Frequently Asked Questions

How-to Guides

ALL ABOUT THE DARK WEB

What is the dark web?

The dark web is actually a section of the internet that is not indexed and cannot be found by normal browsers and search engines. It is made up of a bunch of peer-to-peer networks that are encrypted and secured so that no one actually knows who they are connected to. It’s great for news reporters who want to talk to anonymous sources, but the dark web is also a hotbed for illegal activity. The dark web also consists of many large public networks like Tor, Freenet, I2P, and Riffle. Some of these are owned by large organizations as well as individuals.

What is the dark web used for?

Although there are legitimate chat rooms, chess clubs, bookstores, and antique markets, the dark web is also used to transact a lot of illegal business. You can purchase drugs, guns, counterfeit products, hacked accounts, and even services like hiring someone to commit murder. According to CSO Online, you can purchase a “lifetime” Netflix premium account for $6. The dark web is also where identity thieves buy and sell data stolen in data breaches.

Is the dark web illegal?

The dark web is not illegal but has a bad reputation for illegal activity. The NSA has operatives who troll the dark web looking for criminals and trying to track down who they are, to arrest them. Along with other things, criminals offer phishing kits and instructions on how to steal your identity and then use it for profit. One particularly famous marketplace was called Silk Road, which provided everything you can think of, but eventually, the government shut it down.

What can I find on the dark web?

First of all, it is not easy to find stuff on the dark web unless you have specific URLs with a .onion extension. Along with illicit products, you can also find treasure troves of data containing people’s names, email addresses, home addresses, social security numbers, credit card numbers, banking information, and even medical data. Stolen in some more serious data breaches, you might also find passport numbers, driver’s license numbers, family information, login accounts, usernames, and passwords in plain text. With so many data breaches, there is a good chance your information is out there on the dark web waiting to be purchased or sold.

Who regulates the dark web?

Currently, no one person regulates the dark web. Each individual peer-to-peer network is owned and operated independently. Since most of it is anonymous, the government (U.S. National Security Agency) has very little way of finding out who owns what. However, they do have specialized hackers who regularly work on the dark web, and they do try to shut down the more serious offenders offering child pornography, guns, and illegal drugs. Sometimes it takes years to locate the actual perpetrators.

How do you pay for stuff on the dark web?

The currency of choice on the dark web is the crypto-currency, Bitcoin. The reason for this is that it is untraceable and anonymous. Neither party knows who the other one is, ever. CSO Online claims that Bitcoin is one of the major reasons for the incredible growth of the dark web. Many dark web marketplaces use shopping carts, ratings, reviews, and even forums. Some vendors use an escrow service to hold the funds until both parties are satisfied. If you are victim of ransomware and identity theft, you will be asked to pay via Bitcoin.

How do you find websites on the dark web?

It is not easy to search inside the dark web. The websites don’t care about aesthetics or SEO because search engines don’t work there, so they are old-school, messy, and many are inactive. Some people put out directories, but you will most likely find that more than 75% of the information is already defunct by the time you try searching for things. Criminals set up shop, make a quick buck, and then shut down before the Feds can arrest them. Experts estimate that there are about 50,000 active websites on the dark web without a search engine to find them or a clear directory.

What is Tor?

Tor stands for “The Onion Router,” and the dark web is sometimes called Onionland. The websites have .onion as an extension in the URL. It refers to the technology and how traffic is routed through various servers to keep things safe and private. Tor is also the name of the web browser people use to access the dark web.

Is my information on the dark web, and am I in danger of identity theft?

Due to the vast number of data breaches over the past few years, chances are that yes, your information ended up on the dark web and is for sale. Even if it’s just your name and email, you could be at risk for phishing campaigns, spam calls, and identity theft. Criminals don’t need much to contact you and try to trick you into giving them more information until they have enough to open new accounts and steal from you. That is why dark web monitoring is so important.

What is dark web monitoring?

Dark web monitoring is part of the service offered by credit monitoring companies like IDStrong.com. They troll the dark corners of the dark web searching chat rooms, marketplaces, and other alleyways looking for your information that may be exposed to criminals and identity thieves. Some of the things included in dark web monitoring are:

  • Passport number
  • Driver’s License Number
  • Medical Record Number
  • Credit Card Numbers
  • Debit Card Numbers
  • Bank Account Numbers
  • Insurance Account Numbers
  • SSN
  • Usernames
  • Emails
  • Phone Numbers
  • Names
  • Addresses

If any of these things pertaining to you show up on the internet, you will be alerted, and if you are a victim of identity theft, IDStrong’s experts can help you fix it right away.

COMPUTER AND DEVICE SECURITY & THE DARK WEB

Can I make my Android phone more secure?

The Android operating system is great because it is so versatile, but that also opens it up to more vulnerabilities. There are a few key ways you can better secure your Android phone. First, turn on encryption by going toStorage>Storage Encryption orStorage >Lock Screen and Security>Other Security Settings. Other things to do are:

  • Lock your phone with a PIN, Face ID, or fingerprint.
  • Be sure to turn on two-factor authentication for your Google account.
  • Make all your passwords very strong and long.
  • Install antivirus/anti-malware software on your device.
  • Never install apps that are not approved by the Google Play store.
  • Turn on automatic backups, so you have a failsafe if something does go wrong.
  • Never connect to unsecured Wi-Fi without a VPN running.
  • Factory reset your phone before throwing it away or selling.
  • Keep your phone updated with the latest security patches.

Can I change my network location from public to private in Windows?

Privacy is a significant concern on the heels of data breaches, ransomware, and cyberattacks hitting the news each day. Thankfully, Windows 10 has a setting where you can set your network type to be private instead of public. Therefore, when you are connected to public Wi-Fi at the local coffee shop or airport, your privacy will remain intact. The Windows firewall is the device that keeps predators out if you set it correctly. To change those settings:

  1. Go to the system tray on your taskbar (far right).
  2. Click on the Ethernet or wireless icon (depending on how you are connected).
  3. Now click the Network and Internet Settings link.
  4. On the left, you will see Status with either Wi-Fi or Ethernet highlighted. To the right, you should see your network name. Click it.
  5. Now you will see choices for Public or Private and which one is already selected.
  6. You can also toggle the selection to Connect automatically when in range.
  7. Done.

How do I find and Clean hidden spyware off my Android phone?

Android devices are just as susceptible or even more so to viruses, malware, and even spyware. If you have pop-ups, redirects, or your phone is unusually slow or acting oddly; you may have malware or spyware on it. There are a variety of different spyware programs. If you think someone may be spying on your or accessing your phone without your knowledge, first, search for any programs you do not recognize by:

  1. Go to Settings.
  2. Choose Apps or Applications.
  3. Click the three vertical dots menu.
  4. Click “Show System Apps” to show all installed programs.
  5. Review all the programs, and if you find any that you do not recognize, investigate what they do and what they are for. Uninstall anything you feel uncomfortable about.

Check your downloads folder and also run antivirus/anti-malware software on your Android device. That might help find and clean it as well.

What can I do to make my phone safe against cyber-attacks?

