Keeping Your Holidays Happy and Fraud-free

Keeping Your Holidays Happy and Fraud-free

Yes, it’s that wonderful time of year. The holidays are quickly approaching … and at lightning speed! Will you be traveling to see family in the next few weeks? Or, maybe you’ll be skipping off to a great vacation instead of decking the halls? Whatever your plans are, having time off of work, fun with friends and family, and hopefully a few days of laziness … are wonderful to look forward to. But, when we are caught up in the excitement about buying those last-minute gifts (or sunscreen and new flip-flops), we need to remember that there are some other ‘things to do’ on our checklist to help keep our family and identities safe during this special time of year.

In addition to stopping the mail, finding that special neighbor with a green thumb to water your plants, and arranging for pet care for your fur babies, there are some ‘before your trip’ actions you can take to help prevent identity theft from becoming a huge holiday memory. Just some small preventative measures, such as updating the operating system and antivirus software on your mobile devices, can go a long way toward fending off a few identity thieves. Below are some tips for what you can do before you leave home, as well as while you’re away and after your return.

Before you Leave Home:

– Password protect your devices and update operating systems. Add multi-factor authentication where available.

– Alert your bank(s) about your travel plans.

– Visit your post office and put your mail on a vacation hold.

– Keep the number of credit cards you travel with to a minimum and have copies of your driver’s license, medical id cards, passports and travel confirmation numbers at home in a safe place.

– Turn off auto-connect Wifi and Bluetooth connections.

– Consider adjusting your social media account settings so posts aren’t tagged with GPS data. Best practice is to avoid posting vacation pics while on vacation.

While Out of Town:

– Avoid using public Wifi and even your hotel’s Wifi if at all possible.

– Do not use public computers

– Keep your travel documents in the hotel room safe.

– Log out of websites on your smart phone and any websites if you bring a laptop or other device with you on your trip.

Upon Your Return Home:

– Consider changing passwords for your major accounts.

– Thoroughly go through your account statements for any irregularities.

– Check your credit report to make sure no new accounts were opened in your name while you were away.

 

We hope you have a wonderful holiday season! If you suspect identity theft or fraud, please contact us immediately at 888.966.GUARD (4827) or email [email protected]. Day or night, we’ve got your back and will always be open for you.

Gamers Hit with Social Engineering Attack

Gamers Hit with Social Engineering Attack

Our security teams have recently discovered that Shadow.tech, a cloud computing service developed by the French company Blade and later acquired by OBHcloud founder Octave Klaba in 2021 has been breached. Its technology is based on Window 10 server executing video games or other Windows software applications remotely. The breach origin date is October, 2023 and involves the data of 545,013 account users including their email addresses, full names, physical addresses and birth dates.

The public acknowledgement of the company states that they were a victim of a social engineering attack targeting one of their employees. Shadow.tech CEO said, “This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of an employee, himself, a victim of the same attack.” Learn More

If the term ‘social engineering attack’ is new to you … you are not alone.

Social engineering is a type of cyberattack that uses psychology to obtain personal identifying information (PII). It is impossible to prevent. This type of attack is a huge threat to cybersecurity because it begins on a very personal level with each victim. It invokes fear. It invokes urgency. If the device is being used for gaming and is part of a corporate network, login credentials can be compromised and harming of the network can occur.

Social engineering attacks can include many different formats: whaling, honeytrapping, tailgating … If you or a family member are into the gaming industry specifically, these are four social engineering attacks you need to be on the lookout for:

– Phishing: fraud, impersonation and old-fashioned blackmail.

– Baiting: fraudsters use fake websites, such as for not legit gaming add-ons and so-called “freebies.”

– Pretexting: this is a newer term and format. It includes a fabricated identity (or situation) where a victim may need to divulge PII. Example types of of impersonation could be a talent agency, a law enforcement officer, a major sweepstakes company.

– Spear Phishing: this is a very targeted email attack on specific employees (or sometimes organizations as a whole).

Tips:

– Only click on URLs that begin with https.

– Enable multi-factor authentication when available.

– Use a spam filter.

– Use a pop-up blocker.

– Do your research and check if a website or contact is legit.

– Never insert a USB into your device unless you know and trust exactly who it is from.

– If a request comes in and is marked URGENT, that is a red flag that it could be a scam.

