Beware of Digital Kidnapping

Most parents warn their kids against taking candy or accepting a ride from a stranger, but there’s a digital equivalent to conventional kidnapping that is unknown to many people. Digital kidnapping happens when a crook takes control of a target’s social media profiles and holds them until a ransom is paid. It can also involve “kidnapping” photos that are posted on social media pages. Here’s what you need to know about digital kidnapping and how to protect yourself from falling victim. 

How the scams play out

In a digital kidnapping scam, a hacker or ring of scammers will take control of one or more of a target’s social media profiles. The target will be effectively locked out of their own social media accounts and will be unable to access or update them. Once the scammer has control of the profile, they’ll contact the target, demanding a hefty ransom in return for access to the account. They may even threaten to post damaging or humiliating content on the social media profile unless the ransom is paid.

In another version of this scam, hackers will “kidnap” a photo of a child or baby off an unsecured social media account. They will post these photos in their own accounts, using the picture-perfect moments to create a fantasy world of their own. In a creepy twist of reality, they’ll pretend these are snapshots of their own family. They may use this fake world to help them create an imaginary escape, or to draw traffic to their own public accounts. Sometimes, they’ll utilize these photos to help build a bogus story, such as a baby being put up for adoption, or a charitable fund to benefit a child whose parents are struggling financially. Unfortunately for the actual parents, it can be months or years before they find out that their child’s picture is splashed across a public account with thousands of followers. 

If you’ve been targeted

If you believe you’ve been targeted by a digital kidnapping scam, there are steps you can take to mitigate the damage. First, alert the company that owns the social media platform to let them know your account has been compromised. They’ll likely have specific instructions for you to follow to ensure your account remains safe. They may even advise you to close the compromised account and open a new one. Next, tip off the Federal Trade Commission (FTC) and local law enforcement agencies which can help you determine whether it makes sense to pay the requested ransom. Finally, clean up your accounts and make sure there is no identifying or potentially dangerous information being posted on a public forum.

Protect yourself

The best way to protect yourself from digital kidnapping is by keeping your accounts private and secure. Always choose the strongest security settings on your devices and opt for private social media accounts across every platform. This will limit your audience to by-invitation-only viewers while helping to keep hackers and creeps away. 

It’s also a good idea to be mindful of what you post, and how often you post it. Even when using the strongest security settings, sharing a picture online essentially means sharing it with the public. You never know who may be trolling your accounts or looking for pictures to “adopt” as their own. Think three times before posting a picture of your kids. Extra caution is advised for those with super-cute kids.

Finally, be sure to follow basic online safety rules to avoid giving a scammer access to your accounts. Use strong, unique passwords for each of your online accounts and change up your passwords every six months or so. Avoid using public WiFi unless absolutely necessary. Accept every security and software update offered for your device to keep them operating at optimal security. Finally, avoid sharing sensitive information with an unverified contact and never download an attachment or click on a link within an email from an unknown sender. 

Stay alert and stay safe!

Your Turn: Do you have a digital kidnapping experience to share? Tell us about it in the comments.

What is the Dark Web?

Q: I’ve heard of the dark web, but I never understood what this term means. What is the dark web? How is it accessed? Is there any way to keep my information out of its depths?

A: The dark web is the deepest layer of the internet that isn’t visible to the average browser. Unfortunately, its name is a perfect description of its function, as the dark web is full of illegal activities and crimes. Let’s take a closer look at the dark web and how you can protect your information from being caught in its trap.

What is the dark web?

The internet has been likened to an iceberg. There is very little of it that is truly visible above the surface, but it is enormous, dark and deep underneath. 

There are three basic components of the internet: 

  • The surface web–this involves all websites and landing pages that can easily be accessed through popular search engines and by inputting a URL/address directly into a web browser address bar. 
  • The deep web–this includes private, but not invisible accounts, such as social media pages, retail accounts, membership websites, confidential corporate webpages, medical records and more. All content on the deep web is safeguarded by a paywall or sign-in credentials. Experts have estimated that up to 99% of the internet is comprised of the deep web. 
  • The dark web–the final layer of the internet can only be accessed by downloading special browsing software called Tor. Tor masks IP addresses and instantly renders all visitors anonymous. This is where scammers can buy and sell personal information including credit card numbers, checking account details, Social Security numbers, health records and more. 

Despite its name, not all of the activity that takes place on the dark web is illegal. The deepest part of the internet also provides a platform for communication and commerce among people living in countries that have heavy censorship over online activity. In addition, the dark web was originally used by the United States Department of Defense to communicate anonymously. 

Unfortunately, though, the dark web remains a hotbed of criminal activity. Loads of illegal trade takes place through the dark web, including drugs, firearms, counterfeit money, subscription credentials and personal information of thousands of targets. The inherent anonymity of the dark web allows hackers and scammers to roam free without fear of being caught.

How does the dark web work?

The dark web, and by extension the Tor browser, uses a technology known as “onion routing.” This technology uses multiple layers of encryption and redirection to assure anonymity for every browser. When a browser tries to access a site on the dark web, its information will be routed through thousands of relay points, making it impossible to identify and trace. 

How can I protect myself from the dark web?

It’s important to take preventative measures to protect your information from the dark web. Here’s how:

  • Enable two-step authentication on all online accounts. This includes accounts with access to sensitive information, as well as accounts that can be used to collect innocuous but potentially identifying information, like social media accounts. 
  • Consistently monitor your credit for fraudulent activity. Review your accounts at the end of each billing period and request an annual free credit report. Report any suspicious activity to your credit card company immediately. You can also ask the company to send you automatic alerts if there are any large purchases made or new accounts opened in your name.
  • Use strong, unique passwords for all your accounts. Vary your capitalization use, numbers, words and symbols. For optimal protection, switch up your passwords every few months. 
  • Never share your personal information with an unverified source. This includes an email from a contact you’ve never engaged with before, phone calls from an unknown caller and a downloaded link from a banner ad.
  • Run a dark web scan on your devices. This will tell you if your information is already on the dark web. If the scan is positive, reach out to your credit card issuers to discuss placing a fraud alert on your accounts and a credit freeze in your name. 

The dark web is fraught with danger and impossible to trace but there are ways to protect your information. Use the tips outlined here to stay safe.

Your Turn: Have you encountered the dark web? Share your experience in the comments. 

Don’t Get Caught in a Shopping Scam!

Shopping in 2022 is worlds away from what it was at the turn of the century, or even just a few years ago. According to retail research firm, Digital Commerce 360, ecommerce sales surpassed $870 billion in 2021, a 50% jump over 2019. Online shopping is quick, easy and convenient. 

Unfortunately, though, when a lot of shopping moved online, it also ushered in a wave of scams that are often successful. Some of these scams can be difficult for the untrained eye to spot, and many offer no way for the victim to reclaim their lost funds. Here’s what you need to know to recognize an online shopping scam and avoid being the next victim. 

How these scams play out

There are several variations to the online shopping scam. 

In one version, a shopper will scour the internet for a specific item in their desired price range. They’ll find the item retailing on a site at an attractive price and then proceed to make the purchase. They’ll share payment information, input their delivery address and complete the transaction. Unfortunately, though, the item never arrives on their doorstep. Alternatively, a cheap knockoff of the product will arrive instead of the item they’ve purchased. When the buyer tries to demand a refund, they are unable to reach the seller. 

In another variation, a shopper finds an item online and tries to make a purchase. They’ll be asked to input sensitive information, such as a credit card or checking account number. At this point, the shopper will be unable to complete the transaction and will continuously run into errors on the site. However, the scammers now have their information and can proceed to empty the victim’s accounts, or worse.

In a third version of the online shopping scam, a seller clicks on an ad, or on a site that came up in a Google search for one of their favorite stores. They’ll proceed to make an order, not knowing they’ve actually clicked into a bogus look-a-like site run by scammers. The rest of the scam will follow one of the scenarios described above. 

Red flags

Watch for these warning signs that you may have stumbled upon a shopping scam:

  • Prices are too good to be true. If you find an online offer for a new iPhone retailing at just $450, you’re likely looking at a scam. 
  • The offer urges you to act now. If an offer warns that the bargain prices it’s offering won’t last until sundown, it’s likely a scam. 
  • The seller demands specific means of payment. If an e-tailer insists that you pay via prepaid gift card or wire transfer, opt out. 
  • The website is full of typos and grammar errors. If the site is badly in need of editing, it may be run by scammers. 

Stay safe

Follow these tips to keep yourself safe from online shopping scams:

  • Only shop on safe, secure sites. Check the URL for the lock icon and for the “s” after the “http”.
  • Check the URL for proper spelling of reputable sites. Make sure the URL of the site you’re on matches the authentic URL for that retailer and that you haven’t landed on a spoof site. You may want to save the genuine URLs on your computer for future use. 
  • Avoid clicking on high-pressure pop-ups and banner ads. These are often scams.
  • Pay with a credit card when shopping online. A credit card offers the most protection for your purchases. 
  • Never share personal information with an unverified contact. Don’t input your credit card number or account details unless you’re absolutely sure you’re dealing with a reputable website. 

If you’re targeted

If you’ve fallen victim to an online shopping scam, there are steps you can take to mitigate the damage. 

If you’ve paid via credit card, call the company to dispute the charge. At this point, you may want to consider closing the card and placing a credit alert and/or a credit freeze on your name. Next, alert the FTC about the scam. If the alleged retailer is on the BBB website, you can let them know, too. Finally, let your friends know about the scam so they know to be aware.

Stay safe!

Your Turn: Have you been targeted by a shopping scam? Tell us about it in the comments. 

Don’t Get Caught in a QR Code Scam

Scammers never take a break from dreaming up new ways to con people out of their money. Recently, they’ve even been hijacking QR codes to pull scams on innocent victims. Here’s all you need to know about QR code scams and how to avoid them. 

What’s a QR code? 

Before we can explore the details of these scams, let’s understand what a QR code is and how one works. A QR code, which is an acronym for “Quick Response code,” is a square barcode that can be scanned using a smartphone. It leads directly to a website or app. Businesses use QR codes for any number of reasons, from posting online menus, to scanning coupons, to processing payments and more. In the no-touch era following the coronavirus lockdowns, QR codes are more ubiquitous than ever.  

Ironically, QR codes should help prevent fraud, since they take the user directly to the desired site, leaving no room for misspellings or for scammers to lure victims to a bogus website that has a URL that is similar to the legitimate website. Unfortunately, though, scammers have found a way to weaponize QR codes, too. The technology necessary to create a QR code is not accessible for anyone, making QR code scams easy to pull off and difficult to identify. 

How the scam plays out

In a QR code scam, a scammer will replace a legitimate QR code with their own code. A target will then scan the code and make a payment for a transaction. Unfortunately, the target has sent their money directly to the scammer and has not made a payment for the transaction as they believe they have.

In a recent QR code scam, fraudsters replaced dozens of QR codes on public parking meters in San Antonio, Texas with their own codes. Drivers seeking to pay the meter costs scanned these codes and sent their payments to scammers. To make matters worse, many victims also unknowingly shared access to their phones with the scammers, setting themselves up for future scams as the criminals use the information on the phone to pull off additional schemes. 

How to avoid a QR code scam

QR code scams can be challenging to recognize. For this reason, the FBI has advised against downloading an app from a QR code and/or downloading a QR code scanner app. However, there are ways to keep yourself safe from these scams. 

When scanning a QR code, it’s a good idea to treat the link like any other email or text message. Proceed with caution and practice online safety measures as you would with any other online transaction. Check the source of the QR code and the URL that the code directs you to for common signs of a secure site, including a lock icon, an “s” after the “http,” and whether the URL matches with the URL of the intended site destination. 

If the webpage or app the code sends you to seems suspicious in any way, leave it. You can access the payment portal you need by visiting the app or website on your own. 

When using a QR code, look for these red flags that can indicate a possible scam:

  • The URL is different from the home site.The QR code is posted on a public sign or notice that seems to be tampered with.The site or app the code directs you to is full of typos. 

Knowing how to recognize a QR code scam can help prevent you from falling victim to this emerging and quickly growing scheme. 

If you were scammed

If you’ve used a QR code to pay for a transaction and subsequently received an email from the company claiming you’ve never completed the payment, or that the payment failed, you may be the victim of a QR code scam. Let the company know that its QR code has been tampered with and alert the FTC as well. 

Stay alert when using a QR code and stay safe!

Your Turn: Have you been targeted by a QR code scam? Share your experience in the comments. 

Identity Theft: What to Know and How to Protect Yourself

We live in an increasingly digital world. People use devices and technology to shop for everything from groceries and clothing to furniture and electronics. We sign in to multiple websites and apps to communicate and share photos with family and friends, manage personal and business finances, plan vacations, and everything in between. While increased accessibility helps make so many activities quick and convenient, having so much of our personal information online leaves us vulnerable to cyber criminals who are eager to steal and benefit from our personal information. As the multitude of online services has expanded, so has the rate of fraudsters engaging in identity theft.

Data breaches within major companies have exposed hundreds of millions of consumers to hackers. In 2020 alone, the Federal Trade Commission (FTC) monitored almost 1.4 million complaints of identity theft, with over $3.3 billion stolen by identity thieves. Many scammers claimed to be officials from government departments and accessed victims’ pandemic unemployment benefits.

Cyber thieves who access one’s personally identifiable information (PII), such as birthdate, Social Security number, home address, driver’s license number, passport number and credit card or financial account information can use it to open new accounts, buy expensive items or pay their bills — and unsuspecting victims often won’t find out until weeks (or months) later. Often, it is only when (and IF) they closely read their account statements. The impact is not only the actual dollars stolen, but also hits to credit scores and time spent restoring security to one’s life and online footprint.

Identity thieves always evolve their tricks to disguise their efforts and access desirable information. They do “spoofing,” using phone numbers, or “phishing,” using email addresses, that look legitimate or seem connected to official agencies — such as the government, police or major companies from which you have likely made purchases. Variations may include sending voice or text messages or directing web surfers to websites for bogus products or services.

Credit cards are a bit safer than debit cards when it comes to fraud, as the Federal Fair Credit Billing Act protects consumers from liability in cases of credit card fraud over $50. However, as currency itself diversifies through the advent of cryptocurrency, some fraudsters are now demanding access to victims’ crypto accounts because it’s difficult to trace and helps them in evading law enforcement.

The age group most vulnerable to scammers is the elderly, as they are less likely to create strong online passwords and are less likely to be wary of prank callers posing as tax collectors or relatives purporting to be in dire financial straits. They also often provide extensive personal information to many doctors or caregivers, with access by many staff members at facilities.

But even those who consider themselves tech-savvy and invincible can fall prey to skilled scammers. Even a child’s information can be stolen, and parents may be unaware of that until many years later when trying to open or access accounts for them.

How to Avoid Identity Theft:

  1. Require a PIN or strong password to unlock devices and accounts, plus 2-step verification. Also, do not use the same password for multiple accounts.
  2. Always use updated security software (such as Norton) on your devices.
  3. Regularly sign in to online accounts to monitor transaction accuracy.
  4. Switch to paperless statements so there is less sensitive information in your mail.
  5. Put alerts on your financial accounts so you get reports for each transaction, or transactions exceeding a set dollar amount.
  6. Put a freeze on your credit report so others can’t open accounts in your name.
  7. Shred old documents, such as bank or credit union statements, tax forms and medical bills.
  8. File your tax returns early.
  9. Do not open emails, click on links or answer calls from suspicious addresses or numbers.
  10. Do not carry your Social Security card or documents including your SSN on them.
  11. Do not tell anyone your SSN by phone unless you are 100% sure who they are and why they’re asking for it.
  12. Do not use public Wi-Fi when making any financial transactions, such as online banking or shopping, or to check your email or browse social media.
  13. Do not leave personal information in your car, even if it is locked.
  14. Invest in an identity theft protection service (such as IdentityGuard or LifeLock) to monitor, detect and alert you about attacks on your identity or finances and reimburse you for losses.

If you are a victim of Identity Theft:

  1. Contact at least 1 of the 3 main credit bureaus: TransUnion, Experian, or Equifax.
  2. Report it to the FTC at www.identitytheft.gov or call 877 438 4338.

Your Turn: Which of these steps will you take to further secure your online identity?

5 Steps to Take After Being Hacked

Uh oh — you’ve been hacked! Finding out someone has cracked open your accounts and helped themselves to your information can be alarming, but there are ways to mitigate the damage while jump-starting your recovery process.

Here are five steps to take after being hacked.

Step 1: Assess the damage

First, take a step back and determine how much damage was done. Unfortunately, one hacked password can often be the gateway to multiple hacked accounts and even complete identity theft. This is especially true if you use the same password for several accounts, or use the hacked account or device for password recovery on other accounts. So, first things first: Review your credit card and account statements for any suspicious activity.  Also, try accessing your email, social media accounts and mobile devices to see if they’ve been hacked.

Step 2: Change your passwords

Once you know which accounts and devices have been hacked, change the passwords and PINs on these accounts. For an added measure of protection, it’s a good idea to change the passwords on all of your accounts that may hold sensitive information. Remember to choose strong, unique passwords for every account. A strong password uses a combination of letters, numbers and symbols; varies the use of capital letters; and does not use a piece of personal information that can easily be scraped off the internet, such as your date of birth or home address. You may want to use a password service like LastPass  or  StickyPassword to make this step easier.

While completing this step, consider signing up for two-factor authentication for any accounts that do not already have it in place.

Step 3: Protect your credit

Now that you’ve blocked the hacker(s) from your accounts, it’s time for damage control.

First, dispute any fraudulent charges on your compromised account(s). If necessary, have the account(s) locked, or even shut and/or deleted.

Next, place a fraud alert on your credit reports. This serves as a red flag to potential lenders and creditors, making it more difficult for the scammer to open up additional lines of credit or to take out a loan in your name.

Consider a credit freeze as well. This blocks potential lenders from accessing your credit report, making it impossible for the hacker to open new credit accounts in your name.

Step 4: Alert the authorities

You can alert the Federal Trade Commission (FTC) about a possible or confirmed identity theft at identitytheft.gov.  You’ll also find a detailed recovery plan on the site to help you repair your credit and reclaim your identity.

Hacking is usually done remotely, but it’s still a good idea to let your local law enforcement agencies know about the breach. This way, they can be on the alert if the hacker decides to assume your identity and use your credit cards in stores near your hometown.

Also, if you haven’t already done so, don’t forget to let Advantage One Credit Union know what’s happened! Whether it’s a credit card that’s been stolen, a checking account that’s been breached or a social media account that’s been broken into, we’ll do all we can to protect your accounts. If you’ve been hacked, give us a call at 734-676-7000 to see how we can help.

Step 5: Proceed with caution

Once you’ve taken all necessary steps toward damage control and mitigation, you can start thinking about the future.

It’s important to keep a close eye on your accounts for the next month. Look out for any suspicious activity on all accounts, including charges you don’t recall making, large withdrawals of cash and even new loans being opened in your name. If you find any fraudulent activity, be sure to let the account holders know and to follow the steps suggested above.

If you’ve opted to go with a credit freeze, it will generally lapse after 90 days. If your accounts are determined to be safe, consider opening new lines of credit now to jump-start the recovery of your credit health.

If the hacker went all out and stole your identity, it’s best to follow the recovery plan outlined by the FTC . This plan may include replacing your Social Security number, driver’s license and more.

Getting hacked is never fun, but taking immediate and decisive action can help mitigate the damage, as well as speed up the recovery process.

Your Turn: How have you dealt with your accounts being hacked? Tell us about it in the comments.

Learn More:
allthingssecured.com
digitalguardian.com

Your Smart TV May be Spying on You

Person sitting on couch in front of smart TV while on thier cellphoneIf one of your Christmas presents was a smart TV, or you splurged on one for yourself on Black Friday, you might be living with an in-house spy. The FBI is warning that smart TVs, which allow customers to stream their favorite shows through apps like Netflix and Hulu, can easily be hacked and used for spying. You can be sitting and binge-watching your favorite sitcom, or hollering at the screen as your team fumbles toward another devastating defeat, and all the while a stranger’s eyes are on you and the happenings in your house.

Before you start to panic or rush to toss that brand-new TV into the trash, we have shared all you need to know about this frightening new hack.

How is this hack carried out?
Lots of smart TV models are fitted with webcams and microphones. This allows the TVs to offer all kinds of super-cool features, from facial recognition that can be used to recommend favorite shows and settings to 41-inch screen video-chatting with faraway friends and families. The FBI is warning, though, that hackers are using these add-ons for nefarious reasons.

In the best-case scenario, the TV manufacturer and app developers can hack the TV’s webcam and use it to remotely change your channels, play with your settings or even stream inappropriate videos. Obviously, this can be unsettling and even frightening, but there’s no lasting damage.

In the worst-case scenario, though, cyber-criminals can hack their way into accessing these cameras and microphones, turn them on at will, and then spy on unknowing victims. By gaining access to the cameras, hackers can turn them on whenever they please, even if your TV is off at the time. Creepiness aside, this stalking can grant a hacker access to your computer’s router and lead to all sorts of unhappy endings, including identity theft, kidnapping and more.

“Beyond the risk that your TV manufacturer and app developers may be listening [to] and watching you, that television can also be a gateway for hackers to come into your home,” the FBI announced in a report. “A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router.”

Is there anything I can do about this hack?
The FBI advises consumers to research the model of their smart TV and to familiarize themselves with the control features and camera settings.

“Do a basic Internet search with your model number and the words ‘microphone,’ ‘camera,’ and ‘privacy,’ ” said the FBI.

If possible, consumers should change the device’s default security settings and passwords. This will enable them to turn off the camera and microphone unless they are actually using them, and will serve as a deterrent for cyber-criminals seeking to control the TV from a remote location.

If you’re still spooked by the FBI’s warnings and you want to take stronger measures to protect yourself against spying, you can simply secure a piece of black tape over the camera to keep out any prying eyes.

Another important step to take for keeping hackers out of your smart TV is to always install software updates offered by the manufacturer. Keeping your device updated will afford you the strongest current protection against vulnerabilities and weaknesses.

“Generally, customers who keep their devices up to date won’t have too much to worry about,” says Matt Tait, cybersecurity expert and former analyst at GCHQ, the British signals intelligence service. “But for people who are particularly worried, or who don’t want the new ‘smart’ features, there is a simple solution to keep hackers out: unplug the device from your network.”

Our world is now smarter than ever, but along with the conveniences of an interconnected, digitized world come a whole slew of risks and vulnerabilities. Keep yourself safe by employing basic protective measures, keeping your devices updated and staying informed about the latest scams and hacks.

Your Turn:
Do you own a smart TV? What measures have you taken to protect yourself from this scare? Tell us about it in the comments.

Learn More:
cnn.com
foxnews.com
thehill.com

All You Need to Know About Data Breaches

hands on a computer keyboard with security lock icons superimposedIf you follow the news, you’ll note that there seems to be another major data breach monopolizing headlines every week. The details vary, but in each breach, thousands, millions or even billions of victims’ sensitive information is compromised, and they’re now vulnerable to identity theft unless they take immediate action.

Here at Advantage One Credit Union, your financial success and safety is our primary goal. To help keep your information and your finances secure, we’ve compiled a comprehensive guide on data breaches.

What is a data breach?
Data breaches occur when sensitive information is accessed or used without authorization. Factors like a wealth of online data and sophisticated hacking tools have spurred a steep increase in data breaches in recent years, causing tremendous damage to individual consumers and businesses across every industry.

Data breaches occur by exploiting vulnerabilities in a company’s security system. Alternatively, an employee can be tricked into giving a cyber-criminal access to the company’s network.

The goal of most data breaches is to obtain personal information, like names, email addresses and passwords, as well as financial information, like credit card numbers and account details. This information is used by criminals to steal identities and empty accounts, or sold to other criminals who will then do so.

While major data breaches make headlines, according to the Identity Theft Resource Center, there is an average of three data breaches each day, most of which will never even make the news.

After a data breach
Whenever you hear about a major data breach that can possibly affect you, it’s best to monitor your accounts for suspicious activity. In most cases, you will be notified by the victimized company if your data has been compromised; however, it helps to keep an eye on your accounts even if you haven’t been contacted so you can minimize your loss by acting quickly if your are among the unfortunate victims.

If you’ve been victimized by a breach
If you’ve been informed your information is compromised by a data breach, take the following steps immediately:

  1. Freeze your credit
    Placing a freeze on your credit is the most crucial step you can take to stop scammers from getting at your information. A credit freeze will not bring down your credit score, but it will serve as a red flag for lenders and credit companies by alerting them to the fact that you may have been a victim of fraud. This added layer of protection will make it difficult, or impossible, for hackers to open a new credit line or loan in your name.

    You can freeze your credit at no cost at all three of the major credit bureaus, Equifax, Transunion and Experian. You’ll need to provide some basic information and you’ll receive a PIN for the freeze. Use this number to lift the freeze when you believe it is safe to do so.

  2. Change your passwords
    Most people are on the alert following a major data breach, but they tend to let their guard down once the heat is off and things calm down. Hackers know this, and they’ll often hold onto victims’ information immediately following a data breach and then sell it months down the line to other identity thieves. To protect your accounts from a delayed-reaction hack, change all of your passwords after a breach that possibly has affected you.
  3. File an identity theft report
    Unfortunately, these protective measures can sometimes be too little, too late. If your accounts have been compromised, and you believe your identity has been stolen, file an identity theft report with the Federal Trade Commission (FTC) as soon as possible. This will assist the feds in tracking down your hacker(s) and returning your finances to their usual state as quickly as possible.

Protecting your information
There’s no fool-proof way to protect yourself from a data breach, but following these simple steps can help keep your information as safe as possible:

Monitor your credit.
Check your credit accounts for suspicious activity on a regular basis. You can request a free credit report from each of the three major credit bureaus once a year at AnnualCreditReport.com. You may also want to consider signing up for credit monitoring, a service that will cost you $10-30 a month for the promise of notifying you immediately about any suspicious activity on your accounts.

Use strong, unique passwords.
Use a different password for each account, and choose codes that are at least eight characters long. Also, use a variety of numbers, letters and symbols. Vary your capitalization use as well, and don’t utilize any portion of your name, phone number or a common phrase as your password. Using a password manager like Dashlane or iPassword can also help keep your information safe. It’s also a good idea to choose two-factor authentication when possible, and non-password authentication, such as face recognition or fingerprint sign-in, for stronger protection.

Browse safely.
Never share sensitive information online and always keep your security and spam settings at their strongest levels. Make sure your devices are fully updated at all times. It’s also a good idea to keep your social media accounts as private as possible.

Hackers never stop trying to get at your data, but with the right protective measures in place, you can keep them from seeing success.

Your Turn:
How do you protect yourself from data breaches? Share your tips with us in the comments.

Learn More:
forbes.com
malwarebytes.com
searchsecurity
experian.com

All You Need To Know About The Capital One Data Breach

Capital One bank Hq buildingIn late July, Capital One Bank announced that 106 million of its card holders had their data compromised in a massive breach that stretched over four months. Among the victims, 140,000 customers had their Social Security numbers swiped and approximately 80,000 had their linked checking account numbers stolen. No credit card numbers were reported to have been lifted in the breach.

The company fixed the vulnerability immediately and promised to alert all victims of the breach about their compromised data. The alleged hacker has been apprehended and steps are being taken to ensure a breach of this magnitude doesn’t happen again.
The Capital One issue was hardly the first of its kind to hit the news in recent years. Factors like online data and sophisticated hacking tools have spawned a wave of data breaches that have hit all kinds of businesses and service providers, from police departments to eateries, major retailers and online search engines.

In light of the multiple and wide-reaching data breaches over the past few years, experts recommend that everyone, even those who are not Capital One credit card holders, take the following 5 steps to protect their information from hackers:

Freeze your credit – Placing a freeze on your credit is the first and most crucial step you can take to stop scammers from making use of your information. A credit freeze will not affect your credit score, but does serve as a red flag for lenders and credit companies by alerting them to the fact that you may have been a victim of fraud. Consequently, hackers will not be able to open a new line of credit or apply for a loan in your name.
You can now freeze your credit at no cost at all three of the major credit bureaus, Equifax, TransUnion and Experian. You’ll need to provide some basic information, including your date of birth and your Social Security number. You’ll receive a PIN for the freeze that will need to be used for lifting the freeze should the need arise.

Enable two-factor authentication – If you haven’t already, change all of your logins to two-factor (also called “multi-factor”) authentication. Whenever possible, choose a non-password authentication, like face recognition or thumbprint sign-in. This will provide an extra layer of protection against hackers and scammers trying to access your account.
Sign up for credit monitoring – Capital One is offering free credit monitoring for all victims of the data breach. You can find out more about this offer and general information about the Capital One data breach here.

Even if you’re not a Capital One card holder, you might want to consider signing up for credit monitoring to prevent being a victim of a data breach in the future. The service will immediately notify you about any suspicious activity on your accounts so you can stop potential hackers in their tracks. Credit monitoring will run you $10-$30 a month, but you’ll have the security of knowing that the company is on the lookout for any signs of trouble with your credit.

Use strong, unique passwords – Always choose strong passwords for all your accounts and use different passwords for each login. Your passwords should be at least eight characters long, and use a variety of numbers, letters and symbols. Vary your capitalization use as well, and never use your name, phone number or a common phrase as your password.

If you’ve been using your current passwords for a while, consider changing them up now. You can make this task easier by using a password aggregator like LastPass or Sticky Password.

Strengthen your security and spam settings – Never answer emails asking you to share sensitive data, even when they appear to be from legitimate companies. Make sure your devices are fully updated, and keep your spam settings on their strongest levels. It’s also a good idea to keep your social media accounts as private as possible to keep scammers from finding out personal details about your life which they can use to crack open your passwords.

Hackers never stop trying to get at your data, but with the right protective measures in place, you can keep them from seeing success.

Your Turn:
Have you been affected by the Capital One breach? Tell us about it in the comments.

Learn More:
cbsnews.com

usatoday.com

upi.com

capitalone.com

8 Things To Do If Your Identity Is Stolen

Here are eight important actions you can take if you ever become the victim of identity theft.

  • Lock the compromised account.
    • Dispute any fraudulent charges on your compromised accounts and ask to have them locked, or even shut down.
  • Older man looking concerned as he browses files on his laptopPlace a fraud alert on your credit reports.
    • This helps alert creditors that someone may be trying to open accounts in your name.
  • Consider a credit freeze.
    • This will make it impossible for the scammer to open a credit line or loan in your name.
  • Alert the FTC.
  • Strengthen your passwords.
    • In addition to changing them, use strong and different passwords for all your online accounts.
  • Check your account statements.
    • It’s best to do so frequently to look for suspicious activity.
  • Open new credit cards and accounts.
    • Replace compromised accounts that you’ve shut down so you can be inconvenienced as little as possible.
  • Repair your credit.
    • Be extra careful about paying your bills on time and keeping your credit utilization low.

Your Turn:
Have you ever been the victim of credit card fraud? Share your story with us in the comments.