Many people believe that their cell phones are impervious to the same dangers as a computer, but they are wrong. Smartphones and anything connected to the internet is vulnerable to cyber-attacks. Depending on whether you use an iOS device or Android, the settings may vary. However, some things you can do to secure your phone against cyber-attacks are:

  • Install antivirus/malware protection.
  • Turn on encryption and secure with a PIN, Face ID, or fingerprint.
  • Configure the privacy and security settings to the highest level.
  • Do not install any third-party apps that are not safe and approved, no matter how tempting.
  • Disable Wi-Fi, GPS, and Bluetooth when not using them; these are gateways for thieves to get in.
  • Never click on links in email or download files if you don’t know the sender.
  • Always use strong passwords and sign-up for two-factor authentication.
  • Stay away from unsecured Wi-Fi connections.

How can I remove pop-ups and spyware from my browser?

The most common way your computer browser gets infected is by downloading a file or software from an unsecured site. You don’t typically realize it until your computer starts throwing pop-ups at you and it slows ways down. To remove them try the following tips:

  • Run antivirus/anti-malware software to clean things up.
  • Open programs and look for fishy-sounding names and uninstall anything you didn’t put on your computer yourself.
  • Chrome has a built-in tool you can use to “clean up computer.”
  • You can also restore your browser back to factory settings, which sometimes helps.

Before installing anything or downloading files, use common sense to stay safe from adware and spyware.

What do I do if my computer is taken over by ransomware?

Waking up some morning to find that your computer has been hijacked by a cybercriminal sparks fear into the hearts of most people. Typically, ransomware works by locking your files and preventing you from accessing them. However, not all ransomware is that sophisticated. There are many different types and variants, but they are all designed to get you to pay a fee. You can do that or try the following instead:

  • If your screen is locked with a message, try unplugging it from the internet and using CTRL-ALT-DEL to close the task. Now you can run antivirus software and clean it up. Your files should be okay.
  • If your files are locked and encrypted, take a picture of the ransom note for the police, reboot in safe mode and factory reset your computer. Restore from a backup.
  • You can try a decrypt program, but most will not work, you will need to wipe out your computer completely.

What do I do if my smartphone is stolen or lost?

There is always the chance that your beloved smartphone may be lost or stolen at some point. Therefore, before anything happens, make sure automatic backups are turned on, and you have secured your phone with encryption, a “find my” program to factory reset it or find it, and a secure password or PIN. If you lose your phone or someone swipes it:

  • Remotely locate and lock your phone.
  • Wipe all the data from it using “find my.”
  • Call your wireless carrier to report it stolen.
  • Contact the police to report it gone.
  • Check your online accounts and change all passwords to any apps installed on the phone.
  • Monitor your credit reports, bank statements, and credit cards.
  • Watch out for phishing emails or suspicious texts.

Which browser is better, Chrome or Safari?

Browser selection is very personal, and different people lean towards Chrome, Safari, or Firefox for various reasons. But when comparing apples to apples in terms of security, privacy, speed, integration, extensions, battery life, and features, Safari consistently comes out on top. With all the talk about data breaches, malware, and other privacy concerns, Safari goes above and beyond to protect the user’s sensitive information, browsing habits, and security.

What is a worm virus?

A worm virus is a malware program designed to replicate itself and deliver a “payload,” which might be deleting files, destroying networks, encrypting data, or even stealing information. Worm viruses are self-sufficient and do not need a human being to activate them. Once they are released onto a network, they can move, copy themselves to a computer and start wreaking havoc. They typically eat up a lot of memory and bandwidth, which can slow things down considerably. Worms get into networks and computers through vulnerabilities in the operating system. They may be activated through email or malware.

What is a trojan virus?

A trojan virus (named after the Trojan horse ploy used in Troy) is a virus that takes control of your computer, steals files, deletes files, modifies data, blocks things, copies files or data, and disrupts network connections. Unlike a worm, trojans are not self-sufficient; they require a person to click or install something to execute/activate them. There is an extensive library of different types of trojans you might come in contact with. They are the most damaging type of virus. A few ways to avoid them are:

  • Never download or install software from an untrusted source.
  • Do not click on links in email or download attachments.
  • Install strong antivirus software and run it regularly.
  • Keep your devices updated with the latest security patches.
  • Secure your home network with a firewall.
  • Consider a VPN to keep things private.
  • Run regular backups in case you need to restore things.

What is adware, and should I be concerned about it?

Adware is malicious software that tracks your online activity and pop-up ads or redirects your browser to places you did not intend. Hackers make money off adware when users inadvertently click on pop-ups and fake websites that are made to look like the originals. A lot of freeware software has adware built-in, and just by installing it, you could infect your computer. Adware can slow down your computer and cause other damage. Use strong antivirus software to find and clean it up and stay away from downloads from untrusted sources.

What is phishing, and how does it work?

Phishing is a tactic that cybercriminals use to get you to click a link or download files. They send an email, text messages, use ads, or social media to trick you so you will act without thinking. Once you do click the link, your privacy and security are threatened. You may lose login credentials, bank access, or infect your computer with dangerous malware. Phishing is the number one way that identity theft occurs. Emails are designed to look legitimate, so you have to look closer to be safe. Never click links or download attachments in emails. Go directly to the website on your browser instead.

What is the dark web?

The dark web is a layer of the internet that cannot be found by traditional browsers. It is made up of peer-to-peer networks that are encrypted and secured for private conversations and commerce. You can only access the dark web using a special browser called Tor. A lot of illegal activity takes place on the dark web. You can buy just about any illicit product or service there. Information stolen in data breaches is often sold on the dark web.

How can I secure my home Wi-Fi better?

First, start with good hardware. Purchase a modem/router that includes a firewall with other strong privacy and security settings to block all incoming connections that you did not initiate. Some other tips to secure your Wi-Fi network are:

  • Turn on encryption.
  • Change the default network name and make the administrator password very strong.
  • Turn on MAC address filtering so you can control the devices that connect to your network.
  • Install good antivirus software on your computers and run it often.
  • Install browser extensions to watch for malware or malicious websites.

If you go out of town, shut down all your network equipment until you return.

CREDIT

How does credit work?

Credit is when a lender, credit card company, or financing institution lends you the money to buy something which you must pay back at a later date based on the agreed-upon terms. Credit also refers to your credit history, meaning how well you paid back your loans, credit card balances, and mortgages.

There are three big credit reporting agencies in the world, Experian, Equifax, and TransUnion, and they keep track of everyone’s credit history. These companies also use the information to calculate your credit score, which lenders use to gauge your creditworthiness before lending you money. Each of these companies is independently owned and operated, and therefore your credit report with each may be different.

Having good credit is very important if you want to buy a house, need to apply for a loan, or just want a credit card. Maintaining good credit is easy to do with the proper tools and credit monitoring.

What is a credit score?

All the information contained within your credit report is used by the credit bureaus to calculate your score. Lenders use these scores to determine whether or not you are a good risk to lend money to.

Typically, scores range from 300-850. A low score may prevent you from getting a mortgage or approved to rent a piece of property. A high score allows you to take advantage of better interest rates and loan terms. The table below shows what constitutes a good or poor credit score.

  • Excellent Credit: 750+.
  • Good Credit: 700-749.
  • Fair Credit: 650-699.
  • Poor Credit: 600-649.
  • Bad Credit: below 600.

What is my credit report, and who can access it?

Your credit report is an extensive compilation of information about you that creditors and lenders use to determine your creditworthiness. Some of the information contained on it is your name, address, date of birth, and socialsecurity number. It also lists all the creditors you have borrowed money from over the past seven years. It contains your loans, mortgages, and other debts and how well you paid them (on time, late or not at all). Your credit report may show the original loan and the balance due as well.

