Where is My Stimulus Check

Where is my stimulus check, you ask?  The IRS has started automatically directly depositing stimulus checks – referred to as “Economic Impact Payments”. Keep in mind, these payments need to be made to nearly 140 million eligible Americans.

Where IS My Stimulus Check

Some of you may have already received your payment. Lucky you! But, if not, don’t fret. Remember that this is going to be a process to get these payments out to all 140 million Americans. According to CNN, about 60 million Americans are still waiting for their money.

Some people, who don’t usually file a tax return, will need to submit basic information to the IRS before they will receive their payment. The IRS is regularly updating the Economic Impact Payment and the Get My Payment tool frequently asked questions pages on IRS.gov  as more information becomes available.

Answers to the Most Common Questions:

How are payments calculated and where will they be sent?
If taxpayers have already filed their 2019 tax return and requested direct deposit of their refund, the IRS will use this information to calculate and send their payment. Those who didn’t provide 2019 direct deposit information or owed tax, can use the Get My Payment tool to provide account information or a payment will be mailed. For those who haven’t filed their 2019 return, the IRS will use their 2018 tax return to calculate the payment.

Payments will also be automatic for those who receive Social Security, railroad retirement or Social Security Disability Insurance (SSDI and SSI) and veteran’s benefits who don’t normally file a tax return.

However, to add the $500 per eligible child amount to these payments, the IRS needs the dependent information before the payments are issued. Otherwise, their payment at this time will be $1,200 and, by law, the additional $500 per eligible child amount would be paid in association with a return filing for tax year 2020.

What if the IRS doesn’t have the taxpayer’s direct deposit information?
If the IRS has not processed the taxpayer’s payment, the taxpayer  may be able to use the Get My Payment tool to provide their banking information to the agency so their payments can be directly deposited. If no banking information is provided, IRS will mail a check to the taxpayer’s address on record. The direct debit account information used to make payments to the IRS cannot be used as the account information for the direct deposit of your payment.

Can taxpayers who aren’t required to file a tax return receive a payment?
Yes. People who don’t normally file can use Non-Filers: Enter Payment Info tool to give IRS basic information to get their Economic Impact Payments. This includes low-income or no income taxpayers.

Can taxpayers who haven’t filed a tax return for 2018 or 2019 still receive a payment?
Yes. Anyone who is required to file a tax return and has not filed a tax return for 2018 or 2019 should file their 2019 return do so as soon as possible to receive a payment. They should include direct deposit banking information on their return.

WATCH OUT FOR SCAMMERS!

The bad guys are out there phishing with renewed fervor. Phishing sites have increased 235% since the COVID-19 outbreak. Scammers have set up over 180,000 fake Coronavirus-themed websites to steal data or misinform taxpayers. Don’t take the bait.

According to the Treasury Inspector General for Tax Administration, (TIGTA) the agency has already begun to see IRS Imposters playing every trick in the book to get personal information they can use to steal money. While the IRS Criminal Investigation Unit is doing all they can to combat this problem, people are still falling victim to these scams. Scammers are preying on vulnerable individuals who are not sure how best to get their stimulus payment.

TIPS TO NOT FALL VICTIM

  • Do not respond to anyone contacting you if they claim to be from the IRS. The IRS will never ever call you.
  • You may receive emails, text messages or contacted via social media by someone asking for verification of personal and/or banking info. They’ll claim the information is needed before you can receive your stimulus payment. Never give out your personal information.
  • NEVER click on links or open attachments in emails or text messages. Always go directly to the website using your internet browser.
  • You are not required to pay a fee to receive your payment, nor will paying an upfront fee result in you receiving your stimulus check faster.
  • Pay attention to web address extensions. The IRS website ends in “.gov” NOT “.com” or “.org” or “.net”.
  • Watch your spelling when entering a website address. Scammers register websites with misspelled names or similar names of legitimate websites  in hopes of tricking you.

If you receive an unsolicited email from someone claiming to be from the IRS, forward the email to phishing@irs.gov.  If you are looking for information about the COVID-19 pandemic you can go here.

To read a prior article I have recently written about IRS scams, go here

Coronavirus Phishing Emails on the Rise

Coronavirus
WASH YOUR HANDS

A global health disaster like coronavirus is a golden opportunity for criminals looking to steal your personal information or money through Coronavirus Phishing Emails.

