Websites with Compromised Data on the Dark Web

Websites with Compromised Data on the Dark Web

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The websites listed below have been affected. If you have visited these websites or have engaged in business activity with any of these companies, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

 

– apollo.io

– appen.com (formerly crowdflower.com)

– scentbird.com

– swvl.com

– promo.com (previously slide.ly)

– mathway.com

– truefire.com

– ggumim.co.kr

– dave.com

– chatbooks.com

– hurb.com

– liveauctioneers.com

– kreditplus.com

– execupharm.com

– dunzo.com

– verifications.io

– catho.com.br

– bhinneka.com

– wattpad.com

– gigasize.com

– netsential.com

 

 

COVID-19 Unemployment Identity Theft Cases on the Rise

COVID-19 Unemployment Identity Theft Cases on the Rise

The COVID-19 pandemic has changed the entire employment image in America. Have you or a loved one needed to reach out to your state unemployment office due to being out of work (or experiencing a massive reduction in work hours)? As if that process wasn’t difficult enough! Unfortunately, many have experienced the shock and dismay when their unemployment claim is turned down for benefits due to a duplicate application. It is happening … and way too often. Hackers live for mankind’s vulnerability, especially during trying times like this.

 

We understand that it’s hard to know what you need to know especially during immense stress. The following are the five most common unemployment scams that we would like for you to be aware of:

 

Phishing email scams. Be wary of a sender you don’t know even if there are familiar logos visible in the email. Just because the email says it’s coming from your former employer’s CEO, doesn’t mean that it is legit. Verify the sender via phone before you trust the information that they are providing. If no one is available to verify it via a call … it’s a scam.

 

Debit and direct deposit card scams. Hackers know that states may use debit cards or payments via direct deposit to deliver benefits to you. If you are asked to provide personal identifying information (PII), such as date of birth, social security number, and/or bank account information before you actually apply for a card … it’s a scam. We have seen unemployment debit card scams that end up charging the victim for inactivity.

 

Fake phone call scams. The Department of Labor suggests to only use official government websites and phone numbers to file a claim for unemployment benefits. If someone calls you before you reach out for help … it’s a scam.

 

Jobseeker scams. If anyone is interested in hiring you immediately because you are the “perfect” candidate for a position you haven’t sought out … it’s a scam.

 

Fake job board website scams. If a website asks you to pre-register and give them your bank account information for your first paycheck … it’s a scam.

 

Here are some tips to help avoid unemployment benefit scams:

 

– Do not respond to unsolicited emails and texts. A state will not try to reach you and certainly won’t via text message.

 

– Do not click any type of website link even if it looks like it’s from one of your financial institutions. Scammers are really sneaky. Read our blog Do Not Click! for more information.

 

– Monitor your accounts closely. If an identity thief has enough information to apply (and receive) your benefits, it’s a pretty solid bet that they have information on your other accounts. Update your passwords, which is a step to take even not during a pandemic.

 

– Help keep your PII safe by making sure you’re dealing with a legitimate government representative.

 

 

Interested in learning how to file unemployment benefits in your state? Check this map, select the state where you worked, and you will be directed to the appropriate contact information. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and memberservices@guardwellid.com.

 

Tips to Lower Your Fraud Risk this Tax Season

Tips to Lower Your Fraud Risk this Tax Season

It’s tax season! For some, preparing and filing taxes is an hour or two-long process; for others, it’s a week or more. By year-end, the majority of us know if we will owe or if we are due to receive a refund … it’s just a matter of how much … and we are happy that everything is completed once tax season is over. Things don’t typically go awry, but tax-related fraud does happen. Knowing how to lower your risk and knowing what to do if it does occur to you, will help prevent the lasting damages to your wallet and credit score.

 

Let’s say for this example that you will be receiving a refund. Imagine looking forward to getting that money so you can pay off those holiday bills or plan that special vacation you’ve been day-dreaming of (or perhaps both if you’re lucky). After preparing your taxes, you happily press “send.” But then WHAM! … your return is rejected by the Internal Revenue Service (IRS) because they already received one for you. How could that happen and what do you do if it does?

