NortonLifeLock Password Manager Tool Hacked

NortonLifeLock Password Manager Tool Hacked

NortonLifeLock has notified their customers that hackers have breached their Password Manager accounts. This latest breach dates back to December 2022 when thousands of customers were told that their accounts were compromised. Just recently, the parent company of NortonLifeLock, Gen Digital (formerly Symantec Corporation), reported that “the likely culprit was a credential stuffing attack.” This type of attack involves credentials that had previously been exposed or breached being used to break into accounts on different websites that share the same password.

By far, password protection is critical for online safety. Enabling multi-factor authentication (MFA) and having exceptional password hygiene habits are great practices to follow. For example, every account that requires a password should have their own unique, complex and random password. Try to avoid using combinations that utilize information that could be connected to your social media accounts, such as a loved one’s birthday or a pet’s name. Hackers are well-known to comb their intended victims’ social media accounts.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of https://unsplash.com/@flyd2069.

Twitter Data Breach Alert

Twitter Data Breach Alert

Just recently our security teams have found that Twitter, a popular social media service, has been breached. At least 5.4 million accounts have been compromised. The breach origin date is July, 2022 and data exposed includes name, phone number, email address and account holder user IDs.

Twitter acknowledged publicly that they received a report through their bug bounty program of a vulnerability in Twitter’s systems in January 2022. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email address or phone number was associated with, if any. Twitter then explained that the bug resulted from an update to their code in June 2021. When Twitter learned about this, they immediately investigated and fixed it. Twitter announced that at that time, they had no evidence to suggest someone had taken advantage of the vulnerability. Twitter has said that it would directly notify every account owner it could confirm was affected by the exposure. In the meantime, it is highly suggested to add two-factor authentication.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come.

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Bermix Studios via unsplash.com.

Keeping Your Holidays Happy and Fraud-free

Keeping Your Holidays Happy and Fraud-free

Yes, it’s that wonderful time of year. The holidays are quickly approaching … and at lightning speed! Will you be traveling to see family in the next few weeks? Or, maybe you’ll be skipping off to a great vacation instead of decking the halls? Whatever your plans are, having time off of work, fun with friends and family, and hopefully a few days of laziness … are wonderful to look forward to. But, when we are caught up in the excitement about buying those last-minute gifts (or sunscreen and new flip-flops), we need to remember that there are some other ‘things to do’ on our checklist to help keep our family and identities safe during this special time of year.

 

In addition to stopping the mail, finding that special neighbor with a green thumb to water your plants, and arranging for pet care for your fur babies, there are some ‘before your trip’ actions you can take to help prevent identity theft from becoming a huge holiday memory. Just some small preventative measures, such as updating the operating system and antivirus software on your mobile devices, can go a long way toward fending off a few identity thieves. Below are some tips for what you can do before you leave home, as well as while you’re away and after your return.

 

Before you leave home:

– Password protect your devices and update operating systems

– Alert your bank(s) about your travel plans

– Visit your post office and put your mail on a vacation hold

– Keep the number of credit cards you travel with to a minimum and have copies of your driver’s license, medical id cards, passports and travel confirmation numbers at home in a safe place

– Turn off auto-connect Wifi and Bluetooth connections

– Consider adjusting your social media account settings so posts aren’t tagged with GPS data

 

While out of town:

– Avoid using public Wifi and even your hotel’s Wifi if at all possible

– Do not use public computers

– Keep your travel documents in the hotel room safe

– Log out of websites on your smart phone and any websites if you bring a laptop or other device with you on your trip

 

Upon your return home:

– Consider changing passwords for your major accounts

– Thoroughly go through your account statements for any irregularities

– Check your credit report to make sure no new accounts were opened in your name while you were away

 

We hope you have a wonderful holiday vacation. If you suspect identity theft or fraud, please contact us immediately at 888.966.GUARD (4827) or email memberservices@guardwellid.com. Day or night, we’ve got your back and will always be open for you.

