Stolen Data of 533 Million Facebook Users Leaked Online

Stolen Data of 533 Million Facebook Users Leaked Online

Facebook, the most popular social media platform worldwide, has experienced another leak. This weekend we learned that the phone numbers and personal data of 533 million users were published for free.

 

Business Insider reported that “the exposed data includes the personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdays, bios, and, in some cases, email addresses.”

 

For more information, click HERE.

 

Be vigilant. Be strong. If you have any concerns or think you have been a victim, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit: Tim Bennett on Unsplash

Bogus COVID Vaccine Survey

Bogus COVID Vaccine Survey

As millions of Americans are being vaccinated against COVID-19, scammers are working hard to steal their money and personal information through bogus COVID vaccination surveys. This can be confusing especially since there is a ‘v-safe’ after vaccination health checker that you are asked to download at the vaccination site after your first dose. V-safe is a legitimate app, which is a smart-phone based tool that uses text messaging and web surveys to provide personalized health check-ins after you receive a COVID-19 vaccination. Literature from v-safe says, “Through v-safe, you can quickly tell CDC if you have any side effects after getting the COVID-19 vaccine. Depending on your answers, someone from CDC may call to check on you. And v-safe will remind you to get your second vaccine dose if you need one.” For more information, visit https://vsafe.cdc.gov/en/.

 

Although v-safe is safe and legitimate, scammers have developed a new trick to steal. It doesn’t matter if the vaccine received was Pfizer, Moderna or AstraZeneca, people all across the country are being asked to complete a one-time survey in exchange for a free reward but one that requires the victim to pay shipping fees. According to the Federal Trade Commission, “No legitimate surveys ask for your credit card or bank account number to pay for a ‘free’ reward.”

 

What should you do if you receive an email or text you’re not sure about?

– In order to prevent malware that steals your personal information, don’t click on any links or open attachments.

– Don’t call or use the number in the email or text. The first thing you can do is run a search of the company that supposedly sent the message by looking up their phone number online.

– Don’t give out any bank information, credit card or other personal information to any organization that contacts you out of the blue.

– Consider adding a filter to prevent unwanted text messages on your phone by contacting your wireless provider and/or utilizing a call-blocking app.

 

Be vigilant. Be strong. If you have any concerns or think you have been a victim of a COVID vaccination scam, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo by National Cancer Institute on Unsplash.com

RedDorz and Foxtons: Dark Web Fraud Alert

RedDorz and Foxtons: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are RedDorz.com and Foxtons.com.

 

RedDoorz.com is a Singapore-based hotel management and booking platform. Their breach size involves 5.8 million records: first name, last name, email address, password, gender, phone number, and date of birth. The origin date was September 2020.

 

Foxtons.co.uk is a British estate agency company dealing with both listings and sales. Alexander Hall is a subsidiary of Foxtons and provides mortgage services and advice since 1992. Their breach size involves 2.9 million records: first name, last name, email address, userid, and password. The origin date of this breach is unknown.

 

Be vigilant. Be strong. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by https://unsplash.com – Erfan Parhizi

 

ClientTether.com Breach Alert

ClientTether.com Breach Alert

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The website, ClientTether.com has been affected.

 

ClientTether is an automated CRM and lead engagement sales automation platform. Users can send personalized text messages, receive a phone call, and send an email within seconds. Entrepreneur Magazine has recognized this popular website as a Top Franchise Supplier for 2020. Over 750,000 users have been impacted since the November 2020 breach origination date. The type of data exposed includes email, phone, name, address and gender.

 

If you have visited ClientTether.com or have engaged in business activity with this company, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

Romwe.com Breach Impacting 23 Million

Romwe.com Breach Impacting 23 Million

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The website, Romwe.com, has been affected.

 

Romwe is a Chinese fashion retailer founded in 2008. Headquartere in Nanjing, China, Romwe deals with a wide range of trending fashion items for men, women and children. The breach date was July 2020 and impacts 23 million people. The type of data exposed includes email, password and telephone number.

 

If you have visited the romwe.com website or have engaged in business activity with this company, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

 

Veteran Data Exposed in Recent Breach

Veteran Data Exposed in Recent Breach

Last month the Department of Veterans Affairs (VA) Financial Services Center reported that the personal identifying information (PII) of more than 46,000 veterans had been stolen. Social security numbers may have been included in the hack. The VA Financial Services Center is in process of alerting impacted individuals via mail.