 

Tax identity theft is when someone uses a stolen Social Security number (SSN) to file a tax return. You may be wondering, “Why would someone want to do this if I will actually owe taxes?” Even if you aren’t expecting a refund, you are still at risk. Thieves can enter fake income using your SSN in order to trick the IRS into giving a refund but, instead of that money going to you, it is actually wired to the criminal’s account. Even though the IRS has made significant efforts to help stop fraud cases in their tracks in recent years, it still happens.

 

Is tax fraud preventable? No. Are there steps you can take to help reduce your risk? Yes.

 

– Time is of the essence. Prepare and file your return as quickly as possible before someone else does it for you.

 

– Protect your personal identifying information (PII) by: 1) shredding documents that you do not need for tax preparation; 2) keeping your SSN card in a safe deposit box; 3) taking any outgoing mail to your local post office (do not put any mail with PII in your own mailbox – even though federal mail theft is a felony, it still happens); 4) getting your mail as soon as possible after it is delivered; 5) not responding to a phone call asking for or requesting that you confirm any PII (the IRS and legitimate companies will not initiate contact with you for this information unless you have reached out to them first); 6) not opening email attachments or clicking on any links that are not familiar to you; and 7) keeping your personal devices on lockdown unless you are using them (utilize firewalls and keep your anti-virus protection software up-to-date).

 

– If you think your PII has already been compromised, consider putting a free fraud alert on your credit file. There are two options: 1) an initial fraud alert, which is free and will last 90 days or 2) an extended fraud alert, which can be $10 or more but can last up to seven years.

 

– Be aware of the latest scams. Read our blogs on the topic: New Year Scam 2020 Style and Scams, Scams and More Darn Scams

 

– Actively monitor your accounts. You can access your tax account history (and see if someone has already filed for you) at https://www.irs.gov/.

 

– Get a trustworthy tax preparer. There are people who pose as tax preparers as well as online filing services that may promise you a bigger refund and/or may make questionable deductions for you in order to increase their fee. If you are seeking professional help, make sure it is from a certified tax professional or certified public accountant.

 

If your tax return is rejected due to being a ‘duplicate,’ an Identity Theft Affidavit (IRS Form 14039) should be filed as soon as possible to let the IRS know that someone else is using your identity. Contact Guard Well’s Member Services at 1.888.966.GUARD (4827) immediately if needed. A team member is always available 24/7/365. You can also email us at memberservices@guardwellid.com. Happy filing!

 

 

New Year Scam 2020 Style

New Year Scam 2020 Style

It’s not just a new year … it’s a new decade. Not quite the ‘Age of Aquarius’ type of timestamp, but a new decade brings hope and positivity for our families and futures. It’s around this time in mid-January that many of us realize, “Hey, that exercise plan I agreed to do on January 1st at 12:06 am, that was just an example, not something I actually have to do on a daily or weekly basis and certainly not for the next ten years!” By the way, the same goes for those clean eating goals, too. If you can eat clean four or even five out of seven days, you’re likely in the bonus.

 

On average it takes about two months for a new behavior to become a habit (or if you are a supporter of the 21/90 rule, it may take a bit longer). Why is this a topic in our blog? Because how we write the year out today is going to have to break an old habit of abbreviating it, as many of us have done for the last nine years. The simple truth is that scammers are trying to forge our documents when we just write ’20’ instead of ‘2020.’

 

As reported by CNN’s Harmeet Kaur, “When the year 2020 is abbreviated on official forms and documents, those looking to exploit unsuspecting people can easily manipulate those numbers and leave people potentially vulnerable to fraud.” Auditors and police departments around the country have been notifying the public that when you write a date on a document, to not shorthand the year 2020 to just ’20.’ A document dated 1/4/20 can easily be changed to 1/4/2021 by adding two numbers at the end. Or, it could go the opposite way … a creditor could say you owed money from 2019 just by adding ’19’ after the ’20.’

 

Just putting forth a little effort in writing 2020 out in full, which will eventually become habit if done often enough, is a small step toward protecting you and your family from check or document fraud.

 

From the entire team at Guard Well, we wish you a wonderful, happy and prosperous 2020. If you suspect that fraud has happened to you, we are available 24/7/365 at 888.966.GUARD (4827) and memberservices@guardwellid.com.

