Pandemic Related Hazards Tsunami

Pandemic Related Hazards

I am urging all of you to be aware of an escalating number of pandemic related hazards. There is a full menu of scams, fraud and financial challenges lurking. Fraudsters are having a field day exploiting the uncertainties caused by the Coronavirus outbreak – COVID-19. They are using your fear and vulnerability as a weapon.

Here’s some examples of what these criminals are up to: From price gouging that’s preventing purchases of critical supplies, to fake products – promising cures; from loan payments to travel cancellations, from work-at-home schemes to Government Imposters seeking your personal information. AND – that’s just the tip of the iceberg!

Surviving Pandemic Related Hazards
In the meantime – Educate Yourself

How to Protect Yourself from the Coming Pandemic Related Hazards

  • Hang up on robocalls. Scammers are using illegal robocalls to pitch everything from fake coronavirus treatments to work-at-home schemes.
  • Ignore online offers for vaccinations and home test kits. At this time, there is no cure or vaccination for COVID-19, and there are no FDA-authorized home test kits. Visit the FDA’s website to learn more.
  • Do not respond to texts or emails about checks from the government from contacts you do not know. If someone tells you they can get you money immediately, it is a scam.
  • Do not click on web links from unfamiliar sources. These links could download viruses onto your computer or device.
  • Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For reliable and up-to-date information and updates, it is always best to visit the CDC’s website or the World Health Organization’s website.
  • Do your research before donating to charities claiming to help with COVID-19 efforts. Be wary of donations that require payment in cash, by gift card, or by wiring money.

If you think you are a victim of any of these pandemic related hazards involving COVID-19, you can report it without leaving your home through a number of platforms:

Some Additional Tips

Please know that government, the IRS and businesses have policies in place that are rapidly changing. Therefore, if you are seeking the latest policy of a particular entity, it is best to directly check their website rather than clicking on links in emails or attachments.

Government imposters have begun calling about COVID-19 relief. Imposters will call victims and suggest that you may qualify for a Government grant, but you have to verify your identity to process your request. Variations of the scheme involve contacts through text messages and social media posts.

Scams Coming About Stimulus Checks

IRS Pandemic Related Hazards
DON’T TAKE THE BAIT

The IRS is warning taxpayers of a tsunami of calls and phishing attempts about COVID-19 Stimulus checks. These contacts can lead to tax-related fraud and identity theft.

Scammers will suggest that you can get your Stimulus check faster if you share personal details like your Social Security number and banking information and also require you to pay a “processing fee”. DON’T TAKE THE BAIT!

Stimulus checks are free money provided from the Government. You do NOT need to spend money to receive your check. There are no short-cuts – even for a fee. The IRS will deposit your check into the direct deposit info you entered on your tax return or alternatively they will mail you a check.

The IRS will never call you or ask you to verify payment details.  Do not give out your bank account information, your debit or credit card number, or your PayPal payment details to someone who contacts you unsolicited.

The IRS has a webpage with information about the COVID-19 Stimulus payments that is updated quickly whenever new information is available. Here is the link

It’s impossible for me to cover all of the upcoming pandemic related hazards. However, the details listed above are a good refresher, especially for those who have been reading my prior articles. Remember that recognizing the red flags is one of the best weapons against scams and fraud.

You can read my prior article about Coronavirus Phishing Emails here.

I wish you and your loved ones all the best. BE SAFE OUT THERE.

ANTI-ROBOCALL BILL

Finally, an Anti-Robocall Bill

As we celebrate the New Year, we can add another thing that is cause for celebration. Last Thursday, lawmakers passed the Anti-Robocall Bill!  It now awaits the President’s signature to become law.

“The U.S. Senate today sent Americans a holiday gift on everyone’s list: stopping the plague of robocalls,” said Sen. Ed Markey, a Massachusetts Democrat who introduced the legislation with Sen. John Thune, a South Dakota Republican.

All I can say is: Its About Time!!!

Americans received a staggering amount of robocalls in 2019. There were 49 billion calls placed. More robocalls have been placed in the first 10 months of 2019, than in all of 2018!

Anti-Robocall Bill

It’s been a five year battle to take back our phones from these incessant robocallers. The new law will hopefully put a larger dent in the number of calls received. It will decrease millions of ‘spoofed’ robocalls and crack down on spammers who intentionally violate the rules against calling us.

