identity theft

Jun 15

Vishing

By Social Engineering Series No Comments

Vishing is a term used to describe voice solicitation, a method using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The goal of this type of manipulation is driven by the hacker’s desire for monetary gain since any information they may obtain about you can be used maliciously to gain access to your accounts, rack up debt, open new accounts in your name or sell your identity for a profit.

Watch this video to understand more about how vishing is done:

So, how does Vishing even happen?

There are three ways that Vishing typically occurs:

1. The hacker may personally call you and pose as a trusted individual or service provider (i.e. a help desk, customer service, and/or tech support) urging you to take action on an issue or requesting more personal information from you. The most common vishing attempts appear as if you are being contacted by your bank, a government organization (such as the IRS), law enforcement, cell phone provider, or to help you collect the winnings of a prize/contest.

2. The hacker may pose as you by “spoofing,” or forging your number to look like they are making a call that is coming from you. They will use this convincing trick to call an individual or service provider and manipulate them into providing sensitive information about you/your account to the hacker – this could compromise your identity, bank accounts, credit cards, etc..

3. The hacker may spoof their number to appear like they are calling from the local area in which you live. This neighborhood vishing attempt relies on many people’s tendencies to answer a number if it appears that it could be from an old friend or someone they may know.

Vishing is affecting more and more people everyday and is gaining popularity among hackers as a preferred type of social engineering.

5 Tips to Protect Yourself from Vishing

1. Watch out for phone calls and text messages
Exercise caution when answering the phone, especially when not expecting a call. This also goes for text messages and voicemails. Hackers will sometimes try to infiltrate your phone by leaving threatening messages by text or voicemail. They may claim to be your service provider and ask for you to call or text them back requesting that they need you to verify personal information in your account. Keep in mind that banks will NEVER ask you for your personal pin, passwords, bank numbers or other info. Similarly, the IRS will never call you demanding payment on taxes owed without first having mailed you a bill. Hackers will try to call and pretend that they are calling from credit cards, banking, or phone service providers, etc.

2. Initiate the Call
If you receive a phone call from a service provider that seems a little phishy, don’t feel obligated to engage in conversation. Instead, hang up and do a search for the company’s official number (not the number you were called from). Use the publicly noted contact information either on the company’s website, an account statement or on the back of your card.

3. Register your phone with National Do Not Call registry
Consider registering your number on the National Do Not Call List to make it harder for you to be a victim of unwanted calls. You can also report unwanted calls on this site. https://www.donotcall.gov/

4. “My Password Was Changed?”
Be aware of password change notifications that you may receive for your accounts and also keep an eye on your account statements. Make sure that you do not reuse the same password across accounts and that you create passwords that are not easily guessed.

Mar 29

Love0

5 Tips To Protect Your Social Security Number

By Uncategorized No Comments

Your Social Security Number (SSN) is an extremely valuable piece of personal information. It is unique to you, and with it identity thieves can commit multiple crimes in your name, including tax and credit card fraud. Follow the 5 tips below to help you protect your SSN and your identity as a whole.

1. NEVER Carry Your Social Security Card

Carrying your social security card with you is the easiest way to get your SSN stolen or compromised. Most people already carry some form of state issued ID in their wallets or purses, so if you were to lose your entire wallet (including your SSN card), someone would have all the necessary information to successfully steal your identity.

2. Create a mySocialSecurity Account

A mySocialSecurity account allows you to see all things associated with your Social Security number. You can view and manage benefits you may be eligible for; order a new card in the event that you lose yours; and, you can also see all earnings that have been associated with your SSN to verify that the information is accurate.

3. Never Send Your Social Security Number Electronically

Most reputable institutions will not ask you to send your full Social Security number electronically (i.e. email, text message, etc.), but if they do, it is imperative that you refuse. Not only is this an electronic documentation of your information, but it also leaves your SSN vulnerable. Hackers may gain access to your information through the same WiFi network you are using, or if you or the recipient’s email gets hacked at a later date.

4. Guard Your Final Four

The last 4 digits of your SSN are completely random and specific to you, therefore they’re most important. The first 5 digits are assigned based on where and when you were born. It is easy for identity thieves to learn the first 5 digits of your SSN based on your birthdate and birth city, so if a thief also gains access to your last 4 digits they could easily learn the entire 9-digit string.

5. Avoid Providing Your SSN When Asked

There are only a few agencies that require your SSN in order to obtain services from (i.e. employers, financial institutions, medical insurance providers, etc.). If someone outside of these essential services asks for your SSN, you should not provide it to them.

Jan 31

Love0

5 Tips To Avoid Tax Fraud

By Uncategorized No Comments

You may already be aware that identity theft is the fastest growing crime – occurring once every 3 seconds. However, what you may not know is that over 26% of identity thieves are aiming to use your personal information to commit tax fraud. Please follow the tips below to help ensure that you avoid being scammed and receive your rightfully earned tax refund.