 

If you are a veteran (or next of kin of a deceased veteran), we suggest that you be on the lookout for any signs of fraud.

 

– Continue to watch your credit and individual account statements for activity that you have not initiated.

 

– Do not respond to any emails, phone calls or direct messages from anyone saying that they are from the VA Financial Services Center. The VA will contact anyone impacted via mail only.

 

Please reach out to us immediately if you have any questions or concerns about this alert. Be smart. Be vigilant. Be strong. As always, we are available for you and your family members 24/7/365 at 888.966.GUARD (4827) or memberservices@guardwellid.com.

 

Photo credit: Photo by Samuel Branch on Unsplash

Websites with Compromised Data on the Dark Web

Websites with Compromised Data on the Dark Web

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The websites listed below have been affected. If you have visited these websites or have engaged in business activity with any of these companies, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

 

– apollo.io

– appen.com (formerly crowdflower.com)

– scentbird.com

– swvl.com

– promo.com (previously slide.ly)

– mathway.com

– truefire.com

– ggumim.co.kr

– dave.com

– chatbooks.com

– hurb.com

– liveauctioneers.com

– kreditplus.com

– execupharm.com

– dunzo.com

– verifications.io

– catho.com.br

– bhinneka.com

– wattpad.com

– gigasize.com

– netsential.com

 

 

The Quick Rise of Phishing Scams – Do Not Click!

The Quick Rise of Phishing Scams – Do Not Click!

Many of us have been experiencing much more free time on our hands, which is great if you enjoy the sport of fishing, have a pile of books to read or Netflix shows to catch up on. Unless you are on the front line, life, as we know it during this pandemic, has forced the majority of us to slow down.

 

Our ‘new normal’ environment is a breeding ground for scammers to take advantage of you and your identity. Last month we wrote several blogs that specifically discussed the various types of coronavirus scams we had been witnessing. Check out Coronavirus Scams Are on the Rise, And More Coronavirus Scams, and Working From Home Cybersecurity Tips if interested in a quick refresher course or two.

 

Over the last two weeks we have seen a 70% increase in email phishing scams during this pandemic, which has undoubtedly touched every facet of our lives. These phishing scams may come across as emails and/or posts promoting coronavirus awareness. These messages will often offer prevention tips on how to stay well, what the symptoms of the virus may include and what to do in case you or a family member feel ill. Some are even creating fake “cases” of COVID-19 in your neighborhood so you feel more inclined to help out. They also may be asking you to donate to victims, offering advice on unproven treatments, or contain malicious email attachments. Don’t fall for any of it … but, in case you do, we suggest that you read our blog from October 2019 Accidentally Clicked on a Phishing Link – Now What?.

 

Today our advice is very simple: If you are not 100% certain of the origin of the email and/or link that you are being asked to click on … DO NOT CLICK. If for some reason you accidentally do click, there are some imperative steps to take to alleviate harm to you and/or the network you may be connected with:

 

– Try not to panic. This happens to everyone. Antivirus and anti-malware will come into play and you will need to have a full system scan. But first …

 

– End the session immediately by turning off Wi-Fi, unplugging from an ethernet cable or completely shutting down all of your devices.

 

– Initiate a back up of your files. Since you won’t be connected to the internet at this point, you won’t be able to accomplish this to the cloud. Having an external drive, DVD or thumb drive are always nice to have on hand during times like these.

 

– Change your login/password to email account(s) and enable two-factor authentication if this hasn’t already occurred.

 

– If you are employed by a company or organization, reference your manual and let your network administrator know of the potential issue.

 

– After all is said and done, check your antivirus/anti-malware software and run a full scan.

 

Being informed of what steps you may need to take before a slip up happens can help ease the potential damage (and your stress level) if it does. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and memberservices@guardwellid.com.