Portions of this article were reprinted from the website of consumer advocate, Herb Weisbaum, also known as Consumerman. His website is here: https://consumerman.com/

If you got an email from the Centers for Disease Control and Prevention or the World Health Organization about the Coronavirus outbreak, would you read it? Maybe click on a link? Cybercriminals are counting on it!

The outbreak is a dream come true for criminals who will use it as basis for email attacks designed to snag personal information, steal money and infect computers with malware.

Coronavirus phishing emails are on the rise. Malicious emails linked to the Coronavirus first appeared in early February, making it one of the first big phishing campaigns of the year.

“A global health disaster like this one, creates a golden opportunity for fraudsters, as there is no population or demographic that is not paying attention. As a result, the potential for impulse clicking is higher than normal,” said Adam Levin, a digital security expert who is chairman of CyberScout, a data security firm, and the author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.”

The bogus emails look legit

Coronavirus Phishing Emails may look legit, but they’re not! Those who click on the provided link in the email will wind up on a site created by criminals to steal the victims’ email credentials.

With the current Coronavirus phishing emails, fraudsters are designing their emails to look like they’re coming from the CDC or the WHO. They typically have an attention-grabbing subject line, such as “Coronavirus outbreak in your city (Emergency)” and often include the agency’s logo — cut and pasted from the real website — to add credibility.

At first glance, the sender’s email address appears to be legitimate, for example cdc-gov.org or cdcgov.org. The crooks create domains that are very close to the real CDC site — cdc.gov — making the deception easy to miss.

Even though the link looks like it will take you to the CDC.gov website about the Coronavirus, it will not.

You will instead, land on a fake Microsoft Outlook login page, created by the crooks to steal user names and passwords. Criminals control this fake Outlook page. There is no reason to provide login credentials to visit a public website, such as the CDC.

“Once they capture your login credentials, they can use them to get access to your email account and look for anything worth stealing.

BUT IT GETS WORSE

The bad guys have taken things to the next level, using the Coronavirus to infect computers with Malware!

Emails impersonating the CDC include attachments to click on that proclaim the need for the reader to open it to get advice on how to protect yourself. If you open this attachment, it will download Malware or Ransomware onto your computer.

Ransomware locks out all of your computer files and demands a ransom payment to unlock your files. I have written more extensively about Ransomware in a prior article that you can read here.

Just remember that health agencies are NOT sending out mass emails about Coronavirus. There are plenty of legitimate news websites and the CDC website, CDC.gov  itself with important updates and everything you need to know about the Coronavirus outbreak.

How to protect yourself from coronavirus scams

You need to be skeptical of any email that asks you to click on a link or open an attachment — even when the email seems legitimate.

In most cases, you can probably get the information you need by typing in the URL yourself. For the latest on the Coronavirus outbreak go directly to the CDC website.

TIPS TO PROTECT YOURSELF:

  • Don’t be taken in by the sender’s name.Scammers can put any name they like in the “from” field.
  • Look out for spelling and grammatical errors.Not all crooks make mistakes, but many do. Take extra time to review messages for telltale signs that they’re fraudulent.
  • Check the URL before you type it in or click a link.If the website you land on doesn’t look right, steer clear. Do your own research and make your own choice about where to look.
  • Never enter data that a website shouldn’t be asking for. A site that’s open to the public, such as the CDC or WHO, will never ask for your login credentials.
  • If you realize you just revealed your password to impostors, change it as soon as possible.The crooks try to use stolen passwords immediately, so the sooner you change your password, the more likely you are to stop them for doing anything malicious.
  • Never use the same password on more than one site.Once crooks have a password, they’ll try it on every website where you might have an account, to see if they can get lucky.
  • Turn on two-factor authentication (2FA), if you can. Yes, it’s a slight inconvenience to enter a six-digit code when you want to log on, but it’s a huge barrier for the crooks. With 2FA, a stolen password, by itself, is useless to them.

