panic and fear surrounding the global pandemic. “They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information,” remarked Colleen Tressler, Consumer Education Specialist, FTC. There are also malicious apps being developed, one of which is an Android tracker app that supposedly allows users to keep an eye on the spread of the virus, but locks victims’ phone and demands money to unlock it.

 

Phishing scams may come across as emails and/or posts promoting coronavirus awareness. These messages will often offer prevention tips on how to stay well, what the symptoms of the virus may include and what to do in case you or a family member feel ill. Some are creating fake “cases” of COVID-19 in your neighborhood so you feel more inclined to help out. “They also may be asking you to donate to victims, offering advice on unproven treatments, or contain malicious email attachments.” Don’t fall for it.

 

Here are some tips to help you keep the scammers at bay:

– Do not click on any links from sources you do not know. Doing so could download a virus on your equipment.

– Be on the lookout for phishing emails that appear to be from the Centers for Disease Control and Prevention (CDC). The CDC will not email you. The World Health Organization (WHO) will not email you either.

– Ignore offers for vaccinations. Many ads exist touting prevention, treatment, and cure claims. They are not legitimate.

– Do not donate cash, purchase gift cards, or wire money without investigating the request in full. See the FTC’s article “How to Donate Wisely and Avoid Charity Scams” for more information.

– The Securities and Exchange Commission (SEC) is warning about false “investment opportunities.” Be aware of online promotions, including on social media, claiming that the products or services of publicly-traded companies can prevent, detect, or cure coronavirus and that the stock of these companies will dramatically increase in value as a result.

 

Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and [email protected].

Founder and CEO on iHeartRadio 700WLW Podcast

Founder and CEO on iHeartRadio 700WLW Podcast

On December 5, 2019, Guard Well Identity Theft Solutions Founder and CEO was interviewed by Rocky and Rachel on Cincinnati’s News Radio 700WLW. Topics discussed during the ten-minute segment (51:50 to 60:52) include the risk of living in a technologically advanced society, what a digital footprint is and how to reduce the risk of your data being collected and sold online.

 

“We all have a social security number. We are all at risk. If you haven’t already been victimized by identity theft or identity fraud, it’s going to happen. It’s a sad reality…” Guard Well’s Founder and CEO stated that there are 3.5 million Google searches every minute and 4.3 billion Facebook posts every day “…all of that information is being collected and sold.”

 

What can be done to help reduce this risk?

– Be careful about what information you put on social media. For example, remove your birthdate from your Facebook account.

– When you search online, do it privately. Don’t allow cookies if possible when looking at websites.

– Try not to share your location with Google Maps.

– Inactivate and delete any old email accounts.

– Search for your own name on Google and see what pops up. If your name is listed on People Search or People Finder, you can submit a request for them to pull your information down.

 

Additionally a service site called DeleteMe.Com was discussed that will facilitate users in deleting their presence on other sites and will provide information on privacy laws in multiple countries to better educate the users on their rights in relation to data privacy.

 

To listen to the full podcast, visit https://www.iheart.com/podcast/eddie-rocky-20799661/episode/rocky-and-rachel-12519-53509284/?fbclid=IwAR2zfrqzsSc8c08pB3-YOiBR6WH3k3jszEVWPJytlzSlnyvJ3qVihPD7j6c

Scams, Scams and More Darn Scams

Scams, Scams and More Darn Scams

Did you know that there are at least 48 different types of identity theft and the number of scams involved in each is growing daily? Romance scams, residence scams, utility scams, employment scams, telephone scams, email scams, charity scams, Apple care scams, AirBNB scams, PayPal scams, census scams, ticket scams, government scams, medical scams, insurance scams, real estate scams, investment scams, lottery and sweepstakes scams … there really isn’t one facet of our lives that isn’t ‘scam-able.’ As the weather turns colder, it kind of makes you want to curl up under an electric blanket and hibernate for a bit doesn’t it!