Learning and following best cybersecurity practices are essential to safeguarding your PII. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: bermix-studio-wJ7atxTNeQE via unsplash.com

Nationwide Cyberattack Paralyzes Auto Dealerships

If you have been trying to buy a car this summer, you might have hit a snag or two. Dealerships have had to go back to good old fashioned pen and paper to complete deals after their operations suddenly came to a complete halt. What happened? Hackers targeted CDK Global, a software company that 15,000 car dealerships nationwide rely on. The back-to-back ransomware attacks occurred in mid-June but car dealerships are still recovering from having their operations paralyzed for about ten days. The good news is that dealerships do not think that customer private information has been stolen but that has not been confirmed. We will notify you if our teams find any data sets related to this attack on the dark web.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Ticketmaster Entertainment, LLC is an American ticket sales and distribution company based in Beverly Hills, California with operations in many countries around the world. In 2010, it merged with Live Nation under the name Live Nation Entertainment. Ticketing giant Live Nation confirmed this summer that it has been the victim of a cyber attack. We have just learned that the breach origin date is May 20, 2024. Personal data from over half a billion users have been exposed. Data stolen can include full names, addresses, email addresses, birth dates, credit card type, the last four digits and credit card expiration dates used for ticket sales. Learn More

We suggest that you protect yourself by doing the following if you have a Ticketmaster account:

– Change your password immediately and frequently. Although it might be easier to remember, try to resist the urge to use the same password across multiple accounts.

– Utilize two-factor authentication when it is available.

– If solicited online, never share any personal identifying information or financial account numbers. Only give out information to an individual you know or a company that you are 100% certain about.

This is definitely not the first time Ticketmaster has made the news. If you have a Swiftie in the household, you likely already know the debacle surrounding Ticketmaster and Taylor Swift’s Eras tour that started in 2022. If you are interested in the timeline of the chaos, check out People’s article of events. Learn More

Now is not the time to let your guard down. Knowledge is power. Being informed of what steps you may need to take can help ease the potential damage (and your stress level) if your identity has been compromised. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: Erfan Parhizi via unsplash.com

UPDATE from Ticketmaster – July 3, 2024: Ticketmaster has contacted those who may be affected. They state via email that they “take the protection of personal information very seriously.” They explain that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider. Based on their investigation, they determined that the unauthorized activity occurred on May 27, 2024. They note that they are working to mitigate risk to their users and the company, and have notified and are cooperating with law enforcement and regulatory authorities.

ALERT: Toll Smishing Text Scam – Do Not Click!

ALERT: Toll Smishing Text Scam – Do Not Click!

The Ohio Turnpike and Infrastructure Commission, the FBI and SunPass are warning drivers of a text message smishing scam that requests payment for unpaid tolls. The FBI is recommending that if you receive a message like the one shown below, to take the following actions:

– Do not click the link in the text.

– Contact the FBI’s Internet Crime Complaint Center, also known as IC3, at www.ic3.gov, and include the phone number the text came from and the website listed within the text.

– If you have an EZ-Pass or SunPass account, check it via their legitimate website and let them know about the text.

– Delete the smishing text you received.

– If for any reason you accidentally clicked the link in the text and made a payment, contact your financial institution immediately to help secure your personal information and financial accounts. Contact our Member Services team at 1.888.966.4827 (GUARD) or email [email protected].

Screenshot image of a sample scam on an iphone

Being informed of what steps you may need to take before a slip up happens can help ease the potential damage (and your stress level) if it does occur. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 1.888.966.4827 (GUARD) and [email protected].

AT&T Breach Alert: 73 Million Impacted

AT&T Breach Alert: 73 Million Impacted

Our security teams have recently discovered that AT&T, one of the main US telecommunications companies, has suffered an enormous data breach. Data from 73 million current and former customers has been leaked on the dark web. In August, 2021, the company originally said that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. Although the hacking date remains unclear, one in five Americans have now been impacted. Data exposed include name, address, date of birth, phone number and social security numbers.

The company stated that it is not yet known whether the data originated from AT&T or one of its vendors. The company added that “currently AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set.” The company said that it is reaching out to customers to reset their account pass codes and is also urging customers to remain alert about changes to their accounts or credit reports. LEARN MORE

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Image courtesy credit: Marcus Spiske via unsplash.com

Consumer Fraud Losses Top $10 Billion

The Federal Trade Commission (FTC) recently released data showing that consumers reported losing more than $10 billion to fraud in 2023. This marks a 14% increase over reported losses in 2022. Fraud data came from 2.6 million consumers last year, nearly the same as 2022. Consumers reported to the FTC that they lost more money to investment scams – more than $4.6 billion – than any other category in 2023. The second highest loss category was imposter scams with losses of nearly $2.7 billion.