Prevention, Symptoms and Treatment of COVID-19

There’s currently no vaccine to prevent COVID-19. The best way to prevent illness is to avoid being exposed to this virus. The CDC recommends preventive actions every day to help prevent the spread of respiratory diseases, including:

  • Avoid close contact with people who are sick.
  • Avoid touching your eyes, nose and mouth.
  • Stay home when you’re sick.
  • Cover your cough or sneeze with a tissue, then throw the tissue away.
  • Clean and disinfect frequently touched objects and surfaces using a regular household cleaning spray or wipe.
  • Follow CDC’s recommendations for using a face mask. (see below)
  • Wash your hands often with soap and water for at least 20 seconds, especially after going to the bathroom, before eating and after blowing your nose, coughing, or sneezing or being out in public.
  • If soap and water aren’t available, use an alcohol-based hand sanitizer with at least 60% alcohol. Always wash hands with soap and water if hands are visibly dirty.

MORE TIPS FROM THE CDC:

The CDC doesn’t recommend that people who are well wear a face mask to protect themselves from respiratory diseases, including COVID-19.

Face masks should ONLY be used by people who show symptoms of COVID-19 to help prevent the spread of the disease to others. The use of facemasks is also crucial for health workers and people who are taking care of someone in close settings.

Reported illnesses have ranged from mild symptoms to severe illness and death for COVID-19 cases, the CDC said. Symptoms may appear two to 14 days after exposure to the virus and include fever, cough and shortness of breath.

There’s no specific treatment recommended for COVID-19. People with COVID-19 should get care to help relieve symptoms. For severe cases, treatment should include care to support vital organ functions, the CDC said.

People who think they may have been exposed to COVID-19 should contact their healthcare provider immediately.

Holiday Shopping Safety

Tis the Season…to learn about Holiday Shopping Safety!

Scammers love this time of year, because there are many opportunities for them to separate you from your money. To be a smarter and safer consumer, you need to educate yourself, so you can avoid falling victim. Here are holiday shopping safety tips to help keep your holidays merry.

Holiday Shopping Safety

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. These spam emails will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts to buy their gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites are set up all over the internet, that sell stuff that doesn’t even exist. They will offer fantastic bargains that are truly too good to be true. Also, beware of copy-cat websites that appear to be the real shopping site.  Some fake websites use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information gets sent straight to the criminal and will be used to make illegal purchases.

Fake online Ads will appear on social media sites and even on legitimate News websites. The ads exist to entice you to click on links that will ask you to provide personal information. If you see an Ad for something you like, instead of clicking on that Ad, go to the retailer’s website directly. If you don’t know the web address, use Google to search for it. The real legitimate website will be at the top of the Google results – about 99% of the time.

Public Wi-Fi is neither private nor secure. Never ever use public Wi-Fi to shop online. You can never be sure whether you’re using the authorized Wi-Fi of the retailer or actually the Wi-Fi of the thief, who is likely sitting a few tables away. When using public Wi-Fi, it is advisable to use a Virtual Private Network (VPN) for better online security.

Debit Cards should NEVER be used while shopping online. Your debit card is tied to the money in your checking account. You have better consumer fraud protections when using your credit card. Better yet, use a gift card or prepaid debit card for all of your online purchases.

STAY SAFE OUT THERE AND HAPPY HOLIDAYS TO YOU AND YOURS!

Here’s a good website to learn more about Shopping Safely Online

Here’s an article I wrote about Online Shopping

ANGLER PHISHING NEWEST PHISHING TACTIC

ANGLER PHISHING – Beware of the Newest Tactic!

Phishing is a term used to describe a common tactic used by identity thieves to gain access to your personal information. It happens when a criminal attempts to lure or entice their victim into clicking on a link or opening an attachment in a text message, a social media message or in an email. If the victim complies, they are directed to provide personal information or even worse, the victim’s computer will become infected with Malware or Ransomware! Angler Phishing usually happens on social media.

ANYONE CAN FALL FOR IT

If a criminal already has any personal information about you or your family (gleaned from a data breach or social media site) they can put together a well-designed Phishing email. They will provide you with a reason to have to click on the link. Here’s an example: “Your daughter Lisa fell and hit her head at school today. Please click here to contact us for additional information”.

Angler Phishing Mssages

    Never Click on Email or text links on social media messaging inbox

Similarly, Spear-Phishing is an even more laser-focused Phishing attempt. For example, criminals will target the emails of employees in a company’s Human Resources Department. These Spear-Phishing emails are used to get payroll information to glean the Social Security numbers of the company’s employees.

