423 cases per 100,000 resident for state with highest identity theft
This post originally appeared on Finder.com.
As the world continues to cope with COVID-19, America is seeing cases of identity theft soar to record highs. Of the 3.2 million reports to the FTC’s Consumer Sentinel Network Data Book in 2019, 20% — or 650,572 — related to identity theft. And already in the first quarter of 2020, reports of fraud and identity theft are up 20.1% from the previous quarter.
The numbers could rise as more people continue to work from home and new reports of coronavirus-related fraud and scams come in.
Among these all-time-high cases, credit card fraud leads the charge.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Identity Theft vs. Account Takeover
Identity theft involves the unauthorized access of personal information, such as your name and Social Security number. Account takeover is when a fraudster accesses account information, such as credit card numbers, with the intent of committing fraud on existing accounts.
In 2019, victims reported $160.3 million worth of losses resulting from identity theft, according to the FBI. Credit card fraud made up the overwhelming majority of that $160.3 million.
This number represents only what was reported through the FBI’s Internet Crime Complaint Center. However, and doesn’t account for reports made directly to field agents.
Most Common Types of Identity Theft
Swiping the competition in 2019 was credit card fraud, which accounted for 41.78% of all identity theft reports to the FBI, followed by other identity theft, which includes fraud conducted via email and social media. The least common was government documents or benefit fraud at 3.54%.
Identity Theft and Credit Card Fraud by State
The dubious honor of state with the most identity theft reports goes to Georgia, with the Peach State logging 423 cases per 100,000 people in 2019–176 of those falling under the credit card fraud umbrella.
Florida came in just south of Georgia with 154 cases of credit card fraud per 100,000 people, followed by California and Texas.
The state with the fewest number of reports was South Dakota, with 47 reports of fraud per 100,000 people, followed by Vermont and Wyoming.
Several states in the middle of the country also came in at the middle of the pack, like Missouri and Colorado, with 41 and 45 reports of credit card fraud per capita, respectively.
Credit Card Fraud by Metro Area
Georgia maintains its top spot in individual metropolitan areas, accounting for three of the five areas with the most reports of identity theft per capita–Warner Robins, Atlanta-Sandy Springs-Roswell and Macon-Bibb County. A person convicted of financial transaction card fraud of more than $100.00 within a six-month period in Georgia can be charged with a felony. The ramifications can be a fine of up to $5,000.00 or a prison term of one and five years. On the flip side, Muncie, Indiana, logged the least number of reports at 37 per 100,000 people, followed by Glens Falls, New York, and Tullahoma-Manchester, Tennessee.
Top 10 metropolitan areas with highest identity theft per 100,000 residents – data
Rank
Metropolitan area
Reports per 100,000 residents
Number of reports
1
Warner Robins, GA Metropolitan Statistical Area
661
1,281
2
Atlanta-Sandy Springs-Roswell, GA Metropolitan Statistical Area
570
33,940
3
Miami-Fort Lauderdale-West Palm Beach, FL Metropolitan Statistical Area
556
34,458
4
Macon-Bibb County, GA Metropolitan Statistical Area
455
1,045
5
Memphis, TN-MS-AR Metropolitan Statistical Area
446
6,027
6
Columbus, GA-AL Metropolitan Statistical Area
433
1,322
7
Columbia, SC Metropolitan Statistical Area
411
3,420
8
Los Angeles-Long Beach-Anaheim, CA Metropolitan Statistical Area
410
54,553
9
Houston-The Woodlands-Sugar Land, TX Metropolitan Statistical Area
367
25,656
10
Dallas-Fort Worth-Arlington, TX Metropolitan Statistical Area
367
27,637
Top 10 metropolitan areas with lowest identity theft per 100,000 residents – data
Rank
Metropolitan area
Reports per 100,000 residents
Number of reports
1
Muncie, IN Metropolitan Statistical Area
32
37
2
Tullahoma-Manchester, TN Micropolitan Statistical Area
34
35
3
Glens Falls, NY Metropolitan Statistical Area
34
43
4
Lewiston-Auburn, ME Metropolitan Statistical Area
38
41
5
Appleton, WI Metropolitan Statistical Area
41
97
6
Owensboro, KY Metropolitan Statistical Area
41
49
7
Wenatchee, WA Metropolitan Statistical Area
42
50
8
Bismarck, ND Metropolitan Statistical Area
41
54
9
Ogdensburg-Massena, NY Micropolitan Statistical Area
43
46
10
Eau Claire, WI Metropolitan Statistical Area
43
72
Methodology
Finder sourced all data from the Consumer Sentinel Network Data Book 2019, released by the Federal Trade Commission in January 2020. The Consumer Sentinel Network Data Book uses reports in its Sentinel secure online database available to law enforcement only. These consumer reports are about fraud, identity theft and other consumer protection topics, with more than 3.2 million consumer reports filed in 2019.
The reports in Sentinel are sourced directly from:
People who call the FTC’s call center or report online
Reports filed with other federal, state, local and international law enforcement
Organizations like the Better Business Bureau and Publishers Clearing House
Having your Social Security number or card stolen isn’t exactly like getting your bank account information taken. You can easily get a new bank account number and have your bank freeze your accounts. On the other hand, it’s a bit more difficult to get a new Social Security number from the Social Security Administration.
What Is a Social Security Number?
The Social Security Administration loosely defines a Social Security number as a nine-digit number for identity-tracking purposes. It’s also used to track wages earned during someone’s lifetime for Social Security benefits.
As of 2011, the selection of this number is randomized. Whenever you start a new job or apply for government benefits, you need your Social Security number. It’s used to verify your identity and keep track of Social Security earnings.
You can locate your Social Security number on your Social Security card. If you can’t find your card, make sure you reach out to the Social Security Administration directly.
What Can You Do with a Social Security Number?
Since the government uses your social security number as a unique identifier, you can use it to do the following.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Apply for jobs
Open a bank account
Sign up for a credit card
Apply for a passport
File taxes
Enroll in health insurance
Get a driver’s license
How Social Security Number Theft Occurs: What Happens If Someone Gets Your Social Security Number?
There are a lot of ways someone can steal your identity or Social Security number. Thieves could swipe your Social Security number by exploiting data breaches, going through the trash for personal documents or using any number of other approaches. Thieves can then sell your identity or pretend to be you to open various accounts in your name, access medical care, file fraudulent tax returns or, at worst, commit crimes.
ExtraCredit’s Guard It feature offers dark web monitoring and proactive alerts if it discovers that your Social Security number or other personal information has been compromised or shared online. In addition to alerts, Guard It offers $1 million identity theft insurance to help you with costs associated with identity restoration, legal expenses, and lost wages. Sign up now!
What Can Someone Do with Your Social Security Number?
Once an identity thief has your Social Security number, they can commit all sorts of financial fraud, potentially leaving you on the hook for their misconduct. Social Security numbers are wrapped up in most aspects of Americans’ lives—employment, medical history, taxes, education and bank accounts, to name a few. Below is a list of just a few things someone can do with your SSN if they get their hands on it.