The Biggest Ransomware Attack Ever

The Biggest Ransomware Attack Ever

On Friday, July 2nd, an affiliate of the REvil gang (Russian-linked) infected millions of victims in at least 17 countries via the US IT software company Kayesa. Our cybersecurity team has learned that the company’s software was used to slip into victims’ systems, which they’re now holding hostage.

 

The hackers have demanded $70 million in cryptocurrency to end what is now the biggest ransomware attack on record. The attack was specifically timed for the 4th of July holiday weekend when most office workers would be out of office. As reported in The Washington Post, most of the 1,500 victimized organizations were public agencies and small businesses.

 

The ransomware attack “has temporarily shutdown hundreds of Sweden’s Coop grocery stores because the cash registers locked up. The full scope of the attack probably won’t be known for quite some time.” The Associated Press noted that “due to the potential scale of this incident, the FBI and CISA may be unable to respond to each victim individually.”

 

Unfortunately this is not REvil’s first attack. Last month, timed with the Memorial Day weekend, the group extorted $11 million from meat supplier JBS after forcing it to shut down all of its manufacturing facilities.

 

Please contact us 24/7/365 at 888.966.4827 (GUARD) if you have any concerns or suspect identity theft. Additionally, you can email memberservices@guardwellid.com. Day or night, we’ve got your back and will always be open for you.

 

Photo by Bermix Studio on Unsplash

RedDorz and Foxtons: Dark Web Fraud Alert

RedDorz and Foxtons: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are RedDorz.com and Foxtons.com.

 

RedDoorz.com is a Singapore-based hotel management and booking platform. Their breach size involves 5.8 million records: first name, last name, email address, password, gender, phone number, and date of birth. The origin date was September 2020.

 

Foxtons.co.uk is a British estate agency company dealing with both listings and sales. Alexander Hall is a subsidiary of Foxtons and provides mortgage services and advice since 1992. Their breach size involves 2.9 million records: first name, last name, email address, userid, and password. The origin date of this breach is unknown.

 

Be vigilant. Be strong. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by https://unsplash.com – Erfan Parhizi

 

Guard Well Awarded Most Promising Solution Provider – 2020

Guard Well Awarded Most Promising Solution Provider – 2020

Enterprise Security Magazine has once again recognized Guard Well Identity Theft Solutions in their CIOReview as one of the most promising Identity Governance and Administration Solution Providers. The magazine previously featured Guard Well’s Founder and CEO in their article Protecting Your Employees and Company Bottom Line.

 

Most firms have a considerable stockpile of end-of-life IT assets that are loaded with sensitive data and are quickly depreciating. The latest article in CIOReview, Guard Well Identity Theft Solutions: Shifting a Liability and Expense Into Profit, explains how companies are reaping the rewards from trusting the Guard Well data risk mitigation process.

 

Located in Cincinnati, OH, Guard Well has disrupted the enterprise data risk mitigation space with a new solution that wipes and certifies IT hard drives at no fee, repurposes the gear (which is the greenest solution available), and then shares the profit with the client. Guard Well partners only with organizations that use data eradication software endorsed by the Department of Defense (DoD) and which are HIPAA and FDIC compliant.

 

The CIOReview states, “Having achieved a resounding success in the months prior to the outbreak of COVID-19, Guard Well looks poised to create many more success stories in the area of enterprise risk mitigation.” To learn more, visit https://guardwellid.com/enterprise-data-risk-mitigation/.

 

Guard Well is available 24/7/365 at 888.966.GUARD (4827) or via email to memberservices@guardwellid.com.

Guard Well Introduces Three Bureau Credit Report & Score Center

Guard Well Introduces Three Bureau Credit Report & Score Center

Now more than ever, having the right identity theft protection in place is critical. “Cyberattacks, especially phishing scams, are on the rise and that means that identity theft rates are increasing as well,” remarks E. Allan Hilsinger, Founder and CEO of Guard Well Identity Theft Solutions. “Although identity theft is not preventable, it is key to be proactive and identify issues swiftly. This is why we developed the Guard Well Credit Report and Score Center.”

