From impersonating police officers in Pennsylvania to employees of the City of San Antonio, scammers have been impersonating officials nationwide in order to scam people. A nurse in New York even lost her life savings to a spoofing scam.Β Phone spoofing is a technique used by callers to disguise their true identity and phone number when making calls. By altering the caller ID information displayed on the recipientβs phone, spoofers can make it appear as though the call is coming from a different number, often one that looks more trustworthy or familiar to the recipient. This deceptive practice is commonly employed by telemarketers, scammers, and individuals seeking to engage in fraudulent activities, making it more difficult for recipients to identify and block unwanted or suspicious calls.Β
Most spoofing is done using a VoIP (Voice over Internet Protocol) service or IP phone that uses VoIP to transmit calls over the internet. VoIP users can usually choose their preferred number or name to be displayed on the caller ID when they set up their account. Some providers even offer spoofing services that work like a prepaid calling card. Customers pay for a PIN code to use when calling their provider, allowing them to select both the destinationβs number they want to call, as well as the number they want to appear on the recipientβs caller ID.Β Β
Scammers often use spoofing to try to trick people into handing over money, personal information, or both. They may pretend to be calling from a bank, a charity, or even a contest, offering a phony prize. These βvishingβ attacks (or βvoice phishingβ), are quite common, and often target older people who are not as aware of this threat.Β
For instance, one common scam appears to come from the IRS. The caller tries to scare the receiver into thinking that they owe money for back taxes, or need to send over sensitive financial information right away. Another common scam is fake tech support, where the caller claims to be from a recognizable company, like Microsoft, claiming there is a problem with your computer and they need remote access to fix it.Β
There are also βSMiShingβ attacks, or phishing via text message, in which you may receive a message that appears to come from a reputable person or company, encouraging you to click on a link. But once you do, it can download malware onto your device, sign you up for a premium service, or even steal your credentials for your online accounts.Β
The convenience of sending digital voice signals over the internet has led to an explosion of spam and robocalls over the past few years.Β Between January 2019 and September 2023, Americans lodged 2.04 million complaints about unwanted phone calls where people or robots falsely posed as government representatives, legitimate business entities, or people affiliated with them.Β
Since robocalls use a computerized autodialer to deliver pre-recorded messages, marketers and scammers can place many more calls than a live person ever could, often employing tricks such as making the call appear to come from the recipientβs own area code. This increases the chance that the recipient will answer the call, thinking it is from a local friend or business.Β
And because many of these calls are from scammers or shady marketing groups, just registering your number on the FTCβs official βNational Do Not Call Registryβ does little help. Thatβs because only real companies that follow the law respect the registry.Β
To really cut back on these calls, the first thing you should do is check to see if your phone carrier has a service or app that helps identify and filter out spam calls.Β
For instance, both AT&T and Verizon have apps that provide spam screening or fraud warnings, although they may cost you extra each month. T-Mobile warns customers if a call is likely a scam when it appears on your phone screen, and you can sign up for a scam-blocking service for free.Β
There are also third-party apps such as RoboKiller that you can download to help you screen calls, but you should be aware that you will be sharing private data with them.Β
Enhance your smartphone security effortlessly with McAfee+ which has 24/7 identity monitoring and alerts, advanced privacy features, and AI-powered security for real-time protection against viruses, hackers, and risky links.Β Β
The post How to Stop Phone Spoofing appeared first on McAfee Blog.