1. Open Financial Accounts
Your Social Security number is the most important piece of personal information a bank needs when extending you credit or opening an account. With that number, a thief can get credit cards or loans. And when it’s time to repay them, they won’t, which will damage your credit score. Those missed payments are tied to your Social Security number, so they’ll end up on your credit report and could impact your ability to apply for any type of loan or new account in the future.
Once you spot suspicious transactions, you can use your credit scores and credit reports to detect fraud and put an end to it. Unfortunately, it could take years for the fraudulent information to be removed from your credit report and, as a result, for your credit scores to recover.
Can Someone Access My Bank Account with My Social Security Number?
Thieves might have a difficult time accessing your bank account if they only knew your Social Security number. Most of the time, to either access an existing account or open up a new bank account, the bank would require additional forms of identification, such as your physical Social Security card, Real ID or passport.
Also, many banks have implemented additional security measures to prevent this, such as requiring security questions to access your bank account.
2. Get Medical Care
Someone using your Social Security number could also undergo medical treatment, effectively tainting your medical records. Inaccurate medical records can have deadly consequences. For example, imagine what could happen if you received treatment based on a false history listing the wrong blood type. Additionally, thieves can poach your health insurance coverage, which could leave you in a bind when you need it.
3. File a Fraudulent Tax Refund
Taxpayer identity theft continues to be a problem in the United States, although theIRS reported in 2018 that incidents were on the general decline, noting a 40% decrease in taxpayer reports of identity theft since 2016. However, in 2017, the IRS still received 242,000 reports of identity theft from taxpayers.
Identity thieves use stolen Social Security numbers to get a fraudulent refund, which then delays any refund the victim is rightfully owed.
So, the sooner you file your taxes, the more likely you’ll get your refund before an identity thief has an opportunity to take advantage of your stolen identity. You’ll know someone stole your identity if your return is rejected as a duplicate. Then, you get to start the process of resolving the fraud and, if necessary, getting the refund you deserve.
4. Commit Crimes
Getting your Social Security number might just be a fraction of the thief’s crimes. If the identity thief gets arrested for another crime and gives your Social Security number to law enforcement, you can become tangled in their criminal history. Their criminal record could prevent you from getting jobs or interfere with anything else that requires a criminal background check.
5. Steal Your Benefits
A thief could also use your Social Security number to file for unemployment or Social Security benefits, depleting those resources and preventing you from accessing that assistance when you need it later on.
How to Find Out If Your Social Security Number Has Been Stolen
Thieves can operate under your identity for years without discovery, and some of these crimes are very difficult to detect. One of the best things you can do is regularly check your credit report from Credit.com’s credit report card. Review your credit report thoroughly for unauthorized accounts or public records not related to you. These red flags could indicate clerical errors or identity theft. Either way, you want to watch out for it and act as soon as you see something suspicious.
If you sign up for an ExtraCredit account, our dark web monitoring feature will alert you of suspicious activity right away. When you get an alert, you’ll know it’s time to check your report and take preventative actions.
Sign Up Now
Privacy Policy
You can also go to IdentityTheft.gov, a website run by the Federal Trade Commission, or call its hotline at 877-ID-THEFT.
This article originally appeared on Finder.com and has been republished here with permission.
Credit card fraud is becoming more sophisticated, with scammers using devices called “skimmers” that steal and store your information after you swipe or insert your card.
Thankfully, you can visually identify skimmers if you know what to look for. Here are a few low-tech ways you can keep your card safe.
What Does a Credit Card Skimmer Look Like?
A skimmer is a small device that scammers attach to card readers on ATMs, gas pumps or any other device where you insert your card for payment or withdrawal. They look similar to the card reader itself and might increase the length of the reader by a small amount.
These stealthy devices are a highly effective way for scammers to easily steal your info if you don’t know how to spot them.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
How Does a Skimmer Work?
When you insert or swipe your credit or debit card, the skimming device captures the information found in your card’s magnetic strip. You’re able to complete your transaction like normal, but the crook who installed the skimmer can collect the skimmer later, download your information and make purchases or withdrawals without your knowledge.
What’s in My Card’s Magnetic Strip?
A wealth of information is stored in that little black strip on the back of your card. It contains the name of your bank or issuer, your name and country, your account number and PIN and other details specific to your account, like your account limits and the types of charges your card accepts. In short, enough to make purchases with your data.
How Common Are Gas Pump and ATM Skimmers?
While there isn’t a great amount of data on the prevalence of skimmers, it’s thought that their use is on the rise. A single credit card skimmer can capture information on up to 100 credit cards in a day.
Credit card chip technology has done a lot to prevent skimmers at retailers and most major ATMs, so gas stations and non-major ATMs remain the primary targets of skimmers. This may change since gas stations now must comply with the merchant fraud liability shift from October 2020.
How to Spot and Avoid Credit Card Skimmers
Although skimming can happen almost anywhere you use your card, you can prevent losing your data to a skimmer.
Here are a few simple ways to stay safe:
Study the card reader. Jiggle or shake the card reader before using it. Skimmers are often not securely attached, and moving it around could release and expose it. Look for ATMs, gas pumps and any other credit card readers in well-lit and monitored locations.
Give your card a glance. Scratches, markings or stickiness left on your card after swiping are all signs that your card may have been tampered with.
Manage your card settings. Most offer a way for you to control where your card can be used. For instance, you can set parameters that limit high-total purchases or request notification by text or email if your card is used online rather than in person at a store.
Track your balances. Monitor your account balances to avoid being blindsided by an overdraft or unauthorized purchase. By adjusting notification services, you can be informed if an attempt is made to charge over an allotted amount.
Dip your chip. Using the chip reader, instead of swiping the magnetic strip, significantly lessens the chance of fraud. If your card doesn’t have a chip, request one from your financial institution.
Consider cash. At the pump, pay for your gas inside or with an attendant. For other purchases, sign and save your receipts until you’re able to verify purchases on your next statement.
What to Do If Your Credit Card Has Been Skimmed
If you suspect your credit card information was skimmed during a recent transaction, you should respond with a few common measures. This includes notifying your bank, alerting the FTC and placing an initial fraud alert.
From here, keep an eye on your credit card accounts. Regular monitoring of your account can keep you informed of any unusual activity and let you quickly respond. You can also contact a credit monitoring service to help you maintain oversight of your account. These services automatically notify you if any changes or activity occur on your account.
Most credit cards at this point possess an EMV chip for an additional layer of security. If your credit card doesn’t have this feature, call your bank and see if you can receive a card that has one. While they won’t protect you from skimming, they do help protect against other forms of credit card fraud.
Moving forward, take a closer look at the card reader at any ATM or gas station you use. If it looks unusual, such as misaligned, loose or a different color than the rest of the device, you should skip on using your card there.
How Do I Report a Skimmer?
If you find a skimmer or confirm that you’ve been a victim of one, first call your financial institution to let them know when and where you think it happened. Cancel your card and request a replacement, and follow up by email to further document your claim.
From there, place an initial fraud alert on your card. A fraud alert requires businesses to contact you before issuing credit in your name for up to 90 days.
Filing a police report and alerting the Federal Trade Commission (FTC) are also good practices. The FTC works to prevent skimming rings and catching crooks that skim.