 

In order to assist Guard Well Members and the general public in being cyber smart, Guard Well’s new ‘a la carte’ feature will help save time and identify issues before they could potentially turn into huge problems.

 

To obtain your three-bureau credit reports and score, please visit the Guard Well website and click on the red button in the upper right-hand corner that says Get My Credit Report and Score. Or, visit www.guardwellcredit.com to view your reports and scores within seconds.

 

 

You do not have to be a Guard Well member to utilize this special feature. For a one-time fee of $19.95, you have access to all of your credit reports and scores within seconds. The process is clearly explained with easy to understand instructions to walk you through the activity quickly.

 

First, you will enter your personal information and then agree to Terms and Conditions. Then you will verify your identity by accurately answering the questions provided. On the next page, you will enter your credit/debit card payment information. Once submitted, all three credit bureau reports and scores (Experian, Equifax and TransUnion) will appear in seconds for you to review and print.

 

After you complete this process, reach out to us immediately if you notice anything unusual in your reports. Be smart. Be vigilant. Be strong. We are always available 24/7/365 if you ever have any questions or concerns. Call us at 888.966.GUARD (4827) or email memberservices@guardwellid.com.

 

Photo credit: Photo by Dylan Gillis via Unsplash.com.

 

 

 

 

Websites with Compromised Data on the Dark Web

Websites with Compromised Data on the Dark Web

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The websites listed below have been affected. If you have visited these websites or have engaged in business activity with any of these companies, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

 

– apollo.io

– appen.com (formerly crowdflower.com)

– scentbird.com

– swvl.com

– promo.com (previously slide.ly)

– mathway.com

– truefire.com

– ggumim.co.kr

– dave.com

– chatbooks.com

– hurb.com

– liveauctioneers.com

– kreditplus.com

– execupharm.com

– dunzo.com

– verifications.io

– catho.com.br

– bhinneka.com

– wattpad.com

– gigasize.com

– netsential.com

 

 

COVID-19 Unemployment Identity Theft Cases on the Rise

COVID-19 Unemployment Identity Theft Cases on the Rise

The COVID-19 pandemic has changed the entire employment image in America. Have you or a loved one needed to reach out to your state unemployment office due to being out of work (or experiencing a massive reduction in work hours)? As if that process wasn’t difficult enough! Unfortunately, many have experienced the shock and dismay when their unemployment claim is turned down for benefits due to a duplicate application. It is happening … and way too often. Hackers live for mankind’s vulnerability, especially during trying times like this.

 

We understand that it’s hard to know what you need to know especially during immense stress. The following are the five most common unemployment scams that we would like for you to be aware of:

 

Phishing email scams. Be wary of a sender you don’t know even if there are familiar logos visible in the email. Just because the email says it’s coming from your former employer’s CEO, doesn’t mean that it is legit. Verify the sender via phone before you trust the information that they are providing. If no one is available to verify it via a call … it’s a scam.

 

Debit and direct deposit card scams. Hackers know that states may use debit cards or payments via direct deposit to deliver benefits to you. If you are asked to provide personal identifying information (PII), such as date of birth, social security number, and/or bank account information before you actually apply for a card … it’s a scam. We have seen unemployment debit card scams that end up charging the victim for inactivity.

 

Fake phone call scams. The Department of Labor suggests to only use official government websites and phone numbers to file a claim for unemployment benefits. If someone calls you before you reach out for help … it’s a scam.

 

Jobseeker scams. If anyone is interested in hiring you immediately because you are the “perfect” candidate for a position you haven’t sought out … it’s a scam.

 

Fake job board website scams. If a website asks you to pre-register and give them your bank account information for your first paycheck … it’s a scam.

 

Here are some tips to help avoid unemployment benefit scams:

 

– Do not respond to unsolicited emails and texts. A state will not try to reach you and certainly won’t via text message.