The organization, Consumer Reports (read more here) played a big role in the movement to make the Anti-Robocall Bill finally become a reality. They were instrumental in rallying millions of consumers to send emails, sign petitions, initiated letter writing campaigns and they even held a consumer lobby day.

Consumer Reports Anti-Robocalls Bills

GOOD NEWS & BAD NEWS

The Good News: The bill will make it easier for consumers to identity robocalls using a number-authentication system. The Bad News: It will still take awhile for the number of intrusive calls to decline.

The Anti-Robocall bill requires all telephone systems in the U.S implement a coordinated authentication methodology to improve the accuracy of the caller-ID displayed on our phones. In other words, the bill requires phone companies to offer free call-blocking apps that will verify that the number calling you is real. That’s been an issue, because fraudsters now use fake ‘spoofed’ numbers to look as though they’re coming from the IRS or others to trick you.

Robocaller
DON’T ANSWER IT! SEND IT TO VOICEMAIL

The Federal Communications Commission (FCC) said that phone companies can now block unwanted calls without getting customers’ permission first, which could help increase the use of phone-blocking apps. The agency has said it expected the deployment of a new phone-number system to begin this year. Many major phone companies have already begun rolling it out, but to work well, all carriers must adopt it.

The Anti-Robocall bill also strengthens enforcement tools against robocallers, by giving the FCC more opportunities to fine them. It also brings together different government agencies and state attorneys general to help combat the problem.

The phone industry trade group, USTelecom, applauded the bill’s passage, saying it “will supercharge” the fight against robocallers.

I have written prior articles about Robocalls that you can read here and another one here.  My advice is simple. Never believe what you see on your caller-ID, only answer calls from numbers you recognize, hang up on robocalls or let them go to voicemail.

Wishing a Happy 2020 to all my readers.

Deceased Identity Theft – Victimizing the Dead

Deceased Identity Theft is on the rise. Identity thieves will go to great lengths to steal personal information. But how low are they willing to go? They will steal information from the recently deceased.

Assuming the Identity of a Deceased Person Can be a Profitable Venture

Victimizing the dead by stealing their identity is often referred to as ‘Ghosting’. Understand that Identity Theft happens in a variety of ways – including Tax ID Theft, Medical ID Theft, Financial ID Theft and Employment Fraud. Ghosting can encompass any or all of these different types of ID theft.

Deceased Identity Theft
You Must Protect Your Loved Ones

Here are some examples of what these criminals can do with the information stolen from a recently deceased person. File phony tax returns, apply for loans, establish fraudulent credit accounts, create fake driver’s licenses, apply for employment and file false medical claims. Ghosting can also result in creditors coming after the heirs of a deceased loved one or create problems with their estate.

How Do Thieves Get the Information?

Identity Thieves often glean a deceased person’s information from the Social Security Administration’s Death Master File. The Social Security Administration (SSA) maintains a national file of reported deaths for the purpose of paying appropriate benefits. The Death Master File contains the following information: Social Security number, name, date of birth, date of death, State of last known residence, and zip code of last lump sum payment. This information is a virtual gold mine for an identity thief!

In addition, relatives and funeral directors also notify States of recent deaths and then the States notify the SSA. When the SSA receives a death notice, it will flag the deceased person’s Social Security number as “inactive.”

Keep in mind that thieves can also glean a deceased person’s information from hospitals, funeral homes, social media and obituaries.  Because it can take weeks or months to process a death, thieves have plenty of time to commit fraud before it is ever detected.

Signs of Deceased Identity Theft

Calls from a creditor or collection agency on an account opened or used in the deceased’s name after death. If you discover such signs, contact the affected creditor or collection agency in writing, explaining that the account was opened or used fraudulently. Surviving spouses and children can also be liable if they shared accounts with the deceased.