The following is a breakdown of the top frauds reported:

– Imposter scams (in business and government impersonators)

– Online shopping scams

– Prizes, sweepstakes and lottery scams

– Investment scams

– Business and job opportunity scams

The method scammers reportedly used to reach consumers most commonly was via email, which has displaced text messages. Phone calls are now the second most reported contact method. LEARN MORE

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Help Spread the Word: Identity Theft Awareness Week

Help Spread the Word: Identity Theft Awareness Week

Welcome to Identity Theft Awareness Week. January 29th to February 2nd, otherwise known as #IDTheftWeek, exists to spread resources so you and your loved ones can stay ahead of identity thieves. Whether you’re a business owner, a young adult, a service member, an older adult or someone caring for a senior, understand that knowledge is power and identity theft knows no boundaries.

With tax season right around the corner, it is especially important to know that one of the biggest signs of identity theft is when you are unable to file your tax return because someone else has already filed one using your personal identifying information (PII). Other signs of identity theft include seeing unfamiliar transactions on one of your accounts and/or seeing new accounts you didn’t open on one of your credit report checks.

Here are five tips from the Federal Trade Commission (FTC) to help protect your identity:

– Read your credit card and bank statements carefully. If there is something that you don’t recognize, check into it. Even though you might have dreamed about a Louis Vuitton handbag, chances are you would know if you purchased one and certainly wouldn’t be footing the bill if you didn’t.

– Know your payment due dates. If a bill you pay regularly, such as your electric or water bill, doesn’t appear in your mailbox (or inbox), contact the provider immediately. The last thing you want is to have anything shut off in the dead of winter or an energy bill that is three times what you were expecting.

– Shred any documents that contain your PII, medical or financial information. Many national chains provide shredding services if you don’t own a personal shredder. Check out your local UPS store or FedEx Office for options.

– Review each of your three credit reports at least once a year. Visit our credit report check for more information.

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Photo courtesy credit: Dylan Gillis via Unsplash.com

 

How to Spot a Scam with Children’s Health Insurance

How to Spot a Scam with Children’s Health Insurance

The cost of health care has skyrocketed in the United States. The very topic is as stressful as it is expensive. Did you know that the United States is the highest spending country on healthcare worldwide? In 2021, total health expenditure exceeded four trillion dollars with per capita health expenditure at $12,555.30. Statista Research recently reported that expenditure as a percentage of Gross Domestic Product (GDP) is projected to increase to approximately 20% by 2030.

During the pandemic, each state’s Medicaid Children’s Health Insurance Program (CHIP) helped millions of families with the cost of healthcare. With the end of the pandemic, states are reaching out to update Medicaid enrollments and scammers are already taking advantage of the situation. CHIP won’t ask you to pay to renew … but scammers will.

Here is what you need to know:

– CHIP won’t charge you to renew or enroll. They may reach out to you via email, phone or text but they will NOT ask you to pay, for any of your personal financial information and especially your credit card number or bank account information.

– Do NOT click! Even if it looks like a message is from your state’s Medicaid agency, if there is anything clickable in a message, assume it is scam and visit medicaid.gov to get contact information for your state’s Medicaid agency.

– Utilize healthcare.gov to complete insurance plans, find coverage and see if you are eligible. The website will ask you for your monthly income and age to give you a quote.

– Understand that medical discount plans are NOT insurance plans. Scammers will pitch discount plans to entice you and make you think they are the same as insurance.

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Source: Federal Trade Commission

Photo Credit: Courtesy of Charles Deluvio via unsplash.com

NortonLifeLock Password Manager Tool Hacked

NortonLifeLock Password Manager Tool Hacked

NortonLifeLock has notified their customers that hackers have breached their Password Manager accounts. This latest breach dates back to December 2022 when thousands of customers were told that their accounts were compromised. Just recently, the parent company of NortonLifeLock, Gen Digital (formerly Symantec Corporation), reported that “the likely culprit was a credential stuffing attack.” This type of attack involves credentials that had previously been exposed or breached being used to break into accounts on different websites that share the same password.

By far, password protection is critical for online safety. Enabling multi-factor authentication (MFA) and having exceptional password hygiene habits are great practices to follow. For example, every account that requires a password should have their own unique, complex and random password. Try to avoid using combinations that utilize information that could be connected to your social media accounts, such as a loved one’s birthday or a pet’s name. Hackers are well-known to comb their intended victims’ social media accounts.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of https://unsplash.com/@flyd2069.