Credit reports are maintained by the three big credit agencies (Equifax, TransUnion, and Experian), and they also calculate a credit score based on the information in your credit report.

You have the right to a free copy of your own credit report each year (with each agency). Lenders may also obtain a copy of your credit report with your authorization. If you sign up for credit monitoring, that company may also have access to it.

What are credit alerts?

A credit monitoring service will send you credit alerts when something changes with your credit report. A change may be a new home address, a change in your credit score, a new account that was just opened, or other personal details that were altered by you or someone else. When you sign up for credit monitoring, you can choose from text messages, email, or even credit alerts through the mail or phone.

What happens if I receive a credit alert?

If you receive a credit alert that something has changed on your credit report or that someone has accessed your information, you should log in and check it out immediately. If the warning is that your information showed up on the dark web, you may want to take specific actions to protect yourself against identity theft.

It might also make sense to obtain a free full copy of your credit report to rule out fraud. Sometimes lenders report incorrect information on a credit report, and if so, you will need to contact them to correct it.

What should I do if there’s an error on my credit report?

If your credit report contains errors, it could affect your ability to get loans, apply for a mortgage, and even rent an apartment. The first thing to do is to get a copy of your credit report. Scan it carefully for any errors or information that should not be on there. If you find errors, dig out your paperwork proving your claim. You will need it.

Next, contact the lender or credit company directly to notify them of the error and try to get them to fix it. Tell them you need to have them update your file with the credit reporting agencies. If they refuse to fix the error, have them add a file to your record that shows you disputed the information.

Now, contact the three credit reporting agencies (Equifax, TransUnion, and Experian) and notify them of the error. Explain that you tried to get the lender to fix it, and they refused. Sometimes the credit agency will fix it on their end. If not and you still have trouble getting satisfaction, contact the FTC who governs credit reports and agencies. You can file a complaint using a form on their website. The FTC will open an investigation, and you will be notified of the results. Be sure to include your proof when filing your complaint.

How do I fix bad credit?

Most people go through rough patches when it becomes tough to make ends meet. Unfortunately, one of the side effects is that it can affect your credit. Poor credit means you won’t be able to apply for any loans, buy a house, or get credit cards. If you are given credit, you will pay higher interest rates with worse terms. Thankfully, there are some ways to fix your bad credit.

Get a copy of your credit report to see where things stand. Correct any errors on it and then follow the steps below to start building better credit.

  • Pay all of your bills on time and in full. Set up automatic withdrawals, so you don’t forget.
  • Pay down any credit card balances. A good rule of thumb is: don’t carry balances of more than 30% of your total credit line.
  • Do not apply for new credit for six months to a year.
  • Don’t close accounts when you pay them off. Lenders want to see “aged” credit.
  • Mix things up. Have various types of credit, such as loans, mortgages, and credit cards.

Be patient things will improve the longer you follow these steps.

Can I buy a house with a poor credit score?

It is sometimes very difficult to apply for a mortgage or loans with bad credit. However, there are some options. First, get a copy of your credit report to see how bad things are. Then try these tips below:

  1. Contact a lender who offers FHA loans. There is no minimum credit score with FHA loans. However, there is more paperwork and fees involved, and you may pay higher interest.
  2. If you have more cash in the bank and can pay a higher downpayment, some banks may take a chance on you.
  3. Spend a little more time improving your credit before applying for a loan.

What happens to my credit if I file for bankruptcy?

Bankruptcy is a last resort option for people who cannot pay their debts. It is a federal program that takes time and a lot of paperwork. You should not choose bankruptcy lightly. It will have far-reaching effects on your life and your credit.

Depending on the type of bankruptcy you file (Chapter 11 or Chapter 13), it could stay on your credit report for at least seven years and up to ten! Lenders view bankruptcy very negatively, and filing will most likely lower your score into the bad or very poor category for a long time. Therefore, explore all your other options before filing for bankruptcy.

Is a credit report the same thing as a consumer report?

No. A credit report is a collection of information about your debts, credit history, and how well you pay your bills. A consumer report is more of a full-blown background check, which may include a credit report but will also include things like criminal history, arrest records, marriages, divorces, military data, educational background, lawsuits, property ownership, and other details.

Employers, landlords, licensing agents, and government agencies may conduct a consumer report about you. Lenders and financial institutions will pull a credit report before lending you money.

What is a fraud alert?

A fraud alert is a special notice you can place on your credit report to notify lenders and potential creditors that you have been a victim of identity theft. A fraud alert does not hurt your credit, and you only have to notify one of the big three credit bureaus. They are legally bound to alert the other two.

When you put a fraud alert on your credit, a potential lender must take extra steps to verify your identity so that no strangers can open up new lines of credit in your name.

There are three types of fraud alerts. One is a standard alert that lasts for one year. An extended fraud alert lasts for seven years and is available to people who have been exposed to a data breach.Then there is an active-duty fraud alert for military personnel who are overseas and need to protect their credit while they are away.

What is a credit freeze?

If you were a victim of identity theft or you were involved in a data breach and afraid of identity theft, one of the tools at your disposal is a credit freeze. A credit freeze is something you can request that the credit reporting agencies put on your file to stop anyone from getting a copy of your report (except you) and opening new lines of credit. The federal government requires that all credit bureaus offer credit freezes to consumers for free.

When you put a credit freeze on your credit report, you will be provided with a PIN. You can give this PIN to lenders or other creditors who require a copy of your credit report. You can remove the credit freeze at any time with a single phone call.

What is a credit lock?

A credit lock is similar to a credit freeze, but they are not government-sanctioned or regulated, and you may be charged fees. A credit lock is a temporary tool to “lock” your credit so no one can gain access to it. All three credit reporting agencies offer them, and you can lock and unlock your credit on the fly using an app on your mobile device. Typically, credit locks are bundled in with other premium services offered by credit bureaus. They are quick and easy to use, but again, they are not as safe as a credit freeze, and they are unregulated, so services may vary and not be consistent or reliable.

What is Credit Monitoring

Credit monitoring is a service where a company continually monitors your credit report. You are notified of any changes, updates, credit score modifications, or when anyone opens new accounts in your name or obtains a copy of your credit report. The service may also include monitoring the dark web, social media, public records as well as other places looking for your personal information to help protect you against identity theft. Credit monitoring can be especially helpful in keeping your child’s credit safe until he or she reaches adulthood.

Can I get late payments removed from my credit report?

There is no way around it; late payments to creditors mean a lower credit score. However, depending on how many late payments you made and the circumstances, you may be able to get them removed and raise your score. First, get a copy of your credit report to see how many late payments are reported and by which lender/creditor. Then you can try some of the things below to attempt to get them removed.

  1. If the late payments are in error, you can contact the creditors to fix it and report on-time payments to the credit bureaus.
  2. If you have only a couple of late payments, you might be able to get the lender to remove them as a “goodwill” gesture. You can only do this once, though.
  3. Work on fixing your credit and bury the late payments under a mountain of on-time payments.

How do I get a free copy of my credit report?