Deceased Identity Theft Stolen Info
Freeze Out the Thieves

Reduce the Risk of Deceased Identity Theft:  

  • Send copies of the death certificate to all three credit bureaus asking them to flag the person’s credit report with the following alert: “Deceased – Do Not Issue Credit”.
  • Request a copy of the credit report of the deceased person with all three credit bureaus. You’ll need to do this in writing. The report will list all active credit accounts. Be on the lookout for any questionable activity.
  • Place a credit freeze with each of the three credit bureaus to stop thieves from opening any new credit accounts in the name of the deceased.
  • Send the IRS a copy of the death certificate to prevent Tax ID Theft. The IRS will then flag the account to reflect that the person is now deceased. Go to irs.gov and enter “Deceased Taxpayers” in the search box.
  • Notify banks, credit card companies, loan holders, financial institutions and mortgage holders to close any accounts. Also notify medical professionals and health insurers too.
  • Notify the Motor Vehicle Department to take their Driver’s License out of circulation.
  • Avoid putting too much information in an obituary. Don’t give a birth date, current address, mother’s maiden name or other identifying information that could be useful to identity thieves. The same goes for social media.

It is devastating for a grieving family to have to go through the process of proving to various agencies that their loved one is indeed dead. The emotional impact of unwinding the mess, stalls the grieving process for the family. Therefore, once a loved ones passes away, it’s important to designate someone to take immediate action to help secure their personal information from these heinous criminals.

If you want to know more about how to place a credit freeze, read this

DARK WEB MONITORING

Dark Web Monitoring – Is It Worth The Cost?

Consumers are coughing up anywhere from $10 to $30 per month for identity theft protection. Credit monitoring companies usually include dark web monitoring to their list of services. But is dark web monitoring really worth its salt? Consumers are under the false assumption that they can rely on these credit monitoring companies to keep them protected. THEY CAN’T!

Results of a recent survey by Consumer Federation of America (CFA)

~ 36% of those who’d seen ads for dark web monitoring incorrectly believed identity theft services can remove their personal info from the dark web.

~ 37% mistakenly believe dark web monitoring services will prevent stolen information, sold on the dark web, from being used.

Dark Web Monitoring

What is the Dark Web?

It is the go-to place on the internet where criminals buy and sell stolen personal information. Well known, commonly used internet browsers such as Google Chrome, Firefox or Mozilla won’t get you there. You need a special browser such as Tor. Most of this stolen information is gleaned from criminals that hack into compromised businesses and personal computers. Here’s what these nefarious actors are after: social security numbers, credit card info, usernames & passwords, bank account info, medical info, birth dates, email addresses, names, addresses, phone numbers, etc., etc.

REALITY CHECK!

No one can erase any of the stolen data that ends up on the dark web. No one can prevent your stolen data from being sold or used. Therefore, credit monitoring companies are only able to ‘alert’ you (after the fact) once they discover that your personal info is up for sale on the dark web.

If you’re wondering whether or not your personal info is on the dark web, the answer is YES, of course it is. You don’t need to pay a credit monitoring service to learn that! Hackers stole nearly a half a billion records in 2018 alone!

The Equifax data breach exposed the social security numbers, birth dates and other personal info of 148 million Americans. About 6.4 million records are reported stolen every day. If you’re still not convinced, and want to see the raw data, go here for real time data breach statistics.

Odds are very high that your info has already been bought and sold to numerous criminals on the dark web. You can’t change your social security number or date of birth. With so much of everyone’s info already compromised, individuals must do everything they can to make it more difficult for criminals to use that stolen data.

Does Dark Web Monitoring Have Any Value?

Security experts say dark web monitoring is just a scare tactic used by credit monitoring companies. Fear of the unknown motivates people. Neal O’Farrell, executive director of the Identity Theft Council  says it’s all really “just a smoke and mirrors deal” created by credit monitoring services to justify the monthly fee. O’Farrell states “They keep adding on these extra services that are truly valueless and don’t go to the cause of the problem”.

6 Important Things To Protect Yourself

1.) Check your credit report regularly with all 3 credit bureaus. By law you are entitled to a free annual report from Equifax, Trans Union and Experian. All three companies must provide a free credit report to you, upon request. So, NO EXCUSES – It’s FREE!  Stagger your requests throughout the year by requesting one credit report from one company, three different months during the year.