 

Founder and CEO on iHeartRadio 700WLW Podcast

Founder and CEO on iHeartRadio 700WLW Podcast

On December 5, 2019, Guard Well Identity Theft Solutions Founder and CEO, E. Allan Hilsinger, was interviewed by Rocky and Rachel on Cincinnati’s News Radio 700WLW. Topics discussed during the ten-minute segment (51:50 to 60:52) include the risk of living in a technologically advanced society, what a digital footprint is and how to reduce the risk of your data being collected and sold online.

 

Hilsinger remarked, “We all have a social security number. We are all at risk. If you haven’t already been victimized by identity theft or identity fraud, it’s going to happen. It’s a sad reality…” He stated that there are 3.5 million Google searches every minute and 4.3 billion Facebook posts every day “…all of that information is being collected and sold.”

 

What can be done to help reduce this risk? Hilsinger suggested the following in the podcast:

– Be careful about what information you put on social media. For example, remove your birthdate from your Facebook account.

– When you search online, do it privately. Don’t allow cookies if possible when looking at websites.

– Try not to share your location with Google Maps.

– Inactivate and delete any old email accounts.

– Search for your own name on Google and see what pops up. If your name is listed on People Search or People Finder, you can submit a request for them to pull your information down.

 

Hilsinger also discussed a service site called DeleteMe.Com that will facilitate users in deleting their presence on other sites and will provide information on privacy laws in multiple countries to better educate the users on their rights in relation to data privacy.

 

To listen to the full podcast, visit https://www.iheart.com/podcast/eddie-rocky-20799661/episode/rocky-and-rachel-12519-53509284/?fbclid=IwAR2zfrqzsSc8c08pB3-YOiBR6WH3k3jszEVWPJytlzSlnyvJ3qVihPD7j6c

Keeping Your Holidays Happy and Fraud-free

Keeping Your Holidays Happy and Fraud-free

Yes, it’s that wonderful time of year. The holidays are quickly approaching … and at lightning speed! Will you be traveling to see family in the next few weeks? Or, maybe you’ll be skipping off to a great vacation instead of decking the halls? Whatever your plans are, having time off of work, fun with friends and family, and hopefully a few days of laziness … are wonderful to look forward to. But, when we are caught up in the excitement about buying those last-minute gifts (or sunscreen and new flip-flops), we need to remember that there are some other ‘things to do’ on our checklist to help keep our family and identities safe during this special time of year.

 

In addition to stopping the mail, finding that special neighbor with a green thumb to water your plants, and arranging for pet care for your fur babies, there are some pre-trip actions that you can take to help prevent identity theft from becoming a huge holiday memory. Just some small preventative measures, such as updating the operating system and antivirus software on your mobile devices, can go a long way toward fending off a few identity thieves. Below are some tips for what you can do before you leave home, as well as while you’re away and after your return.

 

Before you leave home:

– Password protect your devices and update operating systems

– Alert your bank(s) about your travel plans

– Visit your post office and put your mail on a vacation hold

– Keep the number of credit cards you travel with to a minimum and have copies of your driver’s license, medical id cards, passports and travel confirmation numbers at home in a safe place

– Turn off auto-connect Wifi and Bluetooth connections

– Consider adjusting your social media account settings so posts aren’t tagged with GPS data

 

While out of town:

– Avoid using public Wifi and even your hotel’s if at all possible

– Do not use public computers

– Keep your travel documents in a hotel safe

– Log out of websites on your smart phone and any websites if you bring a laptop or other device with you on your trip

 

Upon your return home:

– Consider changing passwords for your major accounts

– Thoroughly go through your account statements for any irregularities

– Check your credit report to make sure no new accounts were opened in your name while you were away

 

We hope you have a wonderful holiday vacation. If you suspect identity theft or fraud, please contact us immediately at 888.966.GUARD (4827) or email memberservices@guardwellid.com. Day or night, we’ve got your back and will always be open for you.