Bottom Line
There’s no sure-fire way to prevent skimming. Every time you swipe your card, there’s a chance someone could be attempting to carry off your info. Be aware of how and where your card is used to significantly decrease the likelihood of your personal and financial details being skimmed. Read more about credit card security to keep your personal finances safe.
When it comes to your overall loss after your ATM or debit card has been stolen or skimmed, the amount of your liability will depend on factors that include how quickly you report it and how much is stolen from your account. Call first and follow it up in writing to start an investigation.
Federal law limits a cardholder’s liability for fraudulent charges, under certain circumstances. For credit cards, generally your liability caps at $50 if you report it within two days. For a debit card, your liability is usually the same within two business days, but $500 if it has been more than two business days after you report it, but less than 60 calendar days after your statement. Anything more than 60 days, and you’re likely liable for all the money in your account. If you report fraud immediately, your liability could be $0.
Frequently asked questions
What does a skimmer look like?
Skimmers vary in appearance based on where they are located. YouTube offers many videos showing how you can spot one.
Do police investigate credit card skimming?
Generally, no. Cases of skimming are best resolved by your bank and FTC. However, you can still call your local police to inform them of recent skimming practices.
Will I have to pay for fraudulent charges made to my credit card?
Federal law limits a cardholder’s liability for fraudulent charges to $50, under certain circumstances. By calling your credit card’s customer service line, you’ll likely find they’ll waive even that amount.
When it comes to your overall loss after your ATM or debit card has been stolen or skimmed, the amount of your liability will depend on factors that include how quickly you report it and how much is stolen from your account. Call first and follow it up in writing to start an investigation.
Identity theft is a major problem. According to the Federal Trade Commission (FTC), there were more than 650,000 victims of identity theft in 2019, making ID theft the most-reported type of FTC complaint. Chances are good that you will encounter identity theft in your lifetime. That was the case for at least 1 in 10 Americans ages 16 and older in 2016, according to the most recent data from the Bureau of Justice Statistics.
Protecting your identity and privacy should be a priority for you, and knowing what identity theft is can help you prepare. There are many different types of ID theft, which can make safeguarding your personal information even more important—and more difficult. Let’s look at some of the most common examples of identity theft and what you can do to manage the risks.
Defining Identity Theft
The term “identity theft” is used a lot, often interchangeably with “fraud.” Though many instances of identity theft are committed for fraudulent reasons, the two are slightly different. If you are a victim of identity theft, you want to catch it before it becomes fraud.
According to the National Center for Victims of Crime (NCVC), identity theft is “the knowing transfer or use, without lawful authority, of another person’s identity with the intent to commit, aid, or abet unlawful activity.” In simpler terms, ID theft is the act of stealing another person’s information, like through mail theft, phishing, card skimming, unsecure Wi-Fi or a data breach. Fraud is when a criminal illegally uses that information for their own gain.
The NCVC calls the latter “identity fraud,” which encompasses crimes like credit card fraud, medical fraud, and Social Security number theft. Identity fraud can be financially driven, but is also committed out of other motivations. Someone might try to steal your passport or driver’s license information to travel unnoticed by law enforcement, for example.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Whether an ID thief uses your credit card or medical insurance, the cost to you can be big. Javelin Research found that the 2018 out-of-pocket costs for victims of identity theft were $1.7 billion.
Different Types of Identity Fraud
As a popular saying goes, “Know your enemy.” Let’s take a closer look at identity fraud types and preventative measures you can take to prepare yourself and protect your finances.
1. Credit Cards
Credit card fraud is by far the most prevalent type of identity theft, according to FTC numbers.
You probably store your credit card information with different vendors or subscription services. If you used your card once at a retail store, they’ll still have your information on file. If a data breach occurs at one of those businesses, someone may gain access to your credit card number and begin to make fraudulent purchases.
While it may be easier to catch a fraudulent charge on a card you have, it could be harder to spot a new account in your name. In the meantime, hard inquiries and high credit utilization due to fraud could wreck your credit score.
What you can do: Requesting a chargeback might help you avoid paying for specific fraudulent transactions, but checking your credit report will show you if the problem is deeper. Sign up for ExtraCredit to keep an eye on your credit report and scores at the same time to make sure that fraudulent accounts aren’t being opened or used. You can also request your free credit report from each of the three credit reporting agencies once a year to keep close control over your identity and credit profile. If you notice anything fishy, request a freeze immediately and file a report with the FTC.
Note: Due to the COVID-19 coronavirus pandemic, you can currently review your credit reports from each of the three credit bureaus for free each week, through April 2022.
2. Loans and Leases
Somebody with your personal information might try to apply for a loan online. Fraudsters may then be able to get financing to buy a car or real estate. The FTC has also reported fraud instances related to student loans and payday loans.
Loan application fraud is a challenge to track, but the impact is someone racking up debt in your name. When creditors come calling, it won’t be the thief who has to answer the phone.
What you can do: As with credit card fraud, regularly check your credit reports to watch for red flags. If you spot something, immediately contact the responsible financial institution. You may also want to file a police report or contact the office of the attorney general for your state. If you are the victim of loan/lease fraud, consider using credit repair services to help you recover.
3. Phones and Utilities
Mobile takeover fraud is a complicated scheme, but it’s a growing problem. Basically, it involves a fraudster using your information to access your smartphone and then lock you out. In the meantime, they can use your apps, read saved documents, or scam others by impersonating you. They might also harvest your personal and financial information that you have saved. The same might happen for an electricity or water account: A criminal finds a way in and consumes services that are ultimately billed to you.
The common theme with identity theft here is that if someone has your info, they can do just about anything with it. This includes opening up utility accounts in your name, getting free electricity, gas, water, internet or cable.
What you can do: Maintain strong passwords for all the accounts you have. If you need to, use a password manager to help you keep track of all the complex log-in credentials. Never, ever make your passwords using personally identifiable information, like a pet, birthdate, or home street. Should something happen, immediately contact your service provider.
4. Tax Fraud
Come tax time, a refund is a happy surprise for some Americans. Others may get a nasty shock when they’ve learned someone has claimed their return before they even file their taxes. Tax fraud typically occurs when someone has stolen your Social Security number, which they can then manipulate to falsely file a return and claim your refund.
What you can do: Under no circumstances should you give your SSN to anybody but trusted entities like the government, your bank, or your credit card company. Be wary of scammers posing as the IRS who will call or email you demanding your SSN information. This is a surefire sign of fraud. You can also opt to file your taxes early, thereby eliminating the opportunity for thieves to file for you and claim your return.
The IRS recommends watching out for various scams. If you believe you’ve been a victim, file a report on IdentityTheft.gov, call the IRS at 1-800-908-4490, and complete and submit the identity theft Affidavit.
Taking the Next Steps to Protect Your Identity
Identity theft is a constant threat, so you’ll always need to be on your toes.
Guard It from ExtraCredit provides you with proactive alerts, dark web monitoring, account monitoring, and $1 million in ID theft insurance. Sign up today or read more articles about identity theft and fraud.
According to IBM’s annual Cost of a Data Breach report, the average cost of a data breach to an organization in 2021 was 4.24 million dollars. That’s the highest average figure in its 17-year history. Most of these breaches were the result of compromised user credentials (where an attacker is able to gain unauthorized access to an account) and are often more costly where remote working is involved.