NOW THERE’S A NEW PHISHING TACTIC

It is referred to as Angler Phishing. It begins when you as the customer, becomes upset with the service you received at a company you just did business with.  So, you post an angry comment about your experience on your social media account. Soon thereafter, you get a text or email response – which appears to have come from the company you posted a complaint about. The ‘customer service’ rep at the company offers to help you resolve their problem. The trap is now set!

You don’t realize that the person who contacted you is really a fraudster who read your post and is now impersonating the company you complained about. The fraudster attempts to lure you into clicking on a link to directly connect you with a customer service rep at the company. If you comply, then merely clicking on that link can result in you downloading Malware or Ransomware. Alternatively, the provided link will connect you to a fake customer service rep, who asks for personal information in order to reimburse you or resolve your issue. The Fraudster will then use your personal information to commit identity theft.

You MUST always be wary!

Angler Phishing usually happens on social media. So, make it a habit to NOT respond to any communications you receive through social media, because it is difficult to verify the legitimacy of the contact. If you receive a message from a company you complained about, contact the company directly or go to the company’s website instead of clicking on the link that is provided to you.

 

ANOTHER THING YOU NEED TO KNOW

When it comes to Angler Phishing, there’s another aspect you may not have given much thought to. It’s another part of ANY customer service situation. Never rely on a Google search to locate a customer service telephone number for a company. Some companies do NOT even have a customer service number to call them. They instead force you to go to their website to resolve an issue. Realize that the customer service number that you just found on Google may not really be the company’s legitimate customer service number. The number you found may be a scammer who set up a phony customer service number for that company. Then, when you call the number, the Imposter will phish for your personal information.  Then, the theft of your information will unfortunately make you a victim of Identity Theft!

TIPS:

  • NEVER click on links or open attachments in emails, text messages or your social media messaging inbox unless you substantiated its legitimacy  
  • Be wary of any unsolicited posts on social media
  • Never give your personal information to a stranger
  • Always do your research first – “Don’t Trust until you Verify” directly from reliable sources before engaging with anyone on social media.  
  • Log in to a company’s website by typing their web address into your internet browser – instead of clicking on links that could be tainted.
  • Be sure to have virus and malware protection on all your devices
  • Always keep your software updated – set them to automatically update

 

REPEAT AFTER ME…

NEVER EVER click on links or open attachments in emails, text messages or your social media messaging inbox.  99.9% of the time, they are tainted links. It is referred to as click-bait messages. Click-Bait is designed to entice you – with an urgent important message – that prompts you to click on a link – to remedy the situation.  

Phishing attacks come in two parts. First there’s the tempting click-bait email. Next the link in the message takes you to a look-alike fake website the scam artist controls.

When it comes to Identity Theft, I can’t stress enough how important it is to refrain from clicking on any links or opening up any attachments in an email unless you are 100% certain that it’s legitimate or if you initiated the contact. Criminals will never stop Phishing – so please – DON’T TAKE THE BAIT!

Read another one of my articles about Phishing here.

IRS TAX SCAMS

Taxpayers CAN protect themselves from IRS Tax Scams – If they know what to do…

Knowledge is power, especially when it comes to avoiding IRS Tax scams. Here’s what taxpayers need to know to determine whether an encounter — in person, over the phone, by text or by email — is an imposter or an actual IRS employee:

IRS TAX SCAMS
Be Suspicious of IRS Calls, Texts or Emails

The IRS Does Not:

  • Call to demand immediate payment using a specific payment method, such as a prepaid debit card, gift card or wire transfer.
  • Demand taxpayers pay taxes without the opportunity to question or appeal the amount owed.
  • Threaten to bring in local police, immigration officers or other law enforcement to have someone arrested for not paying.
  • Threaten to revoke someone’s driver’s license, business licenses or immigration status.

The IRS Does:

  • In general, first mail a bill to any taxpayer who owes taxes.
  • Normally initiate contact with taxpayers through mail delivered by the United States Postal Service.
  • Present official identification when visiting a taxpayer. Taxpayers have the right to see these credentials, and – if they would like – the representative will provide them with a dedicated IRS phone number for verifying the information and confirming their identity.
  • Call or visit a home or business under certain circumstances. This includes when a taxpayer has an overdue tax bill, to secure a delinquent tax return or a delinquent employment tax payment, or to tour a business as part of an audit or criminal investigation. Even then, taxpayers will generally receive several letters from the IRS in the mail first.
  • Assign certain cases to private debt collectors, but only after written notice is given to the taxpayer and their appointed representative.
  • Offer several payment options. Payment by check should ALWAYS be payable to the U.S. Treasury and sent directly to the IRS, instead of a private collection agency.