Scams, Scams and More Darn Scams

Scams, Scams and More Darn Scams

Did you know that there are at least 48 different types of identity theft and the number of scams involved in each is growing daily? Romance scams, residence scams, utility scams, employment scams, telephone scams, email scams, charity scams, Apple care scams, AirBNB scams, PayPal scams, census scams, ticket scams, government scams, medical scams, insurance scams, real estate scams, investment scams, lottery and sweepstakes scams … there really isn’t one facet of our lives that isn’t ‘scam-able.’ As the weather turns colder, it kind of makes you want to curl up under an electric blanket and hibernate for a bit doesn’t it!

 

Although everyone with a social security number is at risk for identity theft, there are two groups that are targeted more often: children and seniors. The U.S. Department of Health & Human Services has studied why. They explain, “Children are targeted to establish a ‘clean slate.’ Seniors are targeted over the telephone and through phishing scams. Some studies suggest that people become more trusting as they age, which helps to explain why it’s more difficult for older adults to detect fraudsters.”

 

The next high-risk group that follows children and seniors are the military mostly due to deployment, which impacts their ability to respond to a threat in a timely manner. According to the Federal Trade Commission, military consumers are most affected by credit card and bank fraud. Another high-risk group is identity theft repeat victims. As reported in Consumer Affairs, “people who have previously been affected by identity theft are at a greater risk for future identity theft and fraud.” According to the Center for Victim Research, “7-10% of the U.S. population are victims of identity fraud each year and 21% of those experience multiple incidents of identity theft.”

 

Lastly, the deceased are targeted. Stealing a dead person’s identity, commonly known as “ghosting,” will often go unnoticed by surviving family for months or years. A report dating from 2012 stated that 2.5 million deceased American identities are stolen each year. Of those 2.5 million stolen identities, 800,000 were used to open lines of credit or get a mobile phone plan.

 

Fraudsters oftentimes repeat their favorite most lucrative scams, which are driven by major financial life moments, such as taxes and holiday shopping. Yes, it’s getting to be that time of year, and, guess what … the world’s largest online retailer, Amazon, is seeing a huge increase in fake Amazon.com order cancellation scams. If you receive an email about an order cancellation from Amazon, there’s a good chance it’s a scam. Click on links in the email and you could unintentionally download malware onto your device. Or you might be sent to a site that aims to collect your Amazon account information, like your username and password. If you receive such an email and recently placed an order, go to Amazon.com directly to check your order status.

 

Most of our blogs offer tips to help protect yourself and your family from identity theft. There is one tip in this blog: Remain aware of scams and that they can touch every facet of your life. By staying in-the-know, you can help every month be National Cybersecurity Awareness month … not just October.

 

If you suspect that you or a loved one has suffered identity theft, please reach out to us as soon as possible. Our Guard Well member services team is available around the clock, every day of the year. Email memberservices@guardwellid.com or call 888.966.GUARD (4827) for help.

SIM Swap Attack – the New Hijack

SIM Swap Attack – the New Hijack

Imagine no texting, no service, and no data for a minute. Yikes! Halloween or not, the lack of being able to connect is a very scary thought and it can happen to any of us due to a tiny piece of plastic called a SIM card. There is a SIM (subscriber identity module) in every mobile device and it is what connects the user to a cellular network. Unfortunately, there is a wide-spread SIM swap hack that allows a thief to hijack your cell number.

 

Also known as a port out scam, simjacking, swim swapping, and SIM splitting … this latest scam can wreak havoc in all of your accounts associated with your mobile phone number. Everyone with a cell phone is at risk of this type of takeover. The PEW Research Center, a nonpartisan organization based in Washington D.C., reported this year that 96% of Americans have a cellular device and 92% of them go online daily. Considering that there are approximately 330 million Americans, that’s a pretty large target market from a hacking standpoint. No one is immune. A number of high profile attacks have occurred via Instagram and Twitter. The website wired.com reported that Twitter CEO Jack Dorsey’s own twitter account was hacked via this method this year.

 

What is a SIM Swap?

This type of scam is an account takeover fraud. It targets a weakness in two-factor authentication and two-step verification in which the second factor (step) is either a text message or a call placed to a mobile telephone. This is achieved by the fraudster impersonating the victim using personal details to appear authentic and claiming that they have lost their phone. The victim’s phone will then lose connection to the network and the fraudster will receive all the SMS and voice calls intended for the victim. This allows them to intercept any one-time passwords sent via text or telephone calls sent to the victim, and thus to circumvent any security features of accounts (such as bank accounts, social media accounts, etc.) that rely on text messages or telephone calls.