These breaches aren’t just costly for large enterprises, though. Many small organizations fail to recover from a serious data breach (where the average cost is just under $700,000), with 60% of them going out of business within 6 months of an attack.
But of course, we can also fall victim to cyber attacks as individuals, and the cost to us can be significant, too. If you’ve been unlucky enough to have been a victim of a data breach, or (worse), identity theft, you’ll know that you can lose eye-watering and potentially crippling sums: this hacking victim lost over $13k in 2020.
But when we talk about the cost of a cyber attack to an individual, we’re not talking simply about financial losses.
How to Avoid a Cyber Attack
Psychologically, the after-effects of a cyber attack can be damaging. The feeling that you’ve been manipulated by a stranger (and your personal data has been ‘invaded’) can be deeply unsettling. It can lead to a serious loss of confidence, and make you increasingly wary of trusting others. It can cause embarrassment, too, as a victim of a hack can be made to feel as if it’s their fault.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
In the most extreme cases (where a cyber attack has led to a significant loss of funds or even the loss of a job) the effect can be even more harmful, leading to stress, anxiety and even depression. Whatever the financial cost of an attack, the emotional cost is often far more significant in the long run.
Fortunately, there are a number of steps you can take to secure your data and ensure you’re aware of the threats you might face while online.
Check If Your data Is at Risk
Without knowing it, your data might have already been involved in a breach. A breach usually occurs when a hacker gains access to the database of a service or company which contains users’ private information, including (but not limited to) usernames, passwords, email addresses and, in the worst cases, bank account details. If you’ve been involved in a data breach, some of your personal information might have been made public without you realizing, which could put you at risk of identity theft.
But don’t panic. You can check if your email address or phone number has been exposed in a data breach by going to Have I Been Pwned. If any of your accounts may have been compromised, change those passwords immediately, and make sure you’re not reusing the same passwords across multiple accounts.
Use Strong Passwords
Speaking of passwords, nearly a quarter of Americans have admitted to using a password like “password” or “123456”. These should clearly be avoided, as they’re easily guessable and won’t take long for a hacker to crack. The longer and more complex a password is, the stronger it is. You can check the strength of your passwords at Security.org.
Using a “passphrase” (a series of unrelated words with spaces in between) is often more effective than using a simple combination of letters and numbers, as these can be harder to crack. This can help to protect your accounts from threats like brute-force attacks, in which attackers will submit vast numbers of possible passwords in an effort to guess correctly.
Protect Your Website(s)
This action may not apply to you, of course — but if you happen to run a website (for a small business, perhaps, or even just a hobby such as blogging) then your personal information is inextricably linked to it, and it can be a huge point of vulnerability. If someone gains access to it through a CMS exploit or a comparable weakness, they can learn your passwords, uncover private information, or even hold the site hostage in an effort to extort you.
Keeping extortion efforts at bay is largely a matter of investing in technical safeguards. Top managed hosting platforms are particularly good at keeping ahead of potential attackers, and some (e.g. Cloudways with its 2022-launched Cloudflare CDN integration) are investing in native features that make it all but impossible for run-of-the-mill hackers to gain access. Overall, though, the biggest thing you can do is refrain from storing any sensitive information on your website. Anything intended for public viewing inevitably makes a bad storage vault.
Beware of Suspicious Emails
One of the most common ways individuals fall victim to cyber crime is through phishing attacks, a type of ‘social engineering’ where an attacker sends a fraudulent email to an intended victim enticing them to click a suspicious link or hand over personal information. Phishing emails often appear as though they’re from a legitimate organization (like your bank, for example) but there are some classic signs to look out for.
Check the email domain (the bit after the @ symbol) to see if it looks legitimate. If it’s misspelled (or a public domain like gmail.com) it could be a scam. Next, check for poor spelling and grammar in the body of the email, as phishing attempts are often shoddily written. If you have the slightest suspicion that the email may not be legitimate, do not respond or click any links in the email. To ensure you’re aware of the telltale signs, IT Governance has produced a handy guide on the ways to detect a phishing email.
Update Your Software
Cyber threats are constantly evolving, with hackers developing newer, more sophisticated ways to gain access to our devices and our personal data. That’s why it’s so important that our operating systems and software programs are always updated to the latest available versions. These newer versions will fix previously discovered vulnerabilities and offer greater protection against emerging threats.
If you’re still using an outdated operating system, for example, it may contain weaknesses that can quite easily be exposed by an attacker, especially if those weaknesses are public knowledge. Use a tool like Soft4Boost to check for out-of-date and potentially vulnerable software, and update to the latest supported versions where necessary.
Secure Your Devices
It’s also important to protect our physical devices, as a lost or stolen device could present an easy opportunity for an attacker to gain access to your personal data. Ensure a password or PIN is always required to access the device (and don’t use anything easily guessable like 0000 or 1234). Many devices now enable facial recognition or fingerprint access, so enable these functions where possible. When you’re not using your device, make sure it’s locked.
Backing up your data is essential, too, so that it can be recovered in the event of a data breach. Most computers will include a backup facility, while mobile phone data can usually be backed up using cloud storage. Finally, beware of unsecured public Wi-Fi networks (where no password is required for access) as these are often prime targets for an attacker, and disable your Bluetooth function when you’re not using it.
Although the number of identity theft cases fell from 16.7 million in 2017 to 14.4 million in 2018, the number of people held financially liable in these cases and the amount of their losses increased, according to the Insurance Information Institute. These identity theft statistics show that identity theft is still a major concern and consumers need to be on high alert to avoid becoming the next victims.
Today, criminals don’t need physical access to your financial documents to wreak havoc on your life. They can simply find your personal information online and use it to steal your identity. Fortunately, in the age of cybersecurity, you can fight back.
How Our Daily Activities Are Digitized and Prone to Data Breaches
Thanks to the Internet of Things, easily accessible Wi-Fi, and other technological advances, we’re almost always connected to others. You can chat with family across the country through video chat, watch a video online for a recipe you’re preparing, and add items to your grocery list all at the same time. While this technology can make our lives easier, in many ways, it can also make us more vulnerable to attack.
Every digital activity leaves a footprint and a possible access point for criminals. Everywhere you go, there’s data stored about you. The International Data Corporation prepared the 2020 Thales Data Threat Report, which revealed that nearly half of U.S. companies have experienced some type of data breach at some point. Furthermore, researchers estimated that at least 26% of U.S. companies have experienced a data breach within the last year.
If that’s not concerning enough, a University of Maryland study found that a hacking attempt occurs every 39 seconds. If you’re not careful, hackers can infiltrate your digital bubble and steal your sensitive information.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Common Types of Identity Theft and Their Consequences
According to the 2020 Data Breach Investigations Report (DBIR), some of the most common data breach attempts include:
Credential stuffing – Credential stuffing occurs when many username and password combinations are inserted to try to gain access to an account. According to the DBIR, an average of 922,331 attempts were made at organizations that experienced this type of attack.
Malware – Malware is a type of virus that infiltrates your network, often to steal information, such as your personal data and identification. Malware usually relies on exploiting a system’s vulnerabilities.