IRS Tax Scams Use PHISHING Attempts:

Phishing Emails
Don’t Click on Email or text links!

Thieves often pose as IRS employees to get victims to turn over their personal information using Phishing techniques. Phishing is typically carried out through unsolicited emails or calls. Just remember that the IRS does not call, text, or email you. They communicate via a letter sent to you in the mail.

IMPORTANT TIPS:

  • Never click on links in emails or text messages from anyone claiming to be from the IRS.
  • Hang up the phone if someone claiming to be from the IRS calls you and don’t believe what you see on your caller ID. The # can be spoofed.
  • You can forward suspicious IRS emails to phishing@irs.gov
  • Forward text messages as-is to the IRS at 202-552-1226. If possible, in a separate text to the IRS, forward the originating number of the sender to the same IRS # 202-552-1226.
  • Visit the IRS identity protection page for more info on steps to take to protect your info.
  • You can read a prior article I wrote about IRS Phone Scams here.

PHISHING EMAILS – You’re the Fish

When it comes to Phishing Emails – You’re the Fish!

It’s always Phishing Season for Fraudsters. Phishing attacks use emails and sometimes text messages or malicious websites to get information from their victims. The ruse is an attempt to lure you, under the pretense of a problem or an emergency, to click on a link or open an attachment. There is usually a circumstance that is presented to you that requires your attention and your follow-thru, in order to resolve an immediate problem or issue. The emails claim that there will be dire consequences if you ignore the message.

Phishing Emails
DON’T CLICK ON LINKS!

Phishing emails often have the look and feel of authentic communications. Company logos are easily cloned and used in fake phishing emails. Inconsistent or incorrect spelling and grammar are also a tell-tale sign of phishing emails.

Most legitimate emails from businesses would include your name and/or the last few digits of your account number. An email from a friend or family member should be personal in nature. These targeted messages can trick even the most cautious person into doing something that may compromise them. Even if the email is from a known source, people should use caution, because Cybercriminals are very good at mimicking trusted businesses, or even friends and family.

Phishing Emails are Designed to Infect a Victim’s Computer with Malware.

You want to avoid getting Malware installed on your computer.  Infections can result in your downloading keystroke-logging software that enables a scammer to steal information from you as you type passwords or account numbers on a website.

Malware also gives the cybercriminal the ability to use the email addresses of everyone in your email program to spread SPAM to all of them. Your friends and family may be fooled into believing the SPAM email is safe (because it’s from you); and will therefore click on a tainted link or infected attachment in the email.

TIPS and ADVICE

  • Never click on links or open/download attachments – unless you are 110% sure AND have confirmed that they are legitimate.
  • If you receive what appears to be a phishing email or text, always go directly to the source (not the info in an email) to confirm that this is not a scam.
  • Hover you mouse over the sender’s address. You may see that the email address is not consistent with the name of the company or it may be a long string of numbers and symbols that don’t make sense.
  • If calling a business to confirm the email’s legitimacy, be sure to call the correct phone number. In some instances, fraudsters will purchase phone numbers that are only one digit off from those of a legitimate company. These fake (usually toll-free numbers) are an effort to trap people who may mistakenly dial an incorrect number or area code of a bank, credit card issuer, or other legitimate organization.
  • Suspicious emails should be reported to the Federal Trade Commission (FTC) by forwarding the email to spam@uce.gov.  Be sure to report it to the legitimate organization that the email pretends to originate from. You can also report it to your email provider. Once you’ve done that, you should always delete the tainted email from your computer.

KEEP ONLINE DATA SAFE

It’s important to take several steps to help keep your online data safe. During the holiday shopping season, shoppers are looking for the perfect gifts. At the same time, criminals are looking for sensitive data. This data includes passwords, credit or debit card numbers, financial accounts and especially Social Security numbers.

Online Data on Santa's List

Anyone with an online presence should do these few simple things to protect their identity and keep online data safe from predators and fraudsters.