In the hands of a thief, your Social Security Number is theΒ masterΒ keyΒ to your identity.Β
WithΒ a Social Security Number (SSN),Β a thiefΒ can unlock everything fromΒ creditΒ historyΒ andΒ credit lineΒ toΒ tax refunds andΒ medical care.Β InΒ extremeΒ cases, thieves canΒ use it to impersonate others.Β So,Β if you suspect your number is lost or stolen, itβsΒ importantΒ to report identity theft to Social Security right away.Β
Part of what makes an SSN so powerful in identity theft is that thereβs only one like it. Unlike a compromised credit card, you canβt hop on the phone and get a replacement.Β No question, the theft of your SSN has serious implications. If you suspect it, report it.Β So,Β letβsΒ take a lookΒ atΒ how it can happen and how you can report identity theft to Social Security if it does.Β
Yes. Sort of.Β The Social Security Administration can assign a new SSN in a limited number of cases. However, per the SSA, βWhen we assign a different Social Security number, we do not destroy the original number. We cross-refer the new number with the original number to make sure the person receives credit for all earnings under both numbers.βΒ Β
In other words, your SSN is effectively for forever, which means if itβs stolen, youβre still faced with clearing up any of the malicious activity associated with the theft potentially for quite some time. Thatβs yet another reason why the protection of your SSN deserves particular attention.Β
There are several ways anΒ SSN canΒ end up withΒ a thief.Β Some involve physical theft,Β andΒ othersΒ canΒ take the digital route.Β To what extent are SSNs at risk?Β Notably, there was the Equifax breach of 2017, which exposedΒ some 147 millionΒ SSNs. Yet just because anΒ SSN has been potentially exposed does not mean that an identity crime has been committed with it.Β Β
So,Β letβs start with the basics:Β how do SSNs get stolen or exposed?Β
Thatβs quite the list. Broadly speaking, the examples above give good reasons for keeping your SSN as private and secure as possible. With that, itβs helpful to know that there are only a handful of situations where your SSN is required for legitimate purposes, which can help you make decisions about how and when to give it out. The list of required cases is relatively short, such as:Β
Youβll notice that placesΒ like doctorβs offices and other businessesΒ are not listed here, though theyβll oftenΒ request anΒ SSN for identification purposes.Β While thereβs no law preventing them from asking you for that information, they may refuse to work with you if you do not provide that info. In such cases, ask what the SSN would be used for and if there is another form of identification that they can use instead.Β In all, your SSN is uniquely yours, so beΒ extremelyΒ cautiousΒ in orderΒ to minimize its potential exposure to theft.Β
Letβs say you spot something unusual on your credit report or getΒ aΒ notification that someone has filed a tax return on your behalf without your knowledge.Β These are possible signs that your identity, if notΒ yourΒ SSN, is in jeopardy, which means itβs time toΒ act right awayΒ using the steps below:Β
1. Report the theft to local and federal authorities.Β
File a police reportΒ andΒ aΒ Federal Trade Commission (FTC) Identity Theft Report. This will help in case someone uses your Social Security number to commit fraud since it will provide a legal record of the theft. The FTC can also assist by guiding you through the identity theft recovery process as well. Their site really is an excellent resource.Β
2. Contact the businesses involved.Β
Get in touch with the fraud department at each of the businesses where you suspect theft has taken place,Β let them know of your situation, and follow the steps they provide. With your police and FTC reports, you will already have a couple of vital pieces of information that can help you clear your name.Β Β
3. Reach the Social Security Administration and the IRS.
Β Check your Social Security accountΒ to see if someone has gotten a job and used your SSN for employment purposes. Reviewing earnings associated with your SSN can uncover fraudulent use.Β YouΒ can also contact the Social SecurityΒ FraudΒ Hotline at (800) 269-0271Β orΒ reach out to your local SSAΒ office forΒ further, ongoing assistance.Β Likewise,Β contactΒ the Internal Revenue Service at (800) 908-4490 to report the theft and help prevent someone from submitting a tax return in your name.Β
As weβve talked about in some of my other blog posts, identity theft can be a long-term problem where follow-up instances of theft can crop upΒ over time. However, there are a few steps you can take to minimize the damage and ensure it doesnβt happen again.Β I cover several of those steps in detail in this blog here, yet letβsΒ take a lookΒ at a few of the top items as they relate to SSN theft:Β
Consider placing a fraud alert.Β
By placing a fraud alert, you can make itΒ harderΒ for thieves to open accounts in your name. Place it with one of the three major credit bureaus (Experian, TransUnion, Equifax),Β and they will notify the other two. During the year-long fraud alert period, it will require businesses to verify your identity before issuing new credit in your name.Β
Look into an all-out credit freeze.Β
A full credit freeze is in place until you lift it and will prohibit creditors from pulling your credit report altogether. This can help stop thieves dead in their tracks since approving credit requires pulling a report. However, this applies to legitimate inquiries, including any that you make, like opening a new loan or signing up for a credit card. If thatβs the case, youβll need to take extra steps as directed by the particular institution or lender. Unlike the fraud alert, youβll need to notify each of the three major credit bureaus (Experian, TransUnion, Equifax) when you want the freeze lifted.Β
Monitor your credit reports.Β
Once a week you can access a free credit report from Experian, TransUnion, and Equifax. Doing so will allow you to spot any future discrepancies and offer youΒ options forΒ correctingΒ them.Β
Sign up for an identity protection service.β―
Using a serviceΒ to help protect your identityΒ can monitor several types of personally identifiable information and alert you of potentially unauthorized use.Β Our own Identity Protection Service willΒ doΒ all this and more, likeΒ offeringΒ guided help to neutralize threatsΒ andΒ prevent theft from happeningΒ again.β―You canΒ setβ―itΒ up on your computers and smartphoneβ―toΒ stay in the know,Β address issues immediately, and keep your identity secured.β―Β
Of all the forms of identity theft,Β theΒ theftΒ of a Social Security NumberΒ is certainly one of the most potentially painfulΒ because it can unlock so many vital aspects of your life.Β Itβs uniquely you,Β evenΒ more than your name aloneΒ βΒ atΒ least in the eyes of creditors, banks, insurance companies, criminal records,Β etc.Β Your SSNΒ calls for extra protection, and if you have anyΒ concernsΒ thatΒ it may have been lost or stolen, donβt hesitate to spring into action.Β
The post How to Report Identity Theft to Social Security appeared first on McAfee Blog.