Ransomware – Ransomware takes a hold of an account and blocks out the authentic user. To regain access, you are instructed to pay a large ransom.
Phishing – Phishing attempts that try to get you to hand over your credentials by pretending to be your bank or other trusted sender are increasingly using social engineering to trick you, according to the DBIR. An example of this type of attack was committed by Chinese hackers who breached an email system of a Mumbai branch to learn the rhythm of the business, identify important members of the business, and learn its vocabulary and customs. The hackers ran off with nearly $19 million.
A newer method to try to steal identities is account takeover fraud in which the criminal gains access to your account and then changes information about it so that you’re not informed of luxury purchases or cash withdrawals.
Identity theft can cause tremendous damage to your credit. It often takes months or longer to learn about the theft and the accounts affected, so by the time you notice, the thief could have been racking up thousands of dollars of debt in your name and not paying on any of it. Additionally, you can face additional legal consequences, such as having your wages garnished or being sued. Once your information is stolen, it can be difficult to stop the damage because your information might be sold on the dark web.
How to Avoid Identity Theft
It’s more important than ever to be vigilant about protecting your identity online since more people are working from home and logging into public Wi-Fi than ever before. Here are some tips to help you avoid identity theft:
Keep an eye on your credit and changes in your score
Avoid accessing any financial data from an unsecured network
Consider using credit monitoring tools
Use strong passwords and don’t repeat passwords across various sites
What to Do If You’re a Victim of Identity Theft
If it’s already too late and you suspect someone has already stolen your identity, it’s time to move on to damage control. You might want to freeze your credit so that no one can apply for new credit in your name. Order a free credit report and carefully review it for any unauthorized accounts or changes.
Report the theft to law enforcement. You might need to make a police report and provide a copy to your creditors. The FTC’s website has additional resources for identity theft victims.
Sure, your child needs to be 15 before becoming an authorized user on a credit card account, 18 before signing a binding loan agreement, and 21 before applying for a credit card without a cosigner or some income to pay the bills. But long before that, they are “eligible” to have their identity stolen. In fact, according to a Child Identity Fraud Survey conducted by Javelin Strategy & Research, 1 in 40 households with children under age 18 had at least one child with personal information compromised by identity fraud in 2012.
Fortunately, there are ways to protect your kid from becoming a victim of child identity theft. For starters, parents can request credit reports for children under 14; children 14 and over can request a copy of their own credit reports. There are also credit monitoring services they can employ if they’re worried their kin’s personal information fell into the wrong hands. Here’s how to use credit monitoring to protect your child’s identity.
Why Is Your Child at Risk of Identity Theft?
Identity thieves are targeting children 18 and younger, swiping their Social Security numbers and applying for credit accounts in their names and piling up charges. Why? Because children aren’t in the habit of checking their credit. In fact, they often won’t even have a legitimate credit report unless something’s amiss. Remember, credit reports are a detailed account of your credit history, so until your child becomes an authorized user on your credit card account or gets a student loan, for example, they won’t leave a paper trail. In the meantime, thieves can wreak havoc by opening up bank accounts, credit lines, service contracts like a cellphone plan or more if they get their hands on a kid’s Social Security number.
A stranger who accesses a child’s Social Security Number, a dishonest family member or a friend of the family with access to a child’s personal records may commit this crime. Foster care children are particularly vulnerable to child identity theft because of the number of people who have access to their Social Security numbers.
How Can I Monitor My Kid’s Credit?
To protect your child, get in the habit of monitoring his or her credit reports. Reach out to each of the three major credit reporting agencies — Equifax, Experian and TransUnion — and request copies of your child’s credit records.
You will need to provide each credit reporting agency with your child’s name, address, date of birth, plus copies of your child’s birth certificate and Social Security card. You will also need to provide a copy of your driver’s license or other government-issued identification card and a utility bill showing you live at your current address.
Remember, children generally won’t have credit file unless you’ve added them to a credit card account in your name, so the mere fact that a bureau can generate a credit report for your child could be a sign that something’s amiss. Other signs that your child’s identity may have been stolen include:
Pre-approved credit card mail solicitations in your child’s name
Calls from a debt collector asking to speak to your child
An unexpected denial when you go to open up a bank account for your child
The arrival of cell phone or utility bills in your child’s name
If you discover your child is a victim of identity theft, be sure to report the fraud to the local authorities and the Federal Trade Commission.
What Is Credit Monitoring?
A credit monitoring service keeps tabs on your (or your child’s) credit report and notifies you of any changes that may occur. The major credit bureaus offer their own credit monitoring services, along with many of the major financial institutions and credit card issuers. Some services are even specifically designed to monitor a child’s identity.
Of course, prices for credit monitoring can vary, so it’s a good idea to shop around and compare and contrast them carefully. It’s also a good idea to thoroughly vet any company you’re considering. You can check out their record with online review sites, the Better Business Bureau, the Consumer Financial Protection Bureau or even your state Attorney General’s office.
How Can I Monitor My Own Credit for Identity Theft?
If you’re worried about your own identity being compromised, you should monitor your financial accounts regularly — daily if possible. The earlier you can spot unauthorized charges, the faster you can alert your financial institution and fix the problem.
Monitoring your credit regularly is also important. You should pull the free copies of your credit reports you can get once a year from each of the major credit reporting agencies at AnnualCreditReport.com. Signs of identity theft include mysterious addresses, unfamiliar credit inquiries and a major drop in your credit scores. To keep a closer eye on your credit, you can monitor two of your credit scores for free on Credit.com.
Jeanine Skowronski contributed to the reporting of this article.
This article has been updated. It was originally published August 21, 2014.
Cyber-attacks are on the rise as hackers and criminals learn about and adapt to methods put in place by government agencies to prevent scams. The FBI’s Internet Crime Complaint Center (IC3) reported monetary losses totaling more than $1.4 billion in 2017. [1]
While anyone, regardless of age, can be a target of common money scams, many hackers specifically target seniors. Nearly 17% of reported cyber crimes in 2017 came from victims over the age of 60. And with losses of over $342 million, seniors are losing more money to scams than any other age group. [1] Considering the average age of retirement in the U.S. is 60, this trends is a serious threat to the financial security of many Americans as they enter retirement.
With an empty nest and retirement on the horizon, your senior years should be the time to pursue your passions—not get scammed out of your hard-earned savings.
This guide covers the basics of recognizing and preventing common online money scams, plus provides tips to help seniors navigate the online world safely.
Table of Contents:
Why Scammers Target Seniors
Pew Research shows that seniors are adopting technology, such as the Internet and smartphones, more than ever before. [2] If you’re among the technology adopters, you know how great technology is for connecting with your children and grandchildren who live far away and with friends you haven’t seen in years.
Con artists and scammers exploit seniors online believing that they aren’t Internet-savvy, despite many proving otherwise. Here are a few of the reasons seniors are a frequent target of scams online:
You generally have larger savings accounts and valuable assets.
You’re perceived as more trusting and polite.
You may not recognize and report the scam right away.
As you age, cognitive function and physical ability declines.
How to Recognize a Money Scam
As online scammers get increasingly sophisticated, certain types of fraud can be hard to spot even for the most adept Internet user. To keep from falling victim to scammers’ tactics, make yourself aware of common warning signs and stay vigilant. A gut feeling is always a good place to start. For example, if something feels too good to be true, it probably is. Also, if a request from someone you know feels out of character, trust your instincts and do your research before taking action.
An easy way to know if something is a likely con is to use the three U’s for identifying money scams.
Unexpected: If you receive an email from someone you trust making an unexpected or unusual request for money or personal information, contact them personally to confirm.
Urgent: If the tone of the message is threatening or asks you to act immediately, take time to think it over or tell a friend before acting. If you’re still unsure, check the IC3’s Alert Archive to see if there have been other incidents of the same scam.
Unsecure: Make sure the address bar reads “https://” and not “http://” when entering personal or financial information online. If a URL begins with “https://” that tells you the site is secure and protects information that’s transmitted. If you provide sensitive information to an unsecure site, it can easily be stolen.
Top 10 Online Scams That Affect Seniors
Scammers see senior citizens as easy victims, but you can prove them wrong by educating yourself on some of their common schemes. They often use things like healthcare, retirement savings and online dating to lure unsuspecting seniors into giving over their personal information. Here are 10 of the most common online schemes that target seniors.
1. Medicare Scams
If you’re 65 or older, you might rely on Medicare for your health coverage. Scammers know this and whenever Medicare sends out new cards or makes changes to its policies, they capitalize on opportunities to steal personal information. This can be done over the phone or by email. The scammer claims to be a Medicare representative and insists there’s a fee associated with getting you a new card or that your card has been compromised—neither of which is true.
According to Medicare.gov, “Medicare, or someone representing Medicare, will never contact you for your Medicare Number or other personal information unless you’ve given them permission in advance.”
How to protect yourself: Don’t respond to the email and mark it as junk or spam. If you need to speak with Medicare, call them directly at 1-800-MEDICARE (1-800-633-4227).
2. Health Insurance Scams
In order to make a profit, criminals may try to offer you health insurance plans that have little to no real value. In some cases, they may be selling discount cards or limited-benefit plans, but rarely explain how limited the coverage really is.
How to protect yourself: Never purchase insurance on the spot. Do your research on the company and thoroughly read the details of the coverage offered.
2. Counterfeit Medications
This scam is especially dangerous because it can cost you not only your money but your health. Prescription drugs aren’t cheap, and most seniors are dependent on a medication or two to maintain their health. Scammers exploit this by offering fake prescription medications for purchase online at a low cost. The number of counterfeit medication scams under investigation by the FDA is up four times since the 1990s. [3]
How to protect yourself: Always go through licensed medical professionals to get any prescriptions and pick up your medications at a local pharmacy. If you enjoy the convenience of ordering online, many reputable pharmacies allow you to refill your prescription online or have your medications delivered.
3. Phishing
Scammers often capitalize on your trust in people and institutions by posing as them in emails, on calls or in text messages. For example, the Social Security Scam is a form of phishing where scammers pose as government officials who need your social security information. Once they’ve gained your trust, they use that to gather personal, sensitive information like your Social Security number, bank/credit card information and/or passwords.
How to protect yourself: Always check the sender’s email address or phone number before clicking any links in emails or messages that request personal information.
4. Dating and Romance Scams
Online dating can be great for people of all ages—seniors included. But it’s important to practice the same kind of cautions online as you do in real-world dating. Online dating scams are one of the biggest and most costly scams, and scammers can break your heart and bank account if you’re not careful. It’s a red flag if someone builds a rapport with you only to turn around and ask for money. Even if the request seems heartfelt, like wanting to come see you, it could still be a play solely for money.
How to protect yourself: Take things slow, do your research and never send money to someone you don’t know personally. Even if you’ve met them, run the other way if they ask for money after you’ve known them only for a little while.
5. Investment Scams
In these cons, scammers take advantage of your need to build or maintain retirement savings. A lot of seniors are concerned about making their money last, which makes them vulnerable to ads or requests that promise high-profit, no-risk investments.
How to protect yourself: Stop and think, “Is this too good to be true?” Never accept an offer on the spot. If you’re not sure, talk it over with a trusted friend or check the IC3’s Alert Archive along with other online sources, such as the Scams and Frauds page on USA.gov.
6. Homeowner Scams
Seniors are at a point in life where they’re more likely to own their homes. While some may want to stay right where they are, others have grand dreams of moving to a new location—maybe somewhere warmer. In this scenario scammers work to identify the value of your property and then offer you a reassessment—for a fee, of course.
How to protect yourself: If you want to move, only work with a reputable realtor or go the for sale by owner route.
7. Sweepstakes and Lottery Scams
These scams use a surprise factor to trick you into thinking you need to click something to “claim a prize.” It can come as an email, a web pop up or even within a web page you’re reading.
How to protect yourself: If you receive an email that claims you’re a winner, it’s almost guaranteed to be a scam. On the off chance that you actually signed up for a sweepstakes, check your email inbox to see if you have a confirmation of your signup from the same email address. Better, yet, pick up the phone and call the company before you click on a link in an email or on a website.
8. Fake Charities
Seniors may feel more compelled to donate to those in need or contribute to disaster aid, but unfortunately fake charities often try and get donations after a natural disaster.
How to protect yourself: Do your research. Call a number to speak with someone from that charity or search the charity name and a phrase like “scam” or “fraud” in Google. You can also use the organizations listed by the FTC to research reputable charities.
9. Malware Scams
Using antivirus software is a great way to protect yourself from fraud. Unfortunately, scammers often pose as antivirus providers and instead install malware on your computer. These advertisements are often pop ups or web page ads.
How to protect yourself: Make sure anything you download to your computer is from a reputable source and never give anyone you don’t trust remote access to your computer.
10. Threats and Extortion
These types of scams utilize fear to get the desired outcome. Typically the scammer tells you that something terrible is going to happen if you don’t give them money or personal information.
How to protect yourself: Never act impulsively. Consider whether the scenario seems realistic. If you’re unsure or scared, talk to a friend. If the caller acts like a relative, hang up and call them back to ensure it is, in fact, your relative and not a stranger pretending to be your relative.
How to Protect Yourself Online
It’s good to know the basics about scams and the accompanying warning signs, but there are steps you can take to further protect your computer and online identity from fraud including. settings, tools and government resources.
Keep your firewall turned on. A firewall monitors incoming and outgoing network traffic to prevent unauthorized access to and from a private network. It protects your computer from hackers attempting to crash it or gain sensitive information.
Keep your computer’s operating system up-to-date. Make sure your computer software is up-to-date. You can usually subscribe to automatic updates online. If you keep your system updated, your computer will continue running smoothly and you’re sure to have the latest fixes for any security holes.
Turn on two-factor authentication. Two-factor authentication requires both a password and an additional piece of information to access your account. The second piece of information is typically a message sent to your phone or a code generated by an app or token.
Look out for unsecure networks and websites. If you get a warning message saying “Unsecure Wi-Fi Detected,” don’t visit any banking websites or store any passwords while on that network.Also, most browsers will warn you when you visit an unsecure site. The feature should already be enabled on most computers, but if not, make sure you enable this setting.
Install or update antivirus software. Antivirus software prevents malicious software programs from installing on your computer. Malware programs allow others to see your computer activity. Be wary of any ads on the Internet for these types of software as they are often not real solutions and instead are fraudulent.
Use a password manager. A password manager, like LastPass or Dashlane, lets you have a unique, strong password for every secure website—in other words, not your grandchild’s birth date. You won’t have to remember them all, because the password manager stores and encrypts your passwords for your protection.
Check your credit often. Major changes toyour credit can indicate potential fraud. Consider signing up for a free credit score and checking it every few weeks as a way to watch for changes.
Find Information About Active Scams
What To Do If You’re the Victim of a Scam
The best thing to do if you suspect you’ve been the victim of a scam is to report it. IC3 chief Donna Gregory says, “We want to encourage everyone who suspects they have been victimized by online fraudsters to report it to us.” IC3 receives over 800 complaints a day on average, so don’t let embarrassment keep you from reporting something.1 Reporting a scam helps law enforcement investigate similar scams and take action to bring the scammers to justice.
Steps to Take After Fraud
To report a scam, file a claim online at www.ic3.gov. You’ll be asked to provide complete information about the crime as well as any additional relevant information.
Once you’ve reported the scam to authorities, you also want to take action against any other loss. IC3 recommends that victims take actions, such as contacting banks, credit card companies and/or the credit bureaus to block accounts, freeze accounts, dispute charges or attempt to recover lost funds.
Keep a close watch on your credit reports and consider using credit monitoring tools.
In February 2018, the Justice Department made a coordinated sweep of elder fraud cases that resulted in several initiatives to reduce the number of annual cases. [4] This included building local, state and federal capacity to fight elder abuse, supporting research to improve elder abuse policy and practice, and helping older victims and their families.
Each year the number of Internet crimes increases and scammers become more sophisticated, but spreading knowledge and awareness is one of the best ways to combat the issue. Arming yourself with a basic understanding of the dangers online can help you protect yoursel f from fraud.
Additional Resources
Sources:
1 Federal Trade Commission Latest Internet Crime Report Released
2 Pew Research Center Tech Adoption Climbs Among Older Adults
3 National Council on Aging Top 10 Financial Scams Targeting Seniors
4 United States Department of Justice Justice Department Coordinates Nationwide Elder Fraud Sweep of More Than 250 Defendants
With most of the year under our belt, the holiday season is just around the corner. No matter what you celebrate, this season is full of food, celebrating and spending time with loved ones.
While you’re hard at work prepping for the holiday season, scammers are too. A survey conducted by Experian found that a full 1 in 4. Americans have been a victim of identity theft or fraud in the holiday season. If you’re worried about scammers this year, don’t worry—we’ve got tips on how to look for holiday shopping scams this season.
When the pandemic hit in early 2020, COVID-19 scams became a popular method for criminals to get access to your information and steal your identity. However, the holidays are when these scammers go into overdrive, meaning it’s important to be extra cautious as you do your online shopping and holiday giving. Here are some of the most common holiday shopping scams to be aware of.
Illegitimate Charities
Many people use the holidays as a reason to be a bit more generous, but be careful before you make that donation. Many scammers create fake charities in an attempt to get you to donate. They get your money—and possibly access to your identity info—and no good ever comes from that generosity.
Check for social media presence, news stories, financial records and proof that any charity you’re considering donating to actually exists and has a good reputation.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Fake Online Stores
Online shopping is a convenient way to check off all the items on your list without having to actually brave the holiday crowds. However, it’s important to ensure that the sites you’re shopping from are actually legitimate. Scammers create fake online storefronts—sometimes even mimicking well-known retailers—and you don’t know it’s fake until the merchandise never comes or you start seeing evidence of identity fraud.
Empty Gift Cards
Gift cards are the perfect choice if you’re not sure what someone on your gift-giving list wants or if they like to pick out items themselves. But selling gift cards that have a $0 balance or have already expired is a common and remarkably easy scam. This happens most often on local sales sites, such as Craigslist and Facebook Marketplace.
Email Scams
Have you ever gotten an email about something you bought online—but you never actually purchased anything from that retailer? Maybe the email said you needed to reset your password or gave you a link to track your package. These are phishing email scams designed to get you to enter your personal info so scammers can use it for identity theft.
Shipping Problems
One of the biggest worries that comes with online shopping—especially with the supply chain issues that have come as a result of the COVID-19 pandemic—is whether the gifts will arrive on time. Criminals capitalize on this fear by sending out emails, texts and other communications letting you know there’s been an issue with your package. You’re asked to provide personal information such as your address, credit card info and birth date to confirm your order, but all you’re really doing is giving scammers the information they need to steal your identity.
While the holidays are a common time for shopping scams, it doesn’t mean there’s nothing you can do about it. Learn what to look for and how to protect yourself from identity theft with these tips.
1. Pay Attention to Website URLs
Online searches can lead you to scammer-run websites that unleash computer malware or collect credit card numbers for identity theft. Carefully read website domain names. Watch for unfamiliar vendors or missing letters, misspellings or other tweaks to the name of a legitimate company. Pay special attention to the last letters. For example, tiffanyco.mn indicates a Mongolia-based website, not the legitimate website for Tiffany & Co., tiffany.com.
2. Make Sure the Site Is Legitimate
Before ordering, check the “Contact Us” page for a phone number and physical address and the “Terms and Conditions” link detailing return policies and such. Unlike legitimate vendors, bogus websites are less likely to post these—or they’ll provide them in a suspicious manner, such as via a faxed request only.
How do you know if a holiday website is legit? Check the Better Business Bureau as well as Facebook and Google reviews before you buy from a new place. If the business doesn’t have any social media or online presence other than the website, that’s a red flag.
3. Only Buy Gift Cards From Retailers
Buy gift cards directly from the retailer and avoid shopping for discount gift cards through local swap sites. You may also want to buy gift cards online or from the checkout instead of the display racks, which are less secure. Fraudsters can peel off stickers to glean gift card codes, replace them in envelopes and wait for an unsuspecting shopper to buy them. Once purchased and activated, they enter stolen codes at the retailer’s website to make online purchases—leaving the intended recipient with a useless card.
4. Look for HTTPS Sites
When buying online, check the URL to see whether the website starts with “http://” or “https://.” The “S” is for “secure” and is your best bet for safe shopping. Some legitimate retailers may use http sites, but your information is much more vulnerable to attack in this case because it’s easier for hackers to get to it. Even with a secure page, avoid using public Wi-Fi hotspots for online shopping or other financial transactions.
5. Use Prepaid Gift Cards for Online Shopping
Consider buying prepaid cards for online shopping instead of using your actual debit or credit card. These cards are often reloadable for ease of use, and if your information does happen to be stolen, hackers will only have access to the amount on the card and not your entire bank account.
6. Take Care on Craigslist
On Craigslist or when answering local classified ads, deal only with sellers who provide a phone number you can verify. Don’t rely solely on email correspondence. Assume any request for wire-transfer payment is a scam, and be suspicious of prepaid debit card transactions. Using PayPal or a credit card is your safest bets.
7. Avoid Deals That Seem Too Good to Be True
Stay clear of prices from private sellers that seem too good to be true or are tied to hard-luck stories, such as a need to sell quickly because of divorce or military deployment. No one is selling the latest gaming console for only $50, no matter how hard up they are. These are common scams to get advance payment—and you’ll likely get no merchandise.