 

Although everyone with a social security number is at risk for identity theft, there are two groups that are targeted more often: children and seniors. The U.S. Department of Health & Human Services has studied why. They explain, “Children are targeted to establish a ‘clean slate.’ Seniors are targeted over the telephone and through phishing scams. Some studies suggest that people become more trusting as they age, which helps to explain why it’s more difficult for older adults to detect fraudsters.”

 

The next high-risk group that follows children and seniors are the military mostly due to deployment, which impacts their ability to respond to a threat in a timely manner. According to the Federal Trade Commission, military consumers are most affected by credit card and bank fraud. Another high-risk group is identity theft repeat victims. As reported in Consumer Affairs, “people who have previously been affected by identity theft are at a greater risk for future identity theft and fraud.” According to the Center for Victim Research, “7-10% of the U.S. population are victims of identity fraud each year and 21% of those experience multiple incidents of identity theft.”

 

Lastly, the deceased are targeted. Stealing a dead person’s identity, commonly known as “ghosting,” will often go unnoticed by surviving family for months or years. A report dating from 2012 stated that 2.5 million deceased American identities are stolen each year. Of those 2.5 million stolen identities, 800,000 were used to open lines of credit or get a mobile phone plan.

 

Fraudsters oftentimes repeat their favorite most lucrative scams, which are driven by major financial life moments, such as taxes and holiday shopping. Yes, it’s getting to be that time of year, and, guess what … the world’s largest online retailer, Amazon, is seeing a huge increase in fake Amazon.com order cancellation scams. If you receive an email about an order cancellation from Amazon, there’s a good chance it’s a scam. Click on links in the email and you could unintentionally download malware onto your device. Or you might be sent to a site that aims to collect your Amazon account information, like your username and password. If you receive such an email and recently placed an order, go to Amazon.com directly to check your order status.

 

Most of our blogs offer tips to help protect yourself and your family from identity theft. There is one tip in this blog: Remain aware of scams and that they can touch every facet of your life. By staying in-the-know, you can help every month be National Cybersecurity Awareness month … not just October.

 

If you suspect that you or a loved one has suffered identity theft, please reach out to us as soon as possible. Our Guard Well member services team is available around the clock, every day of the year. Email [email protected] or call 888.966.GUARD (4827) for help.

SIM Swap Attack – the New Hijack

SIM Swap Attack – the New Hijack

Imagine no texting, no service, and no data for a minute. Yikes! Halloween or not, the lack of being able to connect is a very scary thought and it can happen to any of us due to a tiny piece of plastic called a SIM card. There is a SIM (subscriber identity module) in every mobile device and it is what connects the user to a cellular network. Unfortunately, there is a wide-spread SIM swap hack that allows a thief to hijack your cell number.

 

Also known as a port out scam, simjacking, swim swapping, and SIM splitting … this latest scam can wreak havoc in all of your accounts associated with your mobile phone number. Everyone with a cell phone is at risk of this type of takeover. The PEW Research Center, a nonpartisan organization based in Washington D.C., reported this year that 96% of Americans have a cellular device and 92% of them go online daily. Considering that there are approximately 330 million Americans, that’s a pretty large target market from a hacking standpoint. No one is immune. A number of high profile attacks have occurred via Instagram and Twitter. The website wired.com reported that Twitter CEO Jack Dorsey’s own twitter account was hacked via this method this year.

 

What is a SIM Swap?

This type of scam is an account takeover fraud. It targets a weakness in two-factor authentication and two-step verification in which the second factor (step) is either a text message or a call placed to a mobile telephone. This is achieved by the fraudster impersonating the victim using personal details to appear authentic and claiming that they have lost their phone. The victim’s phone will then lose connection to the network and the fraudster will receive all the SMS and voice calls intended for the victim. This allows them to intercept any one-time passwords sent via text or telephone calls sent to the victim, and thus to circumvent any security features of accounts (such as bank accounts, social media accounts, etc.) that rely on text messages or telephone calls.

 

Damage from a SIM swap can have a snowball effect. Since the scammer would be armed with your login credentials, not only can they steal your money, take over your email and social media accounts, but they can lock you out of them all and open up a new cellular account in your name … or buy that new phone you’ve been eyeing for months but won’t have the joy of using yourself.