1. File Early

Scammers that are looking to commit tax fraud are hoping that you delay filing your taxes, so that they can file a fraudulent tax return in your name and collect your refund before you are even aware that it is happening. With that being said, not only will filing your taxes early guarantee you a faster tax return, but it will decrease the likelihood of someone committing tax fraud with your name.

2. Protect Your Social Security Number

Most tax-return identity theft cases involve a stolen Social Security Number (SSN). With your social security number, identity thieves can file fraudulent tax returns and collect your refund. In order to avoid this happening, it is best not to carry your Social Security Card with you, but rather to store it somewhere securely. You also should ensure that you never send your SSN through email, and only provide it to people when ABSOLUTELY necessary.

3. Beware of Phishing

Phishing is when online scammers impersonate reputable businesses in order to receive personal identifying information such as your SSN, DL #, address, etc. A popular scam has been hackers sending emails pretending to be IRS in order to receive your personal identifying information. Beware of these emails and remember that the IRS, your bank, or any other reputable businesses will never ask for financial or personal information through email.

4. Shred Your Bank and Tax Documents

Tax documents, bank statements, W-2’s, and any other information that goes into filing your taxes is very sensitive information, and must be protected at all costs. People who are looking to commit identity theft and tax fraud are not above digging through your trash to acquire these sensitive documents, so in order to be safe it is best to shred all of these documents when you are done with them.

5. Protect Your Mailbox

Bank statements, W-2s and pay stubs are all pieces of mail that can be used against you to commit identity theft. Some scammers will take advantage of you by simply sifting through your mailbox to see what they can get their hands on. To ensure this doesn’t happen, it is best to consider using a PO box to ensure that no one can access your mail other than you. If this isn’t an option for you, you should change your account preferences to sensitive bank and tax info to receive them electronically.

Dec 14

Love1

Summer plans out of town?

By Uncategorized No Comments

Travel is practically inevitable during the holiday season. On average, over 90 million travelers will take to the road over the coming weeks to visit their loved ones. Unfortunately, this also exposes them to additional risks that can threaten the security of their identity. These risks can range from hackers stealing information through unreliable vendor systems; copying banking information through phony ATMs; and, sometimes, even physically taking personally identifiable items. If you’re traveling this holiday season, utilize these 7 tips to help you reduce your likelihood of becoming an identity theft or credit fraud victim.

1. Manage Your Mail

Placing a hold on mail delivery is an important thing to do before you leave your home. Scammers are ready to exploit mail that has your personal information, for example, bank statements, credit information, and even medical documents. Additionally, a doorstep with a pile of built-up mail is a clear indicator to criminals that no one is home. In order to avoid your information being stolen, you should place a hold on your mail with the U.S. Postal Service or have a trusted neighbor gather the mail regularly and store it away securely.

2. Barricade Your Boarding Pass

Most air travelers forget that a boarding pass is more than a document that simply grants you access to your flight. They are valuable even after you have boarded the plane, because they contain a barcode on them (such as the one above) that holds delicate personal information. Often times these sheets of paper are hurled about the airport terminal, left on the plane, and sometimes even posted on social media. This means that anyone with access to a QR code scanner (which are effortlessly downloaded to a smartphone) can scan the barcode and have access to all of the personal information associated with your frequent flyer account. Always remember to properly discard your boarding pass after your flight, and, if possible, use a digital boarding pass on your phone.

3. Be Wary of Shared Web Connections

Many of us have seen the warning, “this connection is unsecured and others may see your information” while using public WiFi in hotels, airports, etc. While unsecured network connections should be avoided whenever possible; if you absolutely HAVE to utilize an unsecured network you should be sure to avoid accessing sensitive information such as your bank or work accounts. Some websites will allow you to connect over open, secure networks. To do this you should always ensure the website you are navigating uses “https://” at the beginning of the URL. A secure connection will look like the image above. A final solution is to use a VPN which will allow you to encrypt data on your computer when you are using a public connection.

4. Cut out the Cookies (and Browsing History)

While traveling, the use of public computers may be unavoidable for various reasons. Many PCs are able to store significant information from your web session. Additionally, some websites will automatically keep you signed in unless you specifically log out. In order to avoid the next user of the computer having access to your accounts and information, it is best to clear all cookies and browsing history when you are finished using the computer.

5. Secure Your Smartphone

Smartphones have become a staple in many of our everyday lives. Often times, access to someone’s smartphone can mean access to their bank accounts, social media, work data, and more. It is imperative while traveling to make sure your phone is secure in case it is lost or stolen. You can make your cell phone more secure by setting an unlock password, deleting and/or restricting access to apps with personal information (bank accounts, etc.), and installing software that enables you to locate a lost phone and remotely erase data, if needed.