8. Don’t Open Holiday E-Cards From People You Don’t Know
Delete E-Cards or general holiday emails if you don’t know the sender. These mass-sent greetings likely contain malware. Legitimate card notifications should include a confirmation code to safely open the card at the issuing website.
9. Beware of Undeliverable Package Emails
Avoid emails claiming that FedEx, UPS, DHL or the U.S. Postal Service has an undeliverable package with links for details. The links will install malware that can log keystrokes to steal computer files and passwords. Unless you previously provided an email address, courier services won’t contact you this way. This scam baits you to call for details—at which point you’ll be tricked into making an expensive overseas call or revealing your personal and financial information. Look up the callback number yourself if you’re curious.
Gearing up for the holidays? Go ahead and enjoy your holiday shopping this year. Just be a little careful—keep an eye out for anything suspicious and make sure that any website you buy from is legitimate.
If you’re worried that you might already be a victim of identity theft or just want to keep a closer eye on your credit, ExtraCredit can help you know what’s going on with your credit report and spot identity theft as soon as it happens.
Identity thieves are almost always opportunistic—but the crimes they commit feel very personal. Unauthorized credit card charges, bogus loan applications, missing money, and other financial violations make fraud a major nightmare. To keep fraud in check, you need to know how to check your credit report for identity theft, and how to deal with problems when they arise.
In this post, we’ll talk about the warning signs of identity theft—and then we’ll show you how to stamp out fraud before it starts.
Warning Signs of Identity Theft
How Do I Check My Credit for Identity Theft?
To avoid falling victim to identity theft, examine your credit report regularly. You can access a free copy of your credit report from all three bureaus—Equifax, Experian, and TransUnion—once a year. (Through April 2022, you can get free weekly copies of your reports.) You can also use a tool like Credit.com’s Credit Report Card or ExtraCredit to monitor your credit.
When you download your credit report with ExtraCredit, you’ll see a list of positive accounts, late accounts, collections, public records, inquiries and account balances. Your credit report contains a lot of information about you and about your financial habits, and if that information changes unexpectedly, it can indicate identity theft. Here are five of the biggest fraud warning signs to watch out for.
Warning Sign 1: Incorrect Personal Information
Sometimes, incorrect personal information is the result of an innocent mistake. Other times, it means something sinister is going on. If you see your name misspelled, a wrong phone number or address, or an incorrect Social Security number on your credit report, investigate immediately.
I just watched a documentary on the dark web, and I will never feel safe using my credit card again!
Luckily I don’t have to worry about that. I have ExtraCredit, so I get $1,000,000 ID protection and dark web scans.
I need that peace of mind in my life. What else do you get with ExtraCredit?
It’s basically everything my credit needs. I get 28 FICO® scores, rent and utility reporting, cash rewards and even a discount to one of the leaders in credit repair.
It’s settled; I’m getting ExtraCredit tonight. Totally unrelated, but any suggestions for my new fear of sharks? I watched that documentary too.
…we live in Oklahoma.
Warning Sign 2: Lender Inquiries You Don’t Recognize
Credit bureaus keep the details of companies who ask for information about you on record for at least two years. Promotional inquiries and account review inquiries are nothing to worry about, because they’re preapproved credit offer inquiries or inquiries by companies you already do business with.
Hard enquiries from companies you don’t recognize are a different matter. Sometimes, fraudsters make a lot of credit card and personal loan applications in a short period of time, so if you see a recent list of unknown inquiries, someone might be trying to steal your identity.
Tip:Sometimes, the name of a financial institution doesn’t precisely match the name of the company checking your credit. Car dealerships, for example, sometimes run a series of credit checks via different finance companies—so it’s worth double checking before filing a fraud complaint.
Warning Sign 3: Accounts You Never Opened
Only your own accounts—including accounts that you’ve cosigned and for which you’re an authorized user—should appear on your credit report. If you find an unknown account on your credit report, one of two things has happened:
Your credit information has been commingled with someone else’s information by mistake
Your credit has been compromised by a fraudster
If you find an unknown account on your credit report, contact the relevant lender right away and tell them what’s going on.
Warning Sign 4: You Credit Utilization Goes Up
If you suddenly owe more than before and you haven’t changed your spending habits, someone else might be splurging on your behalf. Check your credit card statement very carefully and flag any suspicious transactions straight away. Most credit card companies have a maximum 120-day limit for chargebacks, so it’s important to review purchases regularly.
Warning Sign 5: Your Score Goes Up or Down Unexpectedly
Credit scores change over time. When negative information falls off your credit report after a certain period of time, your score increases. On the other hand, if you apply for too many loans or credit cards in a short space of time, your credit score could take a hit. If your credit score changes dramatically—especially if it’s for the worse—dig deeper.
Warning Sign 6: Public Records You Don’t Recognize
Negative public records can substantially impact your creditworthiness. Bankruptcies, for instance, often remain on record for up to a decade. If you see public records you don’t recognize, alert the issuing agency without delay.
Tip:Liens and civil court judgments used to appear on credit reports, but credit bureaus no longer collect information about those types of public records. Bankruptcies are now the only public records included on credit reports.
Can Someone Steal Your Identity with Your Credit Report?
Your credit report contains a lot of personal information, so it’s a goldmine for identity thieves. With a copy of your report in hand, a potential fraudster might be able to see:
Full name
Birth date
Social Security number
Current and past home addresses
Phone number
Accounts held in your name
Payment records
Public records, including bankruptcies
Many other valuable personal and financial details
Credit report content sometimes varies according to the credit bureau.
If thieves need more information after accessing your credit report, they often choose to misrepresent themselves to get it. Phishing and smishing scams are when criminals pretend to be legitimate financial institutions—or government agencies like the IRS—to get personal information from victims via email or text.
What Is the Safest Way to Check My Credit Report?
You can check your credit report quickly and easily with Credit.com’s ExtraCredit monitoring service. ExtraCredit includes five helpful tools, which help you monitor, build, earn, protect, and restore your credit profile. Two tools in particular can help you avoid or combat identity fraud: Track It and Guard It.
Track It
With ExtraCredit’s Track It tool, you get access to all three credit bureau reports. You can also monitor 28 FICO® scores—the real scores lenders see when they consider auto loan, credit card, and mortgage applications. Track It also includes a helpful credit monitoring tool, which gets updated every month. If something suspicious happens, you’ll notice right away.
Guard It
Many hackers sell consumer information on the dark web. Nefarious individuals use software, specific net configurations, or special authorizations to access the dark web. Thankfully, ExtraCredit’s Guard It tool actively monitors the dark web for consumer information and sends out security alerts when data breaches happen. You also get a $1 million ID insurance policy when you sign up with ExtraCredit.
Get Identity Theft Protection
Identity theft is a big problem in the United States. There were 650,572 cases of identity theft in America in 2019—and over 270,000 of those cases involved credit card fraud. If you see an unknown address or notice an unknown credit card on your credit report, flag it up right away. Tools like ExtraCredit from Credit.com make it easier to monitor your report on a monthly basis, so you can rest more easily.