Zoombombing … the New Social Distancing Phenomenon

Zoombombing … the New Social Distancing Phenomenon

Video calls have gone from a novelty to a necessity practically overnight. The term ‘social distancing’ and the app, Zoom, have both become household names as millions of people are being forced to stay home to help stop the spread of COVID-19. The desire to stay connected with our loved ones and friends during this difficult time has sparked creative ways to virtually stay social through video birthday parties, happy hours, trivia nights, yoga sessions, and even weddings. CNBC reported this week that “the [Zoom] app has been the top free app for iPhones in the United States since March 18 … daily users spiked to 200 million in March, up from 10 million in December.”

 

Before the COVID-19 pandemic, Zoom, a privately-held company headquartered in San Jose, CA, was used mostly for web conferencing webinars. Now it is being used by 90,000 schools across 20 countries. But, there are online security issues with the app and school districts have started to ban Zoom because of them. Why? Because of ‘Zoombombing,’ a phenomenon where uninvited guests (pranksters) join Zoom calls and broadcast porn or shock videos. How? Due to Zoom’s default settings, which don’t require a password to set a meeting and allow any participant to share their screen. Most Zoom meetings have a public link that, if clicked, allow anyone to join.

 

The Verge just reported that “Zoom adjusted their default settings for education accounts last week in an effort to increase security and privacy for meetings.” They also noted, “For everyone else, you’ll need to tweak your Zoom settings to ensure this never happens.” The process isn’t very simple…

 

If you schedule a meeting from the web interface, you won’t see the option to disable screen sharing. Instead:

 – Click on “Settings” in the left-hand menu

– Scroll down to “Screen Sharing” and under “Who Can Share?” click “Host Only”

– Click on “Save”

 

If you forget to change the setting before you start your meeting, there’s a way to modify your settings after it starts:

 – Once your Zoom meeting is running, click the caret to the right of the green “Share Screen” button in the center of the bottom row of icons

– Click “Advanced Sharing Options”

– A dialog box will pop up allowing you to switch screen sharing availability from all participants to the “Only Host”


Yes, these are very confusing times. Stay strong and please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 888.966.GUARD (4827) and memberservices@guardwellid.com.

 

 

 

Working from Home Cybersecurity Tips

Working from Home Cybersecurity Tips

Coronavirus has forced millions of Americans to work remotely from their homes. Although working from home helps with social (physical) distancing by preventing the spread of COVID-19, there are many new challenges that have come with teleworking. For example, many states have closed schools for weeks, and for some, the entire rest of the school year. Parents may be juggling work while their children are learning remotely. You may find yourself becoming an expert with practicing mindfulness along with new software and conferencing programs, such as Zoom and GoToMeetings (or if you aren’t, your children blessedly are).

 

As we are being forced to slow down the pace of everyday life, we recognize that a lot of good can come out of this time. But, on the other side of the coin, there is the growing opportunity for cybercriminals to trick us into forking over passwords during this learning transitional period. Reuters reported last week that “some researchers have found hackers masquerading as the U.S. Centers for Disease Control and Prevention in a bid to break into emails or swindle users out of bitcoin, while others have spotted hackers using a malicious virus-themed app to hijack Android phones.” Our blogs last week provided some details on these new scams.

 

The Federal Trade Commission (FTC) has some tips to help protect your devices and personal information while working from home:

Start with cybersecurity basics. Keep your security software up-to-date. Use passwords on all your devices and apps. Make sure the passwords are long, strong and unique. The FTC suggests using at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters.

Secure your home network by starting with your router. Turn on encryption (WPA2 or WPA3), which scrambles information sent over your network so outsiders can’t read it. If no WPA2 or WPA3 options are available with your current router, considering replacing your router altogether.

Keep an eye on your laptop and make sure it is password-protected, locked when you aren’t using it and secure. We suggest that it is never unattended, such as out in plain sight in a vehicle. Even if your doors are locked, windows can easily be broken.

Securely store your physical files. Strong physical security is an important part of cybersecurity. If you don’t have a file cabinet at home that is lockable, consider using a locked room. Read this blog by the FTC to learn more tips about physical security.

Dispose of sensitive data securely. Invest in a shredder if you don’t already have one. Throwing paperwork you no longer need in the garbage or recycling bin can be a treasure for a pirate especially if it includes personal information about customers, vendors or employees.

Follow your employer’s security practices. Since your home is now an extension of your office, make sure that you understand the protocols that your employer has implemented.

 

Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 888,966.GUARD (4827) and memberservices@guardwellid.com.

.