  • Shop at familiar online retailers. Generally, sites with an “s” in “https” at the start of the URL, are secure. Users can also look for the “lock” icon in your browser’s URL bar. That said, some criminals may get a security certificate, so the “s” may not always mean a site is legitimate.
  • Avoid unprotected Wi-Fi. Users should never do online financial transactions when using unprotected public Wi-Fi. Wi-Fi is never private. Unprotected public Wi-Fi hotspots may allow thieves to view your transactions. Use a virtual private network to keep your data private.
  • Recognize and avoid phishing emails that pose as a trusted source. These emails can come from a source that looks like a legitimate bank or even the IRS. These emails almost always include a link that is tainted or takes the user to a fake website. From there, the thieves can steal usernames and passwords.
  • Keep a clean machine. This includes computers, phones and tablets. Users should install security software to protect against malware that may steal data or install Ransomware. This software also protects against viruses that may damage files. Be sure to always keep your software updated and set them to update automatically.
  • Use passwords that are strong, long and unique. Experts suggest a minimum of 10 characters. Use a combination of upper-case and lower-case letters plus some numbers and symbols mixed in. Use phrases or a sentence. It is most important that you ALWAYS use a different password for each of your important online accounts.
  • Use multi-factor authentication when available. Some financial institutions, email providers and social media sites allow users to set their accounts for multi-factor authentication. This means users may need a security code, usually sent as a text to their mobile phone, in addition to a username and password.
  • Sign up for account alerts. Some financial institutions will send email or text alerts to an account holder when there is a withdrawal or change to their accounts. Generally, people can check their account profile to see what added protections may be available.
  • Encrypt sensitive date and protect it with a password. People who keep financial records, tax returns or any personal information on their computer should protect this data. Users should also back up important data to an external source. When disposing of a computer, mobile phone or tablet, it is extremely important that people make sure they wipe the hard drive of all information, including their printer, before disposing or trashing.

For additional tips, read my previous article about how to Shop Safely on Cyber Monday

Tis the Season…For Holiday Scams

The holiday shopping season is underway and Scammers are already gearing up to exploit innocent victims with holiday scams. They love this time of year, when they have even more opportunities to separate you from your money.

Holiday Scams Warning

Here’s a list of Holiday Scams to help  keep you safer & smarter!

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. They will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts for gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites will pop up all over the internet offering fantastic bargains. Beware of copy-cat websites or sites that use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information will now be used to make illegal purchases.

A good place to evaluate websites selling retail goods is http://www.resellerRatings.com  where you can find reviews about merchants and see if they’re legitimate. If they’re not listed there, chances are it’s a holiday scams website.

Fake online Ads will appear on social media sites and even on legitimate News websites. They exist to entice you to click on links that will either contain keystroke-logging Malware or lure you into providing personal information that will make you a victim of Identity Theft.

Public WiFi is neither private nor secure. You can never be sure whether you’re using the authorized WiFi of the retailer or actually the WiFi of the thief, sitting a few tables away. Use a Virtual Private Network (VPN) when using WiFi, for better online security. Make sure to NEVER use your debit card while shopping online. Your debit card is tied to the money in your checking account. You have better consumer protection when using your credit card. Better yet, use a gift card or prepaid debit card for all your online purchases.

EQUIFAX BREACH EXTREMELY DAMAGING

Why is the Equifax breach extremely damaging? Because the typical information required to prove your identity is now in the hands of the bad guys!

YOU CANNOT HIDE YOUR HEAD IN THE SAND AND THINK YOU’LL BE IMMUNE! 

An identity thief will go to great lengths to dig up your personal identifying information (PII) so they can impersonate you and then commit ID theft. This Equifax breach has already completed that part of the job for them.

Remember that 145.5 million Americans (over ½ the U.S. population) have had their PII stolen! Your information will likely be auctioned off on underground websites to opportunistic criminals, across the planet. Armed with your PII, a criminal can do a lot of damage to your identity, your good name and your financial records!

equifax breach extremely damaging
ARE YOU ANGRY YET??? YOU SHOULD BE!!!