It happens with more regularity than any of us like to see. Thereβs either a headline in your news feed or an email from a website or service you have an account withβthereβs been a data breach. So what do you do when you find out that you and your information may have been caught up in a data breach? While it can feel like things are out of your hands, there are actually several things you can do to protect yourself.Β
Letβs start with a look at what kind of information may be at stake and why crooks value that information so much (itβs more reasons than you may think).Β
The fact is that plenty of our information is out there on the internet, simply because we go about so much of our day online, whether that involves shopping, banking, getting results from our doctors, or simply hopping online to play a game once in a while.Β Β
Naturally, that means the data in any given breach will vary from service to service and platform to platform involved. Certainly, a gaming service will certainly have different information about you than your insurance company. Yet broadly speaking, thereβs a broad range of information about you stored in various places, which could include: Β
As to what gets exposed and when you might find out about it, that can vary greatly as well. One industry research report found that the median time to detect breaches is 5 days. Needless to say, the timeline can get rather stretched before word reaches you, which is a good reason to change your passwords regularly should any of them get swept up in a breach. (An outdated password does a hacker no goodβmore on that in a bit.)Β
The answer is plenty. In all, personal information like that listed above has a dollar value to it. In a way, your data and information are a kind of currency because theyβre tied to everything from your bank accounts, investments, insurance paymentsβeven tax returns and personal identification like driverβs licenses.Β Β
With this information in hand, a crook can commit several types of identity crimeβranging from fraud to theft. In the case of fraud, that could include running up a bill on one of your credit cards or draining one of your bank accounts. In the case of theft, that could see crooks impersonate you so they can open new accounts or services in your name. Beyond that, they may attempt to claim your tax refund or potentially get an ID issued in your name as well.Β
Another possibility is that a hacker will simply sell that information on the dark marketplace, perhaps in large clumps or as individual pieces of information that go for a few dollars each. However it gets sold, these dark-market practices allow other fraudsters and thieves to take advantage of your identity for financial or other gains. Β
Most breaches are financially motivated, with some researchers saying that 97% of breaches are about the money. However, weβve also seen hackers simply dump stolen information out there for practically anyone to see. The motivations behind them vary, yet they could involve anything from damaging the reputation of an organization to cases of revenge.Β Β Β
A list of big data breaches is a blog article of its own, yet hereβs a quick list of some of the largest and most impactful breaches weβve seen in recent years:Β
Needless to say, itβs not just the big companies that get hit. Healthcare facilities have seen their data breached, along with the operations of popular restaurants. Small businesses find themselves in the crosshairs as well, with one report stating that 43% of data leaks target small businesses. Those may come by way of an attack on where those businesses store their records, a disgruntled employee, or by way of a compromised point-of-sale terminal in their store, office, or location.Β
In short, when it comes to data breaches, practically any business is a potential target because practically every business is online in some form or fashion. Even if itβs by way of a simple point-of-sale machine.Β
When a business, service, or organization falls victim to a breach, it doesnβt always mean that youβre automatically a victim too. Your information may not have been caught up in it. However, itβs best to act as if it was. With that, we strongly suggest you take these immediate steps.Β
1. Change your passwords and use two-factor authenticationΒ
Given the possibility that your password may be in the hands of a hacker, change it right away.Β Strong, unique passwords offer one of your best defenses against hackers.β―Update them regularly as well. As mentioned above, this can protect you in the event a breach occurs and you donβt find out about it until well after itβs happened. You can spare yourself the upkeep that involves a password manager that can keep on top of it all for you. If your account offers two-factor authentication as part of the login process, make use of it as it adds another layer of security thatβ―makes hacking tougher.β―Β
2. Keep an eye on your accountsΒ
If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up immediately. That could indicate improper use. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud, along with customer support teams that can help you file a claim if needed.Β
3. Sign up for an identity protection serviceΒ
If you havenβt done so already, consider signing up for a service that can monitor dozens of types of personal information and then alert you if any of them are possibly being misused. Identity protection such as ours gives you the added benefit of a professional recovery specialist who can assist with restoring your affairs in the wake of fraud or theft, plus up to $1 million in insurance coverage.Β Β
Our advice is to take a deep breath and get to work. By acting quickly, you can potentially minimize and even prevent any damage thatβs done. With that, we have two articles that can help guide the way if you think youβre the victim of identity theft, each featuring a series of straightforward steps you can take to set matters right:Β
Again, if you have any concerns. Take action. The first steps take only minutes. Even if the result is that you find out allβs well, youβll have that assurance and youβll have it rather quickly.Β
The post What to Do If Youβre Caught Up in a Data Breach appeared first on McAfee Blog.
For years now, the popularity of online dating has been on the riseβand so have the number of online romance scams that leave people with broken hearts and empty wallets.
In a recent CBS News story, one Texan woman was scammed out of $3,200 by a scammer claiming to be a German Cardiologist.Β After months of exchanging messages and claiming to be in love with her, he said that heβd been robbed while on a business trip in Nigeria and needed her help.
According to the U.S. Federal Trade Commission (FTC), the reported cost of online romance scams was $1.14 billion in 2023.Β
Dating and romance scams arenβt limited to online dating apps and sites, theyβll happen on social media and in online games as well. However, the FTC reports that the scam usually starts the same way, typically through an unexpected friend request or a message that comes out of the blue.Β
With the phony relationship established, the scammer starts asking for money. The FTC reports that theyβll ask for money for several bogus reasons, usually revolving around some sort of hardship where they need a βlittle helpβ so that they can pay:Β
The list goes on, yet thatβs the general gist. Scammers often employ a story with an intriguing complication that seems just reasonable enough, one where the romance scammer makes it sound like they could really use the victimβs financial help.Β
People who have filed fraud reports say theyβve paid their scammer in a few typical ways.Β Β
One is by wiring money, often through a wire transfer company. The benefit of this route, for the scammer anyway, is that this is as good as forking over cash. Once itβs gone, itβs gone. The victim lacks the protections they have with other payment forms, such as a credit card that allows the holder to cancel or contest a charge.Β
Another way is through gift cards. Scammers of all stripes, not just romance scammers, like these because they effectively work like cash, whether itβs a gift card for a major online retailer or a chain of brick-and-mortar stores. Like a wire transfer, once that gift card is handed over, the money on it is highly difficult to recover, if at all.Β
One more common payment is through reloadable debit cards. A scammer may make an initial request for such a card and then make several follow-on requests to load it up again.Β Β
In all, a romance scammer will typically look for the easiest payment method thatβs the most difficult to contest or reimburse, leaving the victim in a financial lurch once the scam ends.Β
When it comes to meeting new people online, the FTC suggests the following:Β
Scammers, although arguably heartless, are still human. They make mistakes. The stories they concoct are just that. Stories. They may jumble their details, get their times and dates all wrong, or simply get caught in an apparent lie. Also, keep in mind that some scammers may be working with several victims at once, which is yet another opportunity for them to get confused and slip up.Β
As mentioned above, some romance scammers troll social media and reach out through direct messages or friend requests. With that, there are three things you can do to cut down your chances of getting caught up with a scammer:Β
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what youβre doing, saying, and posting, which can help protect your privacy and give a romance scammer less information to exploit.Β
Be critical of the invitations you receive. Out-and-out strangers could be more than a romance scammer, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q4 of 2023 alone, Facebook took action on 693 million fake accounts. Reject such requests.Β
Online protection software like ours can help you spot fakes and scams. Features like McAfee Scam Protection use advanced AI to detect scam links in texts, email, and social media messages before you click. Our Personal Data Cleanup can keep you safer still by removing your personal info from sketchy data broker sites β places where scammers go to harvest useful info on their victims. And if the unfortunate happens, we offer $2 million in identity theft coverage and identity restoration support.β
If you suspect that youβre being scammed, put an end to the relationship and report it, as difficult as that may feel.Β
Notify the FTC atβ―ReportFraud.ftc.gov for support and next steps to help you recover financially as much as possible. Likewise, notify the social media site, app, or service where the scam occurred as well. In some cases, you may want to file a police report, which we cover in our broader article on identity theft and fraud.Β Β
If you sent funds via a gift card, the FTC suggests filing a claim with the company as soon as possible. They offer further advice on filing a claim here, along with a list of contact numbers for gift card brands that scammers commonly use.Β Β
Lastly, go easy on yourself. If you find yourself a victim of online dating or romance fraud, know that you wonβt be the first or last person to be taken advantage of this way. By reporting your case, you in fact may help others from falling victim too.Β
The post How to Spot Dating Scams appeared first on McAfee Blog.