 

Damage from a SIM swap can have a snowball effect. Since the scammer would be armed with your login credentials, not only can they steal your money, take over your email and social media accounts, but they can lock you out of them all and open up a new cellular account in your name … or buy that new phone you’ve been eyeing for months but won’t have the joy of using yourself.

 

Is a SIM swap preventable?

No. It’s impossible to completely prevent someone from gaining access to your phone number through a SIM swap due to the fact that the scam requires no misstep on your part (such as clicking on a bogus link). All the scammer needs to do is convince your carrier that they are you and to transfer your phone number to their SIM. As described by Michael Grothaus with Fast Company, “There’s nothing inherently shady with doing a SIM card swap. If you lose your phone or your SIM card is damaged, for instance, you might go to a mobile carrier store or even call up customer service to have your number transferred to a new SIM.”

 

Even though you can’t prevent a swap from happening to you, there are ways to make it more difficult for a scammer. Grothaus suggests to use an authenticator app such as Authenticator by Google, Microsoft AuthenticatorLastPass Authenticator, and 1Password. A single authenticator app can handle all your authentication codes no matter how many different accounts you use.

 

Other courses of action you can do to help prevent a swap include:

– Limit the personal information you share online. Identity thieves will find information to answer the security questions you may have set up to verify your identity. For example, if one of your security questions is, “What is my high school mascot?” and you list your high school name on your Facebook account and that information is not on a private setting, it’s not difficult for a good sleuth to figure out your mascot’s name.

– Set up a PIN for your cellular account and do not share it with anyone.

– Do not reply to calls, emails and SMS messages that could be a phishing attempt to request your personal data. Make sure to read our blog “Accidentally Clicked on a Phishing Link – Now What” to get up-to-speed on phishing scams.

 

The Federal Trade Commission offers a few tips on what to do if you suspect that you’ve been swapped:

– First, contact your cellular service provider immediately to take control of your phone number. After you re-gain access to your phone number, change your account passwords.

– Check your banking, credit card and insurance statements for unauthorized charges or changes to your profile.

– Call your identity theft resolution provider. A Guard Well Member Services team professional is always on hand for you 24 hours a day, seven days a week and every day of the year … yes, even Halloween. There are enough tricks flying around. Here’s to receiving a treat this year!

 

 

Capital One Breach Alert – 100 Million Impacted

The Wall Street Journal reports that this latest massive consumer data breach stands to be one of the worst for U.S. consumers because of the type of financial information that was accessed. The hacker accessed personal information of Capital One credit card customers and applicants in the U.S and 6 million in Canada. “This valuable consumer financial information can be used to figure out the identities of the most creditworthy or affluent consumers and open a card or loans in their name.” READ MORE

 

Take Action
Though Capital One says login information wasn’t compromised in this hack, reusing old passwords is a major security vulnerability. We suggest that you immediately:

– Change your passwords

– Set up two-factor authentication

– Closely monitor your credit card activity and credit reports

We Are Here to Help!
Please contact our 24/7/365 Member Services team at 888.966.GUARD (4827) if you think you may have been a victim. You can also visit our website and click on Let’s Talk, where you can:

– Schedule an in-person meeting or call

– Make a payment

– Send us a file

– Leave us your comments

– Access your account

– Click-to-call Member Services immediately

Guard Well Founder and CEO Panelist in HR Forum Discussion

Guard Well Founder and CEO Panelist in HR Forum Discussion

On Thursday, June 13, 2019 the Cincinnati Business Courier hosted a live panel discussion with industry experts concerning the ongoing changes and critical issues impacting Human Resources. The panel covered a a variety of topics including workforce issues around employee engagement, retention strategies, organizational development, compensation, benefits and educating tomorrow’s business leaders. Our Founder and CEO, E. Allan Hilsinger, was among three of the panelists. Other industry experts included Deirdre Bird, Director of HR Consulting, VonLehman CPA & Advisory Firm and Brian Dershaw, Partner, Taft, Stettinius & Hollister LLP.

 

You can read the entire discussion HERE.