 

– Do not click any type of website link even if it looks like it’s from one of your financial institutions. Scammers are really sneaky. Read our blog Do Not Click! for more information.

 

– Monitor your accounts closely. If an identity thief has enough information to apply (and receive) your benefits, it’s a pretty solid bet that they have information on your other accounts. Update your passwords, which is a step to take even not during a pandemic.

 

– Help keep your PII safe by making sure you’re dealing with a legitimate government representative.

 

 

Interested in learning how to file unemployment benefits in your state? Check this map, select the state where you worked, and you will be directed to the appropriate contact information. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and memberservices@guardwellid.com.

 

Tips to Lower Your Fraud Risk this Tax Season

Tips to Lower Your Fraud Risk this Tax Season

It’s tax season! For some, preparing and filing taxes is an hour or two-long process; for others, it’s a week or more. By year-end, the majority of us know if we will owe or if we are due to receive a refund … it’s just a matter of how much … and we are happy that everything is completed once tax season is over. Things don’t typically go awry, but tax-related fraud does happen. Knowing how to lower your risk and knowing what to do if it does occur to you, will help prevent the lasting damages to your wallet and credit score.

 

Let’s say for this example that you will be receiving a refund. Imagine looking forward to getting that money so you can pay off those holiday bills or plan that special vacation you’ve been day-dreaming of (or perhaps both if you’re lucky). After preparing your taxes, you happily press “send.” But then WHAM! … your return is rejected by the Internal Revenue Service (IRS) because they already received one for you. How could that happen and what do you do if it does?

 

Tax identity theft is when someone uses a stolen Social Security number (SSN) to file a tax return. You may be wondering, “Why would someone want to do this if I will actually owe taxes?” Even if you aren’t expecting a refund, you are still at risk. Thieves can enter fake income using your SSN in order to trick the IRS into giving a refund but, instead of that money going to you, it is actually wired to the criminal’s account. Even though the IRS has made significant efforts to help stop fraud cases in their tracks in recent years, it still happens.

 

Is tax fraud preventable? No. Are there steps you can take to help reduce your risk? Yes.

 

– Time is of the essence. Prepare and file your return as quickly as possible before someone else does it for you.

 

– Protect your personal identifying information (PII) by: 1) shredding documents that you do not need for tax preparation; 2) keeping your SSN card in a safe deposit box; 3) taking any outgoing mail to your local post office (do not put any mail with PII in your own mailbox – even though federal mail theft is a felony, it still happens); 4) getting your mail as soon as possible after it is delivered; 5) not responding to a phone call asking for or requesting that you confirm any PII (the IRS and legitimate companies will not initiate contact with you for this information unless you have reached out to them first); 6) not opening email attachments or clicking on any links that are not familiar to you; and 7) keeping your personal devices on lockdown unless you are using them (utilize firewalls and keep your anti-virus protection software up-to-date).

 

– If you think your PII has already been compromised, consider putting a free fraud alert on your credit file. There are two options: 1) an initial fraud alert, which is free and will last 90 days or 2) an extended fraud alert, which can be $10 or more but can last up to seven years.

 

– Be aware of the latest scams. Read our blogs on the topic: New Year Scam 2020 Style and Scams, Scams and More Darn Scams

 

– Actively monitor your accounts. You can access your tax account history (and see if someone has already filed for you) at https://www.irs.gov/.

 

– Get a trustworthy tax preparer. There are people who pose as tax preparers as well as online filing services that may promise you a bigger refund and/or may make questionable deductions for you in order to increase their fee. If you are seeking professional help, make sure it is from a certified tax professional or certified public accountant.

 

If your tax return is rejected due to being a ‘duplicate,’ an Identity Theft Affidavit (IRS Form 14039) should be filed as soon as possible to let the IRS know that someone else is using your identity. Contact Guard Well’s Member Services at 1.888.966.GUARD (4827) immediately if needed. A team member is always available 24/7/365. You can also email us at memberservices@guardwellid.com. Happy filing!