Everyone is eligible to get a free copy of their full credit report from all three agencies every 12 months (one year). Experian, TransUnion, and Equifax bound together to make this easy for consumers by creating an FTC-authorized website where you can make your request. Go to annualcreditreport.com and click the button to request copies. Experts recommend staggering your requests every four months so you can get them throughout the year.

How do I contact any of the credit reporting agencies?

Since all three credit reporting agencies are independently owned and operated, they will have different information on you, and you will need to contact each one to correct errors. To contact them, use the links or phone numbers below:

DATA BREACHES

What is a data breach?

As technology evolves, more and more of our information is stored online and on computers connected to the internet. A data breach is when that information is accessed, stolen, or sold without our authorization. Data breaches can cost money and ruin a company’s reputation. We trust companies to keep our private information safe. Some information stolen in data breaches ends on the dark web and is sold to identity thieves. Other criminals use this information for financial gain.

The average cost of a data breach is $3.86 million. Some of the most common and valuable information stolen is your name, email address, credit card information, social security numbers, and banking data.

How do data breaches occur?

Data breaches occur in a variety of ways. Sometimes information is stolen by employees who work for the company. Other times hackers gain access to the system and take what they want. As with the case of the Heartland Payment Systems data breach, physical computers were stolen that contained sensitive information.

What is an employee data breach?

An employee data breach is when employee records containing very personal information such as banking details, social security numbers, medical information, and more is stolen during a data breach. Human Resources departments store a lot of sensitive information and must be diligent in keeping it safe. Unfortunately, that does not always occur, and therefore criminals get their hands on employees’ information, often resulting in identity theft.

What is a physical data breach?

A physical data breach, such as the case of the Heartland Payment Systems incident is when hardware such as computers are physically stolen and removed from the premise. These computers contained a lot of private payroll information such as banking details, social security numbers, and the names and addresses of the people they belonged to. Not only do companies need to secure against cyber-attacks but also physical loss.

What is accidental web exposure?

Accidental web exposure occurs when a company puts information online, providing access to specific individuals or vendors, but they fail to secure it properly, and it is exposed to the world. This was the case for First American Financial Corp., a title company that exposed thousands of real estate customers’ data online. Due to the nature of the business, some of the types of information leaked was bank account numbers, mortgage statements, social security numbers, tax records, wire transfers, receipts, driver’s license numbers, and more.

What is an insider data breach?

Edward Snowden is an excellent example of an insider data breach. It occurs when someone inside the company, an employee, perhaps steals or leaks information to the general public. Another good example is Anthony Levandowski, an ex-Google employee who stole thousands of files and blueprints before using them to start his own company. The Target data breach was also labeled an “insider” data breach due to a vulnerability with a vendor’s website that had access to their system.

What type of information may be stolen in a data breach?

Data breaches vary widely, and anything can be stolen. However, the most damaging information that may be obtained in a data breach is social security numbers, credit card data, banking information, and other personal details like medical history and family information, which is not included in public records. Additionally, logins for website accounts are especially vulnerable. Any little bits of information may be useful to criminals who want to steal your identity or your money.

What should I do if I am named in a data breach?

By now, most of us have been included in a data breach, whether or not we even realize it. If you hear about a company data breach and you are a customer of theirs or have done business with them in the past, go online and search for an FAQs page alerting you of the action you need to take. Most of them include class-action lawsuits, and you may be entitled to a settlement amount. Other precautions to take are canceling and replacing any credit cards used there and changing login passwords.

What is a bank account takeover?

A bank account takeover is a terrifying experience. It is when a thief gets ahold of your login credentials or other information and contacts the bank to change all your passwords and things like your mailing address so that you are essentially locked out of your own accounts. They can then use your money and take everything. It may not be immediately obvious to you that someone has breached your account. This occurrence usually happens because of a data breach, malware, phishing email, phone scams, or even man-in-the-middle attacks when you log onto your banking website at a coffee shop using unsecured Wi-Fi. The best defense against a bank account takeover is a VPN and changing your bank account passwords often.

What can I do to prevent identity theft after a data breach?

Identity theft is an unfortunate result of data breaches. Your personal information is supposed to stay private, but when it is exposed to hackers, criminals, and thieves, there is a greater risk of identity theft. To prevent it or to at least respond as quickly as possible:

  • Carefully monitor your bank and credit card statements every month.
  • Watch your credit report for any unusual activity.
  • Never share personal information when you don’t have to.
  • Do not click links in emails or download attachments.
  • Hang up on spammers who call you.
  • Only enter login credentials when you are sure that you are on the right website.
  • Consider a fraud alert or even a credit freeze to protect your credit.
  • Keep your computer and other devices updated and secured by antivirus software.
  • Sign up for credit monitoring.

What is credit card skimming?

One of the successful ways thieves achieved a data breach such as with Home Depot, Target, and Chili’s was through malware and credit card skimming. It can happen in one of two ways. Sometimes thieves install a small device onto a credit card scanner and siphon credit card information that way. The other way is that hackers install malware, which redirects the payment information to them instead of the bank. Criminals can collect millions of stolen credit cards within hours this way. More than $1 billion is lost each year to credit card skimming. Always be careful when using ATMs and gas pumps. Look for loose parts or other devices that do not belong.

How does identity monitoring work?

Identity monitoring is a service that you can sign up for to keep your credit reports safe and protect you against identity theft. Typically, credit card monitoring includes continuous monitoring of your credit report and other public records. Some services also include:

  • Dark web monitoring.
  • Social media trolling.
  • Chat room monitoring.
  • Fraud protection.
  • Public records database monitoring.
  • Virus protection and more.

What is phishing, and how is it connected to a data breach?

Phishing is an illegal scam meant to trick you using email, text messages, social media, ads, or through apps and malicious websites. A phishing email is designed to look like it came from a trusted vendor or company you do business with. The message usually implies a sense of urgency, such as a problem with your account, or you’ll miss something if you don’t act fast, and it will urge you to click a button or link. That link will take you to a fake website (which may look legitimate but is not) where you enter information, or your computer is infected by malware. Phishing emails are meant to elicit panic and make you act without thinking. They are designed to make money. Millions of dollars are lost every year to phishing campaigns. There are even phishing kits on the dark web to teach young criminals how to use them to dupe unsuspecting victims.

How can I check to see if I am a victim of a data breach?

Most companies that experience a data breach put up a website or portal where victims can go to enter their name or other information and check to see if they are part of the breach. Other companies may send you a letter in the mail or an email explaining what happened. Often you may not be aware that you were involved in any data breach, but chances are, you probably were. Take quick steps to protect yourself if you discover that your information was stolen or shows up on the dark web.

What is the dark web and dark web monitoring?

The dark web is a portion of the internet, also known as “darknet” that lies outside of the traditional boundaries of search engines. You can only access the dark web using special browsers and specific URLs. The dark web is made up of many peer-to-peer networks that are secure and private. A lot of criminals share space on the dark web transacting everything you can think of to make money. There are legitimate websites on the dark web for sharing information privately, but there is also a lot of illegal activity. Most products and services require payment via Bitcoin because it is untraceable. Some of the things you can find there are guns, counterfeit money, credit card numbers, bank account details, stolen credentials, phishing and ransomware kits (to wage campaigns and steal from people) prepaid debit cards, and hacked Netflix accounts.

Dark web monitoring means that your identity monitoring company is looking out for you by trolling the secluded corners of the dark web looking for your exposed private information. You will receive an alert if your data is found on chat rooms or for sale or free.