6. Forgo Phony ATMs

ATMs that are not directly associated with or located within a bank location can be much less secure than those that are. Often times hackers install card readers into ATMs that aren’t heavily monitored to duplicate your card information and PIN number. There are even online marketplaces where fraudsters can purchase ATMs and place them wherever they please. In order to avoid this, it is best to only use ATMs if you are 100% sure that its directly associated with an official bank, even if it means paying a small access fee.

7. Follow Up After Your Trip

Upon returning home from your travels it is imperative that you continue to check your banking and credit card statements for any unfamiliar or fraudulent activities. Hackers can be very patient, so even if everything looks up to par at first, you should continue to monitor your account activity for several weeks after your return.

Nov 21

Love1

7 Tips To Protect Yourself & Your Identity During The Holiday Shopping Season

By Uncategorized One Comment

The holiday season is the most joyful time of year – spent enjoying family, friends, and food. The last thing you should have to worry about is the threat of someone stealing your credit card information, or even worse, your entire identity. With today’s increased dependence on technology, and significant data breaches announced almost daily; cyber crimes like identity theft and credit card fraud have skyrocketed. Follow these 7 tips to make you and your identity less vulnerable this holiday shopping season.

1. ONLY Rely On Secure Wifi
It is a good rule of thumb to avoid unsecured networks at ALL TIMES, but it is imperative to avoid them when you enter personally identifiable information (PII) such as credit card numbers, shipping and billing addresses, etc. When you enter this valuable information through an unsecured network, you are more vulnerable to hackers penetrating the network and stealing your information. You can identify a secure network by the lock in the top left corner of your URL bar and the web address will begin with “https://” such as the image below.

2. Watch Out For Fakers
Hackers can create a webpage that is a visual replicate of the website they are imitating. However, they cannot completely replicate the domain name. Often times these fake websites will include domains with a hyphen in them or the words “shop” or “secure”. Examples of fake websites to be aware of are “amazonsecure-shop, targethome.today, and walmart-outlet.ga”. The image below points out different ways to spot a fake email from a company.

3. Recognize The Risk of Rushing
You could be well versed in the various online risk factors, but when you are in a rush you are more likely to make simple mistakes such as clicking on a malicious email link you normally would not, or providing your information without thinking through how it will be used. The extra 30 seconds it takes to slow down and think before you give access to your personal information could cost your months of trying to restore your identity.

4. Don’t Take The Bait
A common method of phishing is sending fake order confirmation or delivery failure emails to consumers. Don’t fall victim to these fake email alerts. With the increase in online shopping orders it is sometimes hard to keep track of what packages you ordered and when you received them. Hackers send these phishing emails to entice you to either share information about you or spread malware that will infect your computer when you click the link. Examples of email scams to look out for include order confirmation emails from Walmart and delivery failure emails from FedEx.

5. Be Mindful in Marketplaces
When using online marketplaces you must be careful to protect yourself not only financially, but also physically. There have been some Amazon.com resellers that have scammed people by delivering their packages to other addresses in their zip code, but not to the actual purchaser. For example, if you order a phone from an Amazon reseller to be delivered to your address in Austin, Texas, the reseller will send the phone to someone else in Austin, Texas and communicate to Amazon that it was delivered to you, preventing you from receiving a refund even though you never received the package. The best way to avoid this is to order directly from site vendors or meet up with the reseller rather than having them ship the product to you. If you do choose to personally meet a reseller, it is important to remember physical safety. Although, cyber crime is constantly growing, petty theft and violence is also still prevalent. If you have to meet with a reseller in person, try to find a public spot, with some type of surveillance. Some even suggest meeting at a police station, so that if something goes wrong, authorities can arrive immediately.

6. Credit Reigns Supreme
Think twice before choosing debit over credit in the checkout line. It is much easier to dispute things that were fraudulently purchased on a credit card versus a debit card. If your debit card falls into the wrong hands, the thief could easily drain your bank account and it could take months to get your funds back, if at all. Also, many credit card companies may offer rebates or “points” and extended warranties to incentivize your holiday gift purchases.

7. Is It Too Good To Be True?
As disappointing as it may be, 99% of the time an offer you receive claiming to provide a free gift card is not real. Before you fall victim to a phishing or malware scam be sure to ask yourself, “Why would Amazon or Footlocker be sending me a free gift card?” Typically, if you can’t think of a legitimate reason, then you’re dealing with some type of scam. If it sounds too good to be true, it probably is.

Pro Tip: When you are suspicious about an email you receive or the company you received it from, call their customer service line. Everything is digitized in this day and age so if their agents don’t have a record of a communication with you, then 9 times out of 10 the communication may be fraudulent.

So, how does Vishing even happen?

5 Tips to Protect Yourself from Vishing

5 Tips To Protect Your Social Security Number

5 Tips To Avoid Tax Fraud

7 Tips To Protect Yourself & Your Identity During The Holiday Shopping Season

Categories

Recent Posts

Archives

CONTACT

CONNECT

Our Services

Enterprise Services

About Our Company

Our Affiliates

Twitter Feed