How is the Equifax breach extremely damaging? Let’s count the ways… 

  1. Pretexting – Criminals will use your PII to convince your bank, credit card company, utility or phone service to make changes to your accounts. Your PII gives them the ability to change your email address, PINS, passwords, direct deposit info, phone # and home address. They’ll even change the answers to your secret questions – all in their quest to gain access to private information or to lock you out of your own
  2. Tax ID Theft: File fake tax returns to get large refunds.
  3. Credit Fraud: Open new lines of credit in your name (personal loans, auto loans, mortgages, new credit cards).
  4. Counterfeiting: Create fake ID’s like driver’s licenses, passports, insurance cards, etc.
  5. Criminal ID Theft: Use your ID to give to police if they get arrested.
  6. Medical ID Theft: Create medical insurance cards to get medical services or commit insurance fraud.
  7. Employment ID Theft: Use your PII to get a job and collect a paycheck.
  8. Financial ID Theft: Open bank accounts in your name and pass around bad checks.
  9. Malware/SPAM: Infect your devices with Malware by sending SPAM emails or texts, purported to be from Equifax. SPAM emails and texts are designed to lure you to click on links or open attachments that infect your devices and turn them into ‘bots’.
  10. Spoofing/Phishing: Imposter phone calls from Equifax employees or clickable links that lure you onto a fake Equifax website. Offers of free credit monitoring services or class action lawsuits, designed to phish for additional info, like your credit card number

YOU MUST LEARN WHAT TO DO TO PROTECT YOURSELF! YOU MUST BE PRO-ACTIVE AND EVER VIGILANT!  AND PLEASE – PASS IT ON…

READ MY PREVIOUS EQUIFAX BREACH ARTICLE TO LEARN WHAT YOU NEED TO DO.

 

EQUIFAX BREACH UPDATE

HERE’S AN EQUIFAX BREACH UPDATE

Equifax announced last week that they suffered a data breach that may have affected 143 million (Updated to 145.5 million) of its customers. Social Security numbers, names, addresses and even some Driver’s Licenses and credit card numbers were breached.

If you add this Equifax breach to the other 700+ data breaches this year, (as of June 2017), chances are that your personal information has already been exposed.

The sheer size of this recent breach is so large and the potential harm so great, it makes sense to assume the worst!

Equifax Breach Update
143 Million Records Exposed!

Equifax has launched a tool to let you know if you’ve been affected by this breach. Go here: https://www.equifaxsecurity2017.com/potential-impact/  You’ll need to provide your last name and the last six numbers of your Social Security number. Alternatively, you can call them at 888-548-7878.

If you were impacted, Equifax is offering free credit monitoring via its own company – TrustedID Premier.  However, you won’t be able to enroll in it immediately.  You will be given a date when you can return to the site to enroll.  Equifax will NOT send you a reminder, so mark the date on your calendar to enroll. The deadline to sign up for credit monitoring expires November 21st.

Under pressure from N.Y. Attorney Eric Schneiderman and others, Equifax has now removed the waiver of your rights to participate in a class action suit as a condition of accepting their free credit monitoring.  Because they have now removed this clause, in their terms of agreement, I now advise that you sign up for the free credit monitoring service, ASAP!

A reminder that you have a right to a free copy of your credit report, once a year, from each of the 3 credit bureaus. There is the only federally authorized website to get your free report. Go here to get your free report: https://www.annualcreditreport.com/index.action

What you should do is stagger those requests among the three credit bureaus, by only requesting one of them every 4 months. That way you will have viewed your credit report, for free, 3X during the year.

TIPS:  The advice from my previous article is much the same.

  • Place a credit freeze with all 3 credit bureaus, ASAP. Equifax has now offered to waive the fee to place a credit freeze on their site. You’ll still have to pay the small fee to place a freeze with the other two.
  • In addition, get copies of your credit reports to see if there’s anything on them that might be an indication that you have already been a victim. Remember although this breach was announced last week, the breach actually happened a few months ago.
  • Be sure to monitor ALL of your financial accounts for any signs of trouble or inaccuracies.
  • Use two-factor authentication and set up spending alerts on your credit cards.
  • Watch out for Phishing Spam emails from Equifax Imposters trying to lure you into clicking on links regarding this breach. DON’T fall for it!

You can learn how to report and recover from identity theft by visiting FTC’s website:  http://www.identitytheft.gov  or by calling them at 1-877-438-4338.  The FTC provides information on how to protect yourself after a data breach.

Here are the online links and phone numbers of each of the 3 credit bureaus to place a credit freeze.