IDENTITY MONITORING

What are identity alerts?

Not all credit monitoring services work the same. Some, like IDStrong.com offer additional services, such as identity theft protection and alerts. They take things a step further by monitoring social media, public records, DMV databases, websites, chat rooms, and even the dark web scanning to see if your information is exposed to the public and at risk for identity theft. An identity alert is when your credit monitoring company contacts you to let you know they found some of your personal information out there on the internet. You can get identity alerts via phone, text, or email.

What are public record alerts?

Public records databases are continuously being updated from government sources, police, and the courts. Your credit monitoring company will keep an eye on all public records repositories to keep abreast of any changes to your public records. For example, if your name suddenly shows up on a police blotter for an arrest, you will receive a public records alert. It might indicate criminal identity theft if you were not the one arrested.

What are neighborhood alerts?

Neighborhood alerts refer to criminal records of known sex offenders or other criminals. If one moves into your neighborhood or registers with the government and they live near you, you will be notified through the service, so you can take proper precautions. You may request neighborhood alerts via phone, text, or email.

What do identity monitoring services entail?

Credit monitoring services will vary based on the company you hire. {{site}} offers comprehensive services, including identity theft monitoring, credit monitoring, as well as public records, and sex offender/neighborhood alerts. Some of the things that {{site}} monitoring for you are:

  • Passport number.
  • Driver’s License Number.
  • Medical Record Number.
  • Credit Card Numbers.
  • Debit Card Numbers.
  • Bank Account Numbers.
  • Insurance Account Numbers.
  • SSN.
  • Usernames.
  • Emails.
  • Phone Numbers.
  • Names.
  • Addresses.

If any of these things pertaining to you show up on the internet, you will be alerted, and if you are a victim of identity theft, IDStrong’s experts can help you fix it right away.

IDENTITY THEFT

How does credit monitoring protect my identity?

Credit monitoring is a service that acts as a watchdog continuously monitoring and checking your credit report and your personal information like (name, address, email address, phone number, and other details) that pops up on the internet somewhere or the dark web. The service alerts you via notifications whenever a change occurs like a new account shows up on your credit report. Or if your address changes and your cell phone number is found on the dark web, those are other reasons you might see an alert. The purpose is to protect you so that thieves do not steal your identity and open new accounts or gain access to your funds.

What could trigger an alert?

Some common occurrences that trigger credit monitoring alerts are new accounts, a formal inquiry requesting a copy of your credit report, a change in your home address, or other personal information.

Additionally, some other things that you will get an alert for are:

  • A change in your credit score.
  • Your cell phone number, login accounts, or passwords show up on the dark web.
  • Data breaches that you are named in.
  • If your personal or financial information is found on sale somewhere, you will get an alert.
  • If your social security number is used, you will be alerted.
  • Your name shows up in public records (criminal reports, arrests, warrants, etc.).

What should I do if my identity was stolen?

More than 60 million people have been victims of identity theft. It can happen at any time to anyone, even you. If your identity was stolen recently or you found out that your information is floating around on the dark web, you should take the following steps immediately.

  • Contact your banks and financial institutions to cancel credit/debit cards and change access logins.
  • Going forward closely monitor your credit card and bank statements.
  • Contact all three credit bureaus and correct your credit reports. Consider a fraud alert and possibly a credit freeze.
  • File a police report and provide all the details you can.
  • Contact the FTC to file a formal complaint and report your identity stolen.
  • If you lost yours, you may have to obtain a new driver’s license or social security card. With identity theft, sometimes the Social Security Administration will issue you a new number if yours has been compromised.
  • Change all your passwords for all login accounts everywhere.
  • Clean up your computer to make sure it is not infected by viruses, malware or ransomware.
  • Contact medical providers, health insurance companies, the DMV, utility companies, and the IRS that your identity was stolen so they can be on the lookout for fraudulent activity.

What should I do if I receive an alert that my email has been compromised?

It is quite common for hackers and thieves to steal email addresses. However, it is less common to have your email account hacked or used by someone other than you. If this occurs, you must contact the email vendor or server company and have them clean any malware or viruses connected to your account.

Change the password immediately and run deep scans on your computer or website to look for any backdoor trojans that may have stolen access in the first place.

Be extra cautious about receiving spam and phishing emails. NEVER click links in emails or download attachments.

What is a fraud alert, and how is it connected to identity theft?

A fraud alert is a notice you can put on your credit report that notifies potential new lenders and creditors that you have been the victim of fraud. When they see this notice, they take extra precautions to verify your identity before approving any new credit or lending you money.

There are three types of fraud alerts, a standard fraud alert, an extended fraud alert, and an active duty fraud alert just for military men and women stationed overseas. A fraud alert does not hurt your credit, and it lasts for a year but is renewable. An extended fraud alert lasts for seven years, but you must prove that you are a victim of identity theft to use it.

You only have to contact one credit reporting agency to ask for a fraud alert, and they will contact the other two.

How does identity theft occur, and how can I prevent it?

Identity theft is when someone steals your personal information to use your identity for financial gain. Some of the various ways that identity theft happens are:

  • Data breaches - if your information is stolen in a data breach, it could result in identity theft.
  • Thieves often go through your mail or trash looking for a credit card or bank statements to steal your data.
  • Phishing emails is another way your identity is stolen.
  • Unsecured Wi-Fi hotspots are dangerous and can let criminals in the door to steal your personal information or worse.
  • Credit card skimming is another way thieves steal your identity.
  • A lost or stolen wallet can absolutely result in identity theft.
  • Spam calls where the caller asks for personal details is another way identity theft occurs.

To prevent identity theft, always be careful when giving out your personal information. Sign up for credit monitoring and watch out for spam calls, suspicious emails, and unsecured internet connections.

What is a credit freeze, and do I need one?

If you are the victim of identity theft or fraud, you probably want to consider a credit freeze. It’s when you contact the three credit bureaus and ask them to freeze your credit. This means no one can get access to a copy of your credit report until you “thaw” it out. The purpose of a credit freeze is to prevent someone from opening new lines of credit or changing anything on your credit report without your permission. If your information was stolen in a data breach, this is a good preventive measure to take.

What is criminal identity theft, and how is it different?

Identity theft itself is bad, but criminal identity theft is worse. It occurs when someone uses your identity to commit crimes or provides your information after they are arrested. Now you have a criminal record, and you are completely innocent. Criminal identity theft can be very difficult to fix and prove. It is sometimes best to get an attorney to work out all the details for you. Thankfully, it is not as common as regular identity theft, but at least 12% of victims say criminal activity was part of the identity issue. There are many types to be aware of, and you should always review your public records information frequently to check for any fraudulent activity or suspicious criminal history.

How do I remove my personal information and public records from the internet?

It is near impossible to remove all information about yourself online. For example, public records are available due to the Freedom of Information Act., and you cannot remove them. With all the different types of accounts online, your basic information and perhaps, even more, is out there. Some examples are your name, address, employment history, education, news stories, public records, and photos. Due to the wide variety of data breaches, your social security number, driver’s license number, passport number, medical history, bank and credit card information, and logins may also be available. If this scares you, then you might want to try to remove as much information as you can. Some ways to do this are:

  • Delete your shopping and social media accounts.
  • Manually contact any website that has information about you and have them remove it.
  • Opt-out of data collection websites.
  • Delete your email account.
  • Don’t use apps on your phone.
  • Tighten up the privacy options in your browser and consider using a VPN to keep things silent.
  • Contact Google to remove any other bits of info about you.