2.) Place a “Freeze” on your credit file with all three credit bureaus. There is no cost to freeze your credit. So, again, no excuses! Placing a credit freeze prevents a fraudster from obtaining credit in your name. A credit freeze is much more secure than the credit monitoring packages being sold by the credit bureaus and other credit monitoring companies such as LifeLock. Also, don’t let the credit bureaus try to talk you into placing a “Credit Lock” instead of a Credit Freeze”. Credit Locks do not have the same consumer protections that a Credit Freeze provides.

3.) Use two-factor authentication as a secondary firewall to prevent criminals from impersonating you. Also referred to as “2FA” – Two-Factor Authentication is an extra layer of security that requires not only a username and password, but also something that the user has on them like an email address or a cellphone that a code can be sent to. This proves that you are who you claim to be before you can obtain full access to your account.

4.) Use stealth and long passwords (at least 12 or more characters) that are hard to crack. The best passwords are phrases mixed in with symbols, numbers and upper & lower case letters. Don’t use obvious things like, mother’s maiden name, birth dates, addresses, phone numbers or any info that can be gleaned from your social media account. NEVER use the same password for other log-ins. Why? If your password is compromised, a criminal will try using that password to log-in to other websites, like banks, PayPal, Amazon and other commonly frequented websites. Also, be sure to change passwords every so often, especially if you learn of a data breach that affects a website or an account you have with a company.

5.) Monitor your accounts whenever your bank and credit card statements arrive. Be sure to also check your Explanation of Benefits for medical services. Correct any errors you find and report any discrepancies.

6.) Keep your software updated and back up your data. Whenever there is an update available for your software programs, be sure to follow through and perform a timely update. Better yet, set your programs to update automatically. Make a habit of backing up your important files on a regular basis. Back up all files that you wouldn’t want to lose if your computer ever crashed.

There’s no 100% guarantee that following these steps will fully protect you from becoming a victim of identity theft, but it will certainly lower your chances.  Awareness and constant vigilance is paramount in this game of cat and mouse.

You can read a prior article I wrote about Credit Freezes here

Sweetheart Scams – Your Money Your Heart

Sweetheart Scams can hurt both your heart and your bank account.

The National Consumers League (NCL) is sounding the alarm about Sweetheart Scams. It is also referred to as the Romance or Friends Scam. Con Artists are swindling their victims out of millions of dollars. According to the NCL report, the average victim loses approximately $18,831. The group says that complaints to their organization about Sweetheart Scams have spiked upwards by 45%. That’s double the amount of complaints from 2017.

Sweetheart Scams
Don’t Let Someone You Love Get Duped

Con Artists are Masters of Persuasion

They prey on their intended victim’s powerful emotions. Examples of those powerful emotions are fear, greed, urgency, pride, loneliness and love. Realize that Love and Loneliness are two of the most powerful emotions on earth. Victims of Sweetheart Scams act on both of those emotions, rather than using reason. It’s as if the con artist has cast an impenetrable spell on their victim.

Con Artists are not looking for affection or a loving relationship

Their goal is to separate you from your money.  It’s also much easier now for them to pull off these romance scams because of the digital age.  Kindling a relationship with their victim can be a long drawn out process or it can happen fairly quickly.

It may begin with a phishing email, a contact on social media or when someone joins an online dating website such as Match.com.  The con artist will create a fake online profile that’s designed to lure you in. They will use a fake name and photo. They often falsely take on the identity of a trusted person such as a professional working abroad or someone in the military or perhaps an aid worker in a foreign country.

Realize that these con artists will strike up a relationship with not just you, but with hundreds of potential victims. Be especially wary if your new-found-friend or lover quickly asks you to move your conversations from the website’s messaging platform to your personal email or phone.

Eventually, that new special someone in your life will convince you to send them money to pay for some kind of emergency. They may even ask you for money so they can travel to visit you.  Either way it’s a trap!

Younger people claim they would never fall for this type of scam, but the statistics say otherwise. Con artists work to gain the victim’s trust and separate them from their support system. Victims are so convinced that they have found their true love, that they will even put themselves in harm’s way. One woman, a teacher, flew to Jamaica to meet her lover and was murdered in the process.

The elderly population also seems to be vulnerable to the Sweetheart Scam. Many of them have suffered a painful loss, like the death of a spouse or other family member. Many of them live alone and are yearning for companionship or love. Con artists easily manipulate and swindle people who are in such an emotional state of mind.

