EverSafe Scam Watch
Protecting Your Financial Health
Russian Cyber Attack: Are you at Risk?
A massive cyber attack on the U.S. government grabbed headlines around the world in December. But it left many questions unanswered, including one that our readers might care most about: Is your personal data at risk?
The hackers, who are believed to be Russian, invaded the government’s computer systems through software that federal agencies use to manage their networks. The full scope of the intrusion is not yet known. Officials from the Treasury and Commerce departments are working with the Department of Homeland Security and the FBI to learn further details and how to respond.
The software is produced by SolarWinds of Austin, Texas and is used by many of the nation’s largest corporations, as well as federal agencies.
The hackers’ goal may have been to learn more about America’s own hacking capabilities, as well as its vulnerabilities and cyber defenses. But experts say that individuals may be at risk. People with passwords on federal websites, including Social Security, IRS and the Small Business Administration, should consider taking steps to protect themselves.
These include changing passwords and making sure to use different passwords for each account. As always, consumers should stay vigilant about unusual activity on any of their accounts and avoid clicking on links from sources they do not know to be safe. Specialized protection, such as that offered by EverSafe, can fill an important role. Meanwhile, the investigation of the Russian hack continues.
Big-Name Data Breaches Make the News
As 2020 turned to the New Year, we were reminded – repeatedly – of the need to guard against fraud and the dangers of identity theft.
T-Mobile, one of America’s largest wireless network operators, revealed that hackers gained access to data for about 200,000 customers, including phone numbers and other information. And in an unrelated case, a nonprofit with links to Microsoft co-founder Bill Gates, exposed personal data of hundreds of thousands of young people.
“Our Cybersecurity team recently discovered and shut down malicious, unauthorized access to some information related to your T-Mobile account,” the company said in letters to customers and on its website. In addition to phone numbers, the hackers captured details such as the number of lines subscribed to in an account, and certain call-related data that T-Mobile did not describe publicly.
But the telecom giant emphasized that customer names were not taken. And it did not plan to provide free credit-monitoring services for those affected.
“The data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs,” the company said.
The breach was T-Mobile’s second of 2020, and its fourth in recent years. In 2018, up to 2 million T-Mobile customers may have had information exposed. Another breach occurred in 2019. In April of last year, T-Mobile completed a merger with Sprint Corp. and now claims more than 98 million subscribers.
…Student Info Exposed at Charity
Even as word spread about the T-Mobile breach, news also was breaking about a lapse in data privacy at Get Schooled, a nonprofit that helps students with limited resources thrive in college and beyond. Up to 930,000 students may have had personal information exposed including names, email addresses, age gender, high school and graduation data. Reportedly, 12,000 home addresses and 20,000 phone numbers may have been exposed.
The breach was revealed at the end of 2020 by TurgenSec, a London-based cybersecurity firm. It occurred when Get Schooled left a data base unsecured and accessible to the public. Get Schooled has said the number of affected individuals is smaller than reported, putting it around 250,000.
According to its website, Get Schooled has helped more than a million young people on their path to college and first jobs, targeting students as young as age 10 from low-income families, racial minorities, along with first-generation college students. The initiative was launched in 2010, as a partnership between the Bill and Melinda Gates Foundation and Viacom, an entertainment company.
Five Frauds that are Trending in the New Year
Just as the difficulties of 2020 rattled the U.S. economy, they also shaped the market for scams. Here are five fraud trends to beware of in 2021, according to the Ethical Advocate, a North Carolina-based firm that provides ethics training to organizational leaders.
E-commerce Fraud: Online shopping has never been more convenient. But its rapid growth has paved the way for many scams. These include businesses selling fake merchandise, slipping in hidden fees that boost your cost, and failing to deliver the items you paid for. Scammers keep coming up with new ways to trick online shoppers—which means consumers should always be careful to deal with legitimate suppliers.
Charity Fraud: When times are tough, a charity’s own volunteers or workers may be tempted to skim donations for themselves, the Ethical Advocate cautions. Scams include adding bogus processing fees to payments people make online.
Investment Fraud: Ponzi schemes may be on the rise, especially targeting people who have been hurt economically and wish to make money fast. In this type of scheme, the scammer—typically a portfolio manager—promises an investor great returns. But the profits are built on a lie: They can only continue if newer investors keep bringing in more dollars. Ponzi schemes inevitably come to the same end—disaster.
Health Care Fraud: The pandemic has put great stress on health care workers and insurance companies, opening many doors for crime. According to the FBI, older adults are often the targets. In one elder fraud scheme, for example, equipment manufacturers offer older patients products for free in order to get their Medicare numbers. Crooked manufacturers then use the numbers to get federal reimbursement for services not needed or provided.
Customer and Tech Support Fraud: A scammer claiming to work for a legitimate tech company, such as Microsoft, contacts consumers and tells them that malicious software has been found on their computer. They may then try to sell you an anti-virus tool you don’t need, or urge you to install software that will steal your private information, exposing you to identity theft.