How can I protect myself against identity theft if my wallet is lost or stolen?

The loss of your wallet can feel devastating, but if you take quick action, you may avoid identity theft. Search thoroughly for your wallet before you go canceling anything. If you finally determine that it is indeed lost or was stolen, follow the steps below:

  • Contact your bank and credit card companies to cancel cards and change numbers and even PINs.
  • If stolen, report it to the police.
  • Get a copy of your credit report and set up fraud alerts.
  • Get a new driver’s license.
  • File a report with the FTC if you think your identity was stolen as a result of losing your wallet.
  • You might need to get a copy of your social security card also.
  • Sign up for credit monitoring and contact your lawyer.

How can I protect my child’s identity until he or she is an adult?

Children have unblemished credit from the time they are issued a social security number. However, thieves can get access to your child’s information through the school, social media, medical records, government offices, or public records. If this happens, they could start using your child’s identity to get a driver’s license, credit cards, open bank accounts, and take out loans. By the time your child applies for student loans, the damage done could be catastrophic. To protect your child’s credit, regularly get a copy of their credit report. Some other things to do are:

  • Strongly consider putting a credit freeze on until they graduate high school.
  • Keep their social security card safe at home, don’t carry it around.
  • Ask schools and medical offices to redact personal information from your child’s records to keep it safe.
  • You can ask to be removed from school directories.
  • Shred all private documents before throwing them away.
  • Store your child’s personal documents (birth certificate, social security card, etc.) in a safe deposit box.

PRIVACY & SECURITY SETTINGS

How can I secure Windows 10 to make it more private?

Privacy is more important now than ever before. There are dozens of settings in Windows 10 to suture up your privacy and keep your stuff safe. A few tips to follow to make Windows 10 more private are:

  • Turn off location tracking; it is on by default. To turn it off, go to Settings > Privacy > Location. Look for the Change button where it says: “Location for this device is on.” Click it to toggle the setting off.
  • Both your camera and microphone are ripe for hacking and spying. You will want to turn both of them off as well. You can do this by visiting Settings > Privacy > Camera, Settings > Privacy > Microphone.
  • Turn off syncing and use a local login account instead of a web-based one.
  • Turn off personalized ads.
  • Be careful of providing too much in terms of permissions to new apps.
  • Hide notifications on your lock screen.
  • Turn off activity tracking.
  • Turn on the automatic deletion of your browser history.

How can I make Firefox more private and secure?

Firefox is a favorite browser among developers because of its privacy, security, and built-in tools for coding. Although out-of-the-box, Firefox is fairly private and secure, you will want to adjust some settings to make it even more ironclad. Some things to consider are:

  • Turn off telemetry (data usage collected by Mozilla). You can disable this by going to Preferences>Privacy and Security and then Firefox Data and Collection Use.
  • The default search engine is not all that secure. However, you can choose an alternate like DuckDuckGo or one of your own selection. To change your default search engine, go to Menu > Preferences and select Search from the left sidebar. The second item down is the Default Search Engine. Look for “One-Click Search Engines,” and Use the Find more search engines link to install the one you like.
  • Turn on tracking protection so that websites cannot continue to track your online activities.
  • Consider turning off cookies. Although they can enhance the browsing experience, it may be a trade-off in terms of privacy.
  • Allow Firefox to keep track of your passwords.
  • Automatically delete your browser history.
  • Review your permissions settings to see what has access to what. Pay particular attention to your camera and microphone settings in here.

You may also want to review the security settings like content blocking, advanced settings, and also consider installing a third-party security app like a VPN to keep things even tighter.

What are some things I can do to make my Mac more secure and private?

Apple cares deeply about user privacy and security. Therefore, they built-in a whole host of options to control how your privacy is maintained and how secure you want your Mac. Apple has centralized all the privacy and security settings in one location: System Preferences > Security and Privacy. You will need to unlock the padlock at the bottom of the page before changing any settings. Some settings to check to make your Mac more secure and private are:

  • Turn on a lock screen password.
  • Use iCloud Keychain to keep track of all your passwords.
  • Set a strong, long computer password.
  • Turn on FileVault - this encrypts your entire hard drive.
  • Review the firewall settings.
  • Turn off location tracking in privacy settings.
  • Review which apps and programs have access to your contacts, microphone, camera, full disk access, and files.
  • Turn off analytics and reporting which collects information on how you are using your computer and sends it to Apple.
  • Limit ad tracking that serves you customized ads.
  • Turn off notifications or at least those that show up on the lock screen.
  • Only set up what you need in Wallet and Apple Pay.
  • Set up Touch ID to secure your Mac with your fingerprint.
  • Thoroughly review the sharing settings to make sure you are not exposing sensitive information to other computers and devices.
  • Tighten up your Safari security and privacy settings.

How do I adjust Twitter’s privacy settings?

Social media accounts, like everything else, are vulnerable to spying and tracking. The good news is, you can adjust your Twitter settings to make things more private. The first thing you could do is make your entire profile private, but then no one outside your close network could see you. It’s up to you. If you do want to turn it off, go to your profile, Settings > Security and Privacy > Tweet Privacy/Protect My Tweets.” Check this option off and hit save. You can also adjust other things like:

  • Tagging - control who can tag you in photos.
  • Location tracking - set to off by default.
  • Discoverability - who and how can people find you on Twitter.
  • Personalized ads - turn them off or on based on your preference.

In terms of security, visit Settings > Security and Privacy to turn on Send login verification requests to my phone. Check out the apps section to review permissions in there. Also, remember to change your Twitter password every month or so to keep it safe.

Can I make my Instagram account private?

Instagram, like other social media platforms, are in business to make money. They do so through targeted ads based on the information contained in your profile and shared by you and your followers. You can change the settings of your Instagram account to make it private. Therefore, anyone wanting to connect with you has to ask permission first. To change your account from public to private:

  1. Log into Instagram.
  2. Go to your profile.
  3. Then tap the hamburger menu (three horizontal lines).
  4. Tap Settings > Privacy > Account Privacy.
  5. Tap next to Private Account to set your account to private.

Review the entire privacy policy and other settings to secure your account even further.

Is there a way to make my Facebook account more secure and private?

You might be worried about your Facebook account after hearing about the frequent data breaches there. If so, you can secure your Facebook account by following the tips below:

  • Facebook has a built-in tool called the “Privacy Checkup.” You can run this automated wizard that will walk you through many of the most common settings.
  • Set up two-factor authentication for your Facebook account.
  • Change your Facebook password at least every month. Facebook accounts are hacked all the time.
  • Review the “where you are logged in” area to see which devices use your Facebook account. Revoke access to any you don’t recognize.
  • You can also turn on Facebook alerts to notify you of logins and other issues with your account.
  • There are dozens of privacy settings to control who can see your stuff, comment, follow you and connect with you. Review them all carefully.
  • Be sure to visit the apps section and review those permission as well.
  • Adjust your ad settings to limit targeted ads for you.
  • Turn off location tracking.
  • You can also block specific apps and users.

Can I tighten up security on my LinkedIn account?