 

Is a SIM swap preventable?

No. It’s impossible to completely prevent someone from gaining access to your phone number through a SIM swap due to the fact that the scam requires no misstep on your part (such as clicking on a bogus link). All the scammer needs to do is convince your carrier that they are you and to transfer your phone number to their SIM. As described by Michael Grothaus with Fast Company, “There’s nothing inherently shady with doing a SIM card swap. If you lose your phone or your SIM card is damaged, for instance, you might go to a mobile carrier store or even call up customer service to have your number transferred to a new SIM.”

 

Even though you can’t prevent a swap from happening to you, there are ways to make it more difficult for a scammer. Grothaus suggests to use an authenticator app such as Authenticator by Google, Microsoft AuthenticatorLastPass Authenticator, and 1Password. A single authenticator app can handle all your authentication codes no matter how many different accounts you use.

 

Other courses of action you can do to help prevent a swap include:

– Limit the personal information you share online. Identity thieves will find information to answer the security questions you may have set up to verify your identity. For example, if one of your security questions is, “What is my high school mascot?” and you list your high school name on your Facebook account and that information is not on a private setting, it’s not difficult for a good sleuth to figure out your mascot’s name.

– Set up a PIN for your cellular account and do not share it with anyone.

– Do not reply to calls, emails and SMS messages that could be a phishing attempt to request your personal data. Make sure to read our blog “Accidentally Clicked on a Phishing Link – Now What” to get up-to-speed on phishing scams.

 

The Federal Trade Commission offers a few tips on what to do if you suspect that you’ve been swapped:

– First, contact your cellular service provider immediately to take control of your phone number. After you re-gain access to your phone number, change your account passwords.

– Check your banking, credit card and insurance statements for unauthorized charges or changes to your profile.

– Call your identity theft resolution provider. A Guard Well Member Services team professional is always on hand for you 24 hours a day, seven days a week and every day of the year … yes, even Halloween. There are enough tricks flying around. Here’s to receiving a treat this year!

 

 

DNA – Genetic Testing Hacks

Yes, we all would love to know more about our pasts … some from a medical necessity and others just from plain curiosity. Unfortunately, genetic testing is one of the newer “gotcha” identity theft hacks. The U.S. Department of Health and Human Services of Inspector General has just alerted the public about this new fraud scheme.

 

What is Genetic Testing?

According to the U.S. National Library of Medicine, genetic testing is a voluntary medical test “that identifies changes in chromosomes, genes, or proteins. The results of a genetic test can confirm or rule out a suspected genetic condition or help determine a person’s chance of developing or passing on a genetic disorder.” With more than 1,000 genetic tests currently in use, genetic testing labs are sprouting up all over the country, and in some circumstances, health insurers now pay for the testing. For example, the Centers for Medicare and Medicaid Services pays for next-generation sequencing for people with advanced cancer or a family history if the test is medically necessary and ordered by a treating physician. These tests may cost $10,000 or more.

 

How Does Genetic Testing Fraud Happen?

Genetic testing fraud occurs when, in this case, Medicare is billed for a test or screening that was not medically necessary and/or was not ordered by a treating physician. For example, Mr. Smith, a retiree, attended a county fair and stopped by a booth offering “free genetic testing.” Not realizing that a treating physician’s orders would be needed for Medicare to cover the cost of the test and being naturally curious about his family’s risk of cancer, Mr. Smith provided his Medicare personal identifying information to the booth worker prior to getting his cheek swabbed. In some cases, sample kits are mailed to the victim. He was then told to expect test results in about three weeks. Medicare was billed for the test and denied the claim. Mr. Smith was then charged the full amount of the test and likely never received his results. Basically, Mr. Smith’s scammer found a laboratory willing to split the profit from the testing once the DNA samples were in hand.

 

How Can I Prevent This?

– If a genetic test is mailed to you unsolicited, do not accept it. Just write ‘return to sender’ on the envelope and send it back.

– Understand that there are schemes that say genetic testing is free. Although it may falsely appear as a no cost test, realize that there are no free genetic tests. Someone always has to pay.

– Only a physician that you know (and trust) should be discussing genetic testing with you or ordering it.

– If someone you do not know asks for your health insurance or Medicare information, do not provide it. Only provide this type of information in person at your physician’s office.

– Be aware that anytime your personal information is compromised, it may be used in other fraud schemes. Closely monitor your credit report and make sure your identity theft resolution services coverage is current.

 

If you suspect genetic testing fraud, please contact the HHS OIG (U.S. Department of Health and Human Services – Office of Inspector General) hotline at 1.800.HHS.TIPS or email [email protected] immediately. Not sure what to do or have concerns about this topic? Contact us day or night. We are always open for you.

 

 

Ten Signs You Have Been a Victim of Identity Theft

Ten Signs You Have Been a Victim of Identity Theft

Identity theft is rampant. One in three data breach victims will experience fraud according to a 2018 study by Javelin Strategy & Research. The number of identity fraud victims in the United States alone is at 16.7 million with over $16.8 billion stolen. Read More

 

Do you know the latest signs of identity theft? Here are the top ten red flags that trouble is brewing:

– You receive a notice, either in the mail or via email, that you have been a part of a data breach.

– Your credit score quickly drops without explanation.

– Withdrawals from your bank account start to occur … and they are withdrawals that you haven’t scheduled or already made.

– Although you haven’t filed any insurance claims, your rates rapidly rise.

– Your Social Security statements aren’t matching your records.

– There are suspicious charges on your credit card.

– You are turned down for a loan or credit card unexpectedly.

– Your credit report shows accounts that you have not opened.

– Either federal, your state or local taxing authority alerts you to their receipt of multiple filings in your name.

– You receive a bill for an item or service that you have not purchased … and from a company that you have never done business with.

 

Have you experienced any of the above? If yes, contact a fraud resolution specialist immediately.

The Rise in Health Care Fraud

The Rise in Health Care Fraud

Health care data is increasingly becoming a top target for scammers and hackers. A reason why fraudsters may be going after health care data more is because of its longer shelf life and rich potential for identity theft. Financial data has a finite lifespan and loses its worth as soon as the consumer notices the frauds and cancels their accounts or cards. However, health care data contains information that can’t be cancelled or changed as easily as a credit card.

Every year, with the exception of 2015, the number of healthcare data breaches has increased 70%, rising from 199 breaches in 2010 to 344 in 2017.[1] According to a study published by the Journal of American Medical Association, “those breaches have resulted in the loss, theft, exposure, or impermissible disclosure of 176.4 million healthcare records. 75% of those records were exposed or stolen as a result of hacking or IT incidents.” Medical identity theft not only affects the patient (consumer), but has potentially disastrous ramifications on insurance providers as well as the healthcare providers.

What is medical identity theft?

Medical identity theft occurs when a fraudster illegally obtains and uses a patient’s Personally Identifiable Information (PII), such as name, Social Security number, and/or medical insurance identity number, to fraudulently obtain or bill for medical goods or services. This kind of fraud also includes the unauthorized personal gain of insurance benefits, prescription drugs, employment, government benefits, or other financial gain acquired through the theft of another individual’s PII. Hackers have also been known to sell stolen health care records on the black market.[2]

The ten largest data breaches of patient data in 2018 involved email, targeted phishing attacks, and database misconfigurations. The largest health data breach during this same time was caused by a hack on a billing vendor, AccuDoc Solutions. 2.65 million Atrium Health patients were involved in the breach.

Who is at risk?

Everyone is at risk for medical identity theft but seniors are increasingly targeted. Navigating the Medicare system isn’t easy to begin with. When confusion enters the picture, scammers view it as an especially ripe time to take advantage of the ever-growing aging population. Always keep in mind that Medicare will never call to ask for sensitive personal financial information.[3]

How can you help protect yourself?[4]

  • Review the Explanations of Benefits (EOB) statement or Medicare Summary Notice that your health plan sends after treatment. Immediately report any mistakes or unfamiliar charges, such as a doctor’s visit you did not make or prescriptions that you did not fill.
  • Check in with your doctor(s) to ensure your medical records are accurate. Make sure the records contain your procedures, treatments, prescriptions, and other medical activities. If you notice inaccurate health details such as the wrong blood type, pre-existing conditions, or allergies, it may be a sign that an identity thief has accessed your records.
  • Get a copy of your medical records periodically and keep them in a safe.
  • Do not share your medical or insurance information with other individuals.Especially do not provide your medical information over the phone or via email unless you initiated the contact and have verified the entity you are contacting.
  • Treat your medical identity with the same care and caution you do any of your other sensitive information, such as your financial credentials. Shred health documents you no longer need. Peel the labels off of your prescription bottle and shred them as well.
  • Read the Privacy Policy on a website before you provide your Personally Identifiable Information. Find out why your Social Security number or insurance account numbers may be needed and how the website will keep it safe, or if it will be shared, and if so, with whom. (Websites with “https” in their URL are secure.)

If you are unsure about sharing your personal information with someone who says they are from your health plan—DON’T. Directly contact the Member Services number on your ID card so you can be sure the person is a verified health representative.

Taking the Mystery out of Shopping Scams

Taking the Mystery out of Shopping Scams

It’s no secret that being a mystery shopper for a reputable company is a legitimate way for an individual to earn some income. Mystery shopping, also known as secret shopping, is estimated to be a $1.5 – 2 billion dollar industry with over 8.1 million mystery shops conducted a year. This profitable enterprise has been around for decades.

Contrary to what many believe, mystery shoppers don’t get paid to shop. They are independent contractors who pose as shoppers in order to gather data about the customer experience in a specific environment. Mystery shoppers complete reports, often using an online form, after leaving the establishment they observe. They get paid for their work and do not front any money first in order to work.

Fake check fraud is an exploding epidemic and scams involving the mystery shopping industry have made a big comeback … unfortunately, our tech-savvy teenagers are the targets of late.

Anyone with a bank account and the desire to make some extra cash on the side can be a victim. High school and university students across the nation are increasingly being pursued. Why students? Students are easy targets for scammers due to their need for money to help fund their education.

Thousands are being contacted and thousands of dollars are being lost. The latest mystery shopping scam reported in the media last month disclosed that University students in Fargo, North Dakota had been targeted. One devastated student ended up losing $3,850.75. Being educated on how this type of scam operates will help prevent this from happening to you and your child.

How Does a Mystery Shopping Scam Work?

  • Scammer reaches out to victim with an offer in the mail to be a secret shopper and a check is included. Often times the amount on the check is for over a thousand dollars. The victim is told to deposit the check and understands that they will eventually keep several hundred dollars as payment for their upcoming shopping services.
  • Victim deposits the check and waits the expected day or two for the funds to clear. Note that even if the bank says the funds are available in a couple of days, the process of uncovering a fake check can take financial institutions weeks.
  • Victim is asked to buy something. Typically, the first shopping task is to test the in-store money transfer service like Western Union or MoneyGram by sending some of the money that was deposited back to the company.
  • Victim is then asked to buy a product, “often from a Walmart,” according to the Federal Trade Commission. Common items purchased are reloadable gift cards, such as iTunes. Part of this task requires the victim to send pictures of the purchased cards or to give the numbers on the cards to the company.
  • Two to three weeks later, the victim receives a notification from their bank that the deposited check was a fake. The realization that they have been scammed sets in. Victim is responsible for paying back the amount to their bank. Another unfortunate bonus is that the reloadable gift cards that the victim had purchased are suddenly empty of funds.

 

What Can You Do?

Help stop these scammers from making money. Educate your children about the issue. Explain what check fraud is. Let them know that they should never pay to become a mystery shopper. The fact that these scammers are targeting our children is another great reason to make sure that your identity theft protection covers every member of your immediate family.