Keep in mind that when money is sent via a gift card, MoneyGram, or a prepaid debit card it is untraceable and you will never get your money back!

Scams-of-the-heart are especially egregious, because victims are hurt both emotionally and financially.  To read the National Consumers League article on this topic go to:  https://www.nclnet.org/romance_scams

SYNTHETIC IDENTITY THEFT

According to the Federal Trade Commission, 80 to 85% of all identity fraud stems from Synthetic Identity Theft. Fictitious identities are created when an Identity thief creates a fresh new identity using elements of valid and/or fabricated forms of personal information.

As an example – a thief with a stolen valid Social Security number will combine it with a fake name, address and date of birth to create a brand new identity.  Because a valid Social Security # is used, there is no actual victim or true identity behind this false combination of identity elements.

Synthetic Identity Theft

 

Once Created – The Mischief Begins!

The merger of this real and fake personal data is then used to commit criminal, medical or financial fraud. Once an ID thief creates a new synthetic identity, they will attempt to apply for loans, credit or a job; get medical services, obtain cellphone service or even use the synthetic ID if they get arrested.

Remember that this newly created identity still contains your social security # as the main component and source of reference. Therefore, it becomes part of a fragmented or sub-file to your main credit file.

Additionally, fraud alerts, credit freezes and credit monitoring services will not indicate that anything is amiss. These usual protective measures do not stop Synthetic Identity Theft.

Unfortunately, the massive Equifax data breach, reported in September of 2017, exposed the valid social security numbers of nearly 148 million Americans. Realize also that those stolen social security numbers have already been purchased by criminals on the dark web – in underground black markets. Unfortunately, you cannot change your social security number!

 

What are Banks and Credit Card Companies Doing to Combat This?

Financial institutions understand the need to use any and all tools available to stop synthetic identity theft. They’re using advanced analytics, device intelligence and monitoring of underground websites. Credit Bureaus utilize tools that are able to detect when identity elements appear to be used inconsistently. They have developed analytical scores that help them determine whether a Social security # and identity belong to the right person.

A new federal law should also make it easier for creditors to verify ownership of a Social Security # with the Social Security Administration – which should help them verify that credit applicants actually exist.

 

THERE’S NO SILVER BULLET – BUT THESE STEPS MAY HELP

  • Only use an identity theft monitoring service that includes dark web monitoring. The service will check for personal identity elements, such as a SSN, that may have been exposed in a recent data breach.
  • It’s still worth placing a credit freeze with all three of the credit bureaus. Credit Freezes are now FREE in all 50 States as of September, 2018. Here’s is a previous article of mine explaining how to place a freeze
  • Get your free credit report at annualcreditreport.com from one of the three credit bureaus and check to see that there hasn’t been any unauthorized accounts opened.
  • A child’s SSN is often used to create Synthetic ID Theft. So, be sure to also place a credit freeze for your minor children as well.
  • National databases hold the key to discovery of Synthetic ID Theft. The DMV, insurance companies, data brokers, employers, prison or police records may all contain synthetic identities that include your social security number. Use a credit monitoring service that checks national databases.

 

Synthetic identity theft is a complicated and growing problem because it’s hard to detect and prevent this type of fraud. Once these synthetic identities are created, they become ‘verifiable’ identities and can therefore pass traditional security checks.

Unfortunately, it’s going to be up to you to be ever diligent if you want to protect yourself in the age of rampant fraud and deception.

DISASTER CHARITY SCAMS

DISASTER CHARITY SCAMS  Good Intentions – Bad Outcome

Beware of disaster charity scams! Fraudsters – posing as reputable Charitable Organizations – have been out in full force to trick you into making donations, to help victims of disasters.

Criminals always take advantage of kind-hearted, well-intentioned people who want to help after a disaster makes headline news. All of us need to be vigilant, because disaster charity scams will always appear to be totally legitimate.

Disaster Charity Scams
When Disaster Hits Watch Out For Fake Charities

Disaster Charity Scams normally start with unsolicited contacts in several ways. The scammer will contact their possible victim by telephone, social media, email solicitations, or at your door.

Then scammers use a variety of tried-and-proven tactics to lure information out of people. Donors should not give out personal financial information to anyone who solicits a contribution. This includes things like Social Security #, passwords or credit card and bank account numbers. You must always do your homework first.

Disaster Charity Scams Are Abundant
Always Do Your Research First!

THINGS YOU NEED TO KNOW:

  • Thieves pretend they are from a familiar sounding charity. Their goal is to get money or personal financial information from unsuspecting donors.
  • Bogus websites use names that are the same name or a similar name of a legitimate charity. Emails that appear to come from a real charity will always provide a link that will take you to a fraudster’s bogus website.
  • Scammers may even try to get you to provide your social security number, claiming they need it for your receipt or for tax reporting. This is a falsehood! Never give a charity your SS#.
  • Always go directly to the source when making a charitable donation. Don’t trust strangers at your door, telemarketers on the phone or emails with links that will lead you to a fake charity website that appears legitimate.
  • Always contribute by check or credit card to have a record of your donation. Never make a donation with cash, a pre-paid debit card, bank wire, or an iTunes or Amazon gift card.
  • You can check out whether a charity is legitimate by going to www.charitynavigator.org or www.charitywatch.org  If the charity is not on the list, then beware!
  • Scammers may even claim to be working for ― or on behalf of ― the IRS. The thieves tell disaster victims they can help them file casualty loss claims to get big tax refunds.
  • The IRS website allows taxpayers to use their Tax Exempt Organization Search to help find or verify qualified charities. Donations to these qualified charities may be tax-deductible.
  • Contact any organization you’re considering, and ask for the charity’s address, phone number and financial records. Consider how much of your donation will go to the program you want to support, and how much will cover administrative costs. Legitimate groups will gladly provide information about their mission and how your donation will be used. If a charity is unwilling to provide you with such information, be suspicious!

ANGLER PHISHING NEWEST PHISHING TACTIC

ANGLER PHISHING – Beware of the Newest Tactic!

Phishing is a term used to describe a common tactic used by identity thieves to gain access to your personal information. It happens when a criminal attempts to lure or entice their victim into clicking on a link or opening an attachment in a text message, a social media message or in an email. If the victim complies, they are directed to provide personal information or even worse, the victim’s computer will become infected with Malware or Ransomware! Angler Phishing usually happens on social media.

ANYONE CAN FALL FOR IT

If a criminal already has any personal information about you or your family (gleaned from a data breach or social media site) they can put together a well-designed Phishing email. They will provide you with a reason to have to click on the link. Here’s an example: “Your daughter Lisa fell and hit her head at school today. Please click here to contact us for additional information”.

Angler Phishing Mssages

    Never Click on Email or text links on social media messaging inbox

Similarly, Spear-Phishing is an even more laser-focused Phishing attempt. For example, criminals will target the emails of employees in a company’s Human Resources Department. These Spear-Phishing emails are used to get payroll information to glean the Social Security numbers of the company’s employees.

NOW THERE’S A NEW PHISHING TACTIC

It is referred to as Angler Phishing. It begins when you as the customer, becomes upset with the service you received at a company you just did business with.  So, you post an angry comment about your experience on your social media account. Soon thereafter, you get a text or email response – which appears to have come from the company you posted a complaint about. The ‘customer service’ rep at the company offers to help you resolve their problem. The trap is now set!

You don’t realize that the person who contacted you is really a fraudster who read your post and is now impersonating the company you complained about. The fraudster attempts to lure you into clicking on a link to directly connect you with a customer service rep at the company. If you comply, then merely clicking on that link can result in you downloading Malware or Ransomware. Alternatively, the provided link will connect you to a fake customer service rep, who asks for personal information in order to reimburse you or resolve your issue. The Fraudster will then use your personal information to commit identity theft.

You MUST always be wary!

Angler Phishing usually happens on social media. So, make it a habit to NOT respond to any communications you receive through social media, because it is difficult to verify the legitimacy of the contact. If you receive a message from a company you complained about, contact the company directly or go to the company’s website instead of clicking on the link that is provided to you.

 

ANOTHER THING YOU NEED TO KNOW

When it comes to Angler Phishing, there’s another aspect you may not have given much thought to. It’s another part of ANY customer service situation. Never rely on a Google search to locate a customer service telephone number for a company. Some companies do NOT even have a customer service number to call them. They instead force you to go to their website to resolve an issue. Realize that the customer service number that you just found on Google may not really be the company’s legitimate customer service number. The number you found may be a scammer who set up a phony customer service number for that company. Then, when you call the number, the Imposter will phish for your personal information.  Then, the theft of your information will unfortunately make you a victim of Identity Theft!

TIPS:

  • NEVER click on links or open attachments in emails, text messages or your social media messaging inbox unless you substantiated its legitimacy  
  • Be wary of any unsolicited posts on social media
  • Never give your personal information to a stranger
  • Always do your research first – “Don’t Trust until you Verify” directly from reliable sources before engaging with anyone on social media.  
  • Log in to a company’s website by typing their web address into your internet browser – instead of clicking on links that could be tainted.
  • Be sure to have virus and malware protection on all your devices
  • Always keep your software updated – set them to automatically update

 

REPEAT AFTER ME…

NEVER EVER click on links or open attachments in emails, text messages or your social media messaging inbox.  99.9% of the time, they are tainted links. It is referred to as click-bait messages. Click-Bait is designed to entice you – with an urgent important message – that prompts you to click on a link – to remedy the situation.  

Phishing attacks come in two parts. First there’s the tempting click-bait email. Next the link in the message takes you to a look-alike fake website the scam artist controls.

When it comes to Identity Theft, I can’t stress enough how important it is to refrain from clicking on any links or opening up any attachments in an email unless you are 100% certain that it’s legitimate or if you initiated the contact. Criminals will never stop Phishing – so please – DON’T TAKE THE BAIT!

Read another one of my articles about Phishing here.

IRS TAX SCAMS

Taxpayers CAN protect themselves from IRS Tax Scams – If they know what to do…

Knowledge is power, especially when it comes to avoiding IRS Tax scams. Here’s what taxpayers need to know to determine whether an encounter — in person, over the phone, by text or by email — is an imposter or an actual IRS employee:

IRS TAX SCAMS
Be Suspicious of IRS Calls, Texts or Emails

The IRS Does Not:

  • Call to demand immediate payment using a specific payment method, such as a prepaid debit card, gift card or wire transfer.
  • Demand taxpayers pay taxes without the opportunity to question or appeal the amount owed.
  • Threaten to bring in local police, immigration officers or other law enforcement to have someone arrested for not paying.
  • Threaten to revoke someone’s driver’s license, business licenses or immigration status.

The IRS Does:

  • In general, first mail a bill to any taxpayer who owes taxes.
  • Normally initiate contact with taxpayers through mail delivered by the United States Postal Service.
  • Present official identification when visiting a taxpayer. Taxpayers have the right to see these credentials, and – if they would like – the representative will provide them with a dedicated IRS phone number for verifying the information and confirming their identity.
  • Call or visit a home or business under certain circumstances. This includes when a taxpayer has an overdue tax bill, to secure a delinquent tax return or a delinquent employment tax payment, or to tour a business as part of an audit or criminal investigation. Even then, taxpayers will generally receive several letters from the IRS in the mail first.
  • Assign certain cases to private debt collectors, but only after written notice is given to the taxpayer and their appointed representative.
  • Offer several payment options. Payment by check should ALWAYS be payable to the U.S. Treasury and sent directly to the IRS, instead of a private collection agency.

IRS Tax Scams Use PHISHING Attempts:

Phishing Emails
Don’t Click on Email or text links!

Thieves often pose as IRS employees to get victims to turn over their personal information using Phishing techniques. Phishing is typically carried out through unsolicited emails or calls. Just remember that the IRS does not call, text, or email you. They communicate via a letter sent to you in the mail.

IMPORTANT TIPS:

  • Never click on links in emails or text messages from anyone claiming to be from the IRS.
  • Hang up the phone if someone claiming to be from the IRS calls you and don’t believe what you see on your caller ID. The # can be spoofed.
  • You can forward suspicious IRS emails to phishing@irs.gov
  • Forward text messages as-is to the IRS at 202-552-1226. If possible, in a separate text to the IRS, forward the originating number of the sender to the same IRS # 202-552-1226.
  • Visit the IRS identity protection page for more info on steps to take to protect your info.
  • You can read a prior article I wrote about IRS Phone Scams here.