Yes. You should review your privacy and security settings on LinkedIn to be sure your account stays safe. Far too many data breaches have occurred on social media, and you don’t want to become the next victim. A few things to remember when adjusting the security on your LinkedIn account are:

  • Set up two-factor authentication to keep your login safe.
  • Use the Account tab to change your password frequently.
  • Go over the privacy settings to control who gets to see what and how you can be discovered and contacted with others.
  • You can also set how you want targeted ads to work on your account.
  • You may also want to turn off the syncing feature.
  • Turn off news mentions.
  • Turn off Share Profile Edits.
  • You can also hide or block companies and users.

Are there Google Chrome privacy settings that I should change?

Unfortunately, Google is not known for respecting your privacy. However, Google Chrome does have some settings you can adjust to keep things safe and secure. It also includes an Incognito Window, which is a private browsing window where your history is not saved, and you are not tracked.

You might also want to review the settings regarding location tracking, YouTube history, and activity tracking. Other things to be aware of are:

  • Be careful of autofill for credit cards (saving your credit card data).
  • Turn off synchronization if you want to protect your data.
  • Review app permissions - pay special attention to anything that wants to use your microphone and camera.
  • Check out third-party access to your profile and information.
  • Review the cookies and location data settings.
  • Turn on two-factor authentication.

How do I secure my iPhone and make it more private?

iPhone is a great device, and it’s not small on privacy. However, many users never even check their privacy and security settings. You can do so much more with it to secure your data by adjusting a few settings. Some things to keep in mind when trolling the privacy and security settings of your iPhone are:

  • Use a strong passcode and set up Face ID or Touch ID.
  • Turn on USB restricted mode so no one can connect to your phone and copy all your data.
  • Turn on automatic updates.
  • Turn on two-factor authentication for your iCloud account, providing another layer of security.
  • Turn on password autofill, so you don’t have to remember or type in passwords.
  • Turn off location sharing.
  • Review your apps and their permissions.
  • Button-down your lock screen. Don’t have things popping up that you wouldn’t want anyone to see.
  • Review the privacy and security settings inside Safari on your iPhone.

How do I adjust the security settings for Microsoft Edge?

Microsoft Edge is the new Windows browser. You can review all the security settings inside Edge by going to the horizontal dot menu then Settings. It’s a good idea to get into the habit of regularly clearing your browser cache. Other security considerations would be:

  • Turn off synching.
  • Block pop-ups by turning them on in Settings.
  • Turn off Flash.
  • If you use a VPN, you can set a proxy server.
  • Choose whether or not to allow Edge to save passwords.
  • Turn on Send Do Not Track requests.
  • Turn off cookies.
  • Turn on Edge’s malware protection called SmartScreen Filter.
  • Set your custom security level inside Edge.
  • Review content and program security options.

You can also use an InPrivate browsing window, which allows you to surf the net without being tracked.

What can I do to adjust my privacy settings on Safari?

Safari is Apple’s built-in browser on macOS and iOS. It’s very private and very secure, but you still need to adjust some settings; not everything is set optimally as a default. It does include a private browsing window option. Some other things to think about are:

  • Turn off the opening of “safe files.” Go Safari > Preferences > General and uncheck the box at the bottom that says Open “safe” files after downloading.
  • In the security tab of settings, check off Warn when visiting a fraudulent website.
  • Set your browser to clear the cache automatically.
  • Manage your website data and turn on/off cookies.
  • Be careful when using Apple Pay inside Safari.
  • Check your microphone and camera access settings. Limit them to only what is necessary.

What is a VPN, and why would I need one?

A VPN is a virtual private network. It is activated through either software or hardware, and it masks your IP address and internet location so that you can browse freely on the web without being tracked. It basically connects you to a private server in another location, so your actual physical location is hidden. It helps to keep you safe from hackers, spies, and others wanting to use your online activities to collect information about you for ads or other nefarious purposes.

SCAMS & FRAUD

What should I do if I receive a social security alert?

If the alert comes from your credit monitoring company, then log in immediately and find out what it involves. You may be the victim of fraud. If you receive an email or a call about your social security number, it could be a scam. Never give out personal information like your social security number or credit card details to anyone you don’t know.

What is application fraud?

Application fraud is linked to identity theft and is when someone tries to use your information (name, address, birth date, social security number) to open new accounts (bank accounts, credit cards, etc.) in your name. By reviewing your credit report regularly, you can avoid this problem or at least address is as soon as it occurs to prevent any real damage.

What is social security fraud?

Social security fraud consists of one or two things. It may be a thief stealing and using your social security card to open new accounts or obtain false identity papers. It may also be someone using your social security number to apply for and receive SS benefits. Either way, it is all about money.

Often these scammers call elderly Americans and scare them into thinking they are losing their benefits, so they pay a fee for a new social security card which never shows up. Often social security fraud is perpetrated by loved ones close to you. Some social security administration employees even steal consumer’s information to gain access to benefits.

What is credit card skimming?

Criminals install credit card skimmers into ATMs and gas pumps that steal your credit card data (including PINs) instantly. Sometimes they use small cameras to observe you entering your PIN. In the case of Target and Home Depot, they used malware installed on payment kiosks that grabbed credit card information that way. Always look for loose parts or anything that does not belong before using an ATM or gas pump to pay.

What is an account takeover, and how can I avoid it?

An account takeover is a scary event. It is when scammers contact the bank or credit card company pretending to be you. They have enough information to pass the security tests (your name, address, social security number, account number, etc.). Then they change the access codes, mailing address, or passwords so you can no longer get into your own account. Now they can drain your bank balance or spend up a storm, and you can’t even fix it because you no longer have access.

What are phishing attacks?

Phishing attacks are email campaigns waged by novices and expert criminals to steal your information, your money, or spy on you. They work by sending you an email that looks like it came from a legitimate source (your bank, a company you do business with, or some other reputable sender). The email sometimes alerts you to a problem or demands that you urgently click a link to fix something or miss out on a great deal. When you click the link, you are taken to a fake website (which may look just like the one you are used to), and you enter your credentials to log in, and thieves now have them. Sometimes, by clicking the link, your computer may be infected by ransomware, malware, or a virus.

The only way to stay safe from phishing attacks is NEVER clicking links in email or downloading attachments. Always verify the sender’s email address.

What is a college scam?

A college scam is when fraudsters target vulnerable, innocent young victims in college. Typically, students are more likely to be fooled by the tactics used to steal their money or identity. Some common college scams include:

  • Fake credit cards with terms that are too good to be true.
  • Late tuition scams that bilk thousands from worried young adults.
  • Bogus scholarships and grants that don’t exist but cost a “fee” to apply for.
  • Apartment scams that lure kids in and then steal security deposits.
  • Advance-fee scams that illicit fees upfront for something that never occurs later.
  • Job scams where they are promised little work for high pay.
  • Blackmail scams include scammers forcing students to pay a fee, or they will release video or pics of them doing embarrassing things.
  • Internet scams or unsecured Wi-Fi breaches.

What is a Bitcoin scam?

Bitcoin is the name of the game when it comes to virtual currency. It makes sense that fraudsters, scammers, and criminals would be using bitcoin to stay in the shadows. Bitcoin is untraceable and, therefore, the chosen medium for payments on the dark web. When doing business with strangers, it is always a good idea to use a dollop of skepticism. Some of the most notable bitcoin scams are:

  • Fake Bitcoin wallets and exchanges - many fake Bitcoin investment sites are popping up all over the internet. They ask for access to your Bitcoin accounts to invest on your behalf, and your funds are gone. Apps claiming to be Bitcoin wallets are also dangerous and could just be a vehicle for scammers to drain your coin.
  • Ponzi schemes - where you could earn so much money via Bitcoin if you just help the fraudsters build their empire.
  • Blackmail scams - fraudsters email you, claiming to have a video of you in a compromising position and they blackmail you out of thousands to keep quiet.
  • Malware - your bitcoin fortune can be stolen by a hacker who installs a program on your computer.

What are the Nigerian scams?

Nigerian men and boys perpetrate many of the scams that plague Americans. It has become a booming industry in a poor country. First discovered in the 1990s, these scams consist of young Nigerian men using email and websites to dupe Americans out of millions each year. The most famous scam is the Nigerian letter scam, where you receive an email from a prominent diplomat or widow pleading with you for help getting his or her fortune out of the country. Of course, they offer you a huge reward, which is simply a sham. They bargain with you for taxes and fees, which you gladly pay in hopes of your payday, which never comes. Nigerians are also responsible for the country’s highest number of romance and dating scams bilking poor, lonely women out of $143 million per year.

What is a cash app scam?

Cash apps scams involve popular payment platforms like Cash App, Venmo, Zelle, Apple Pay, Google Pay, and Facebook Payments. Criminals have devised ways to use fake emails (looking like cash app receipts), so you think you had received money when you did not. Then they demand a refund or some of the cash back, which you pay, and then find out you were never credited with the initial payment. Sometimes they steal goods which you mail right off but were never paid for. Other more sophisticated operators may call you and pretend to be your bank, asking for access codes, which then tie into your cash app, and they can drain your funds that way. Always secure these apps with 2-factor authentication and Face ID or Fingerprint ID if you can. Never give out personal information to anyone who calls you.

What is a PayPal scam?

PayPal is the most popular online payment method in the world. It is used exclusively by eBay (a popular online auction site). Thus, it is ripe for scams. Thieves use a variety of methods to steal from you via PayPal, such as phishing emails, malicious websites, fake social media ads, and spoofed links. Often, they will send emails regarding a problem with your account. They make these emails look so much like real PayPal emails; customers are fooled. Always be on the lookout for advance-fee scams using PayPal, overpayment tactics through eBay, phishing emails, or anything that notifies you that you won a prize or lottery. It’s probably a scam.

What is a Craigslist scam?

Craigslist is a hugely popular classified ads website. However, in recent years it has become overrun with scammers, both sellers, and buyers. Be watchful for anyone selling a car online (a lot of them don’t even exist). When you see an ad for a house or apartment rental, tread lightly, and do your homework. Often these are criminals looking to steal a quick security deposit. Some other Craigslist scams to be aware of are:

  • Fake website that mimics Craigslist but is not.
  • Phony money orders and bad checks that bounce.
  • Expired tickets for live events.
  • Purchase protection, which is not a thing on Craigslist.
  • Anything that sounds too good to be true, like a price that is far below market value. Stay away.

What is a fake check scam?

The FTC receives thousands of complaints from victims of fake check scams each year. You receive a check in the mail; it may claim you won some sort of international lottery (which you never entered). You can cash the check right away, but all you have to do is pay a small fee for taxes. You deposit the check, send out the fee, and the check bounces. Now you are out the money you sent, and you can’t reach anyone to claim your prize because it was fake. Sometimes these scams involve secret shopper gags or overpayment for goods, and then they want a refund. Regardless of how you are caught, if you send them anything, it will be gone forever.

What is an IRS scam?

A very popular scam gaining traction these days are voicemails left on your phone that claim to be from the IRS. The robotic voice warns that you are in violation of not paying taxes, and the police are on their way to arrest you, or you will be sued. The thing is, the IRS doesn’t make phone calls, threats or send the police out. They have a strict protocol to deal with legitimate tax issues. These are scammers hoping to get a quick payout because they panic you into not thinking before sending them money. There are dozens of variations on this scam. If you have a legitimate tax issue, call the IRS directly to inquire about it.

What are eBay scams?

eBay is an enormously popular online marketplace. You can buy or sell just about anything on there. Therefore, it has also become a breeding ground for scammers. Always be careful when doing business online as a buyer or seller. Some eBay scams to watch out for are:

  • Empty box or picture scam where the picture of what you want is all you bought (an empty box or a picture of…).
  • Car scams abound on eBay. If the buyer or seller pressures you to move the conversation out of eBay, that is a big red flag that they are scammers.
  • Sometimes you pay for goods online and never see the product. Always check the seller’s reputation and length of time on eBay before paying.
  • Overpayment scams when they send you too much and ask for a refund, then their payment is rescinded or never was processed.
  • Broken item scam - you send out your perfect goods, scammers email you and say it was damaged and they want their money back.
  • Address change scam when a scammer is trying to get you to send the goods to them, rather than the actual buyer.

What is an investment scam?

Investment scams are where perpetrators promise victims high rates of return on their money for low or no risk. Because investment schemes can involve thousands of dollars, fraudsters sometimes set up elaborate offices staffed with dozens of employees and fancy websites to lure you in. You may receive an invitation via phone or email to get in on these great deals before they are gone. Some commons investment scams are the “pump and dump,” the advance-fee scam, boiler room scams, Ponzi schemes, offshore investments, and pensions scams. Watch out for anyone “selling” you an investment that sounds too good to be true or is time sensitive.

What are lottery, sweepstakes, and prize scams?

Who doesn’t want to win the lottery? Unfortunately, scammers know this and play on it. Sometimes it’s an email or something in the mail. Other times you might get a call claiming you won a prize. All of these are scams designed to drain money from you via taxes, insurance, or additional fees. Experts warn, “if you have to pay, you didn’t win.”

What are senior scams?

Many senior citizens have a lifetime of savings, and they are less savvy about scams, and they make great targets for fraudsters looking to make a buck. Criminals are without conscience preying on elderly adults, and they can be very tricky using a variety of methods. Some of the most common scams to watch out for that target seniors are:

  • Prescription drug scams - offering placebo or sugar pills at cheap rates.
  • Medicare scams that bill on behalf of patients for bogus products and services or to steal their identity.
  • Catfishing/online dating scams - men target lonely older women and steal their life savings over time while pretending to woo them.
  • Phishing scams - emails designed to dupe them into providing credentials or other personal information.
  • Telemarketing or tech support scams - to trick elders into handing over their credit card number.
  • Social security fraud scams.
  • Grandparents scam where fraudster pretends to be related to get money.
  • Reverse mortgage, lottery, or advance-fee scams.

What are some common Facebook scams?

Facebook is famous for data breaches and also a prevalent venue for scams. Tricksters use fake ads, videos, fake news, and offers to get unsuspecting users to click links. These links often take you to fake websites that will steal your information or money. You also have to be careful of “friends” who are actually faked accounts used by scammers. Sometimes Facebook scams turn out to be romance scams. Be careful!

What are some travel scams to watch out for?

Traveling can be great fun but also dangerous if you don’t watch out for some common scams. A broken taxi meter is quite common, and then your driver overcharges you by a lot. Natives may try to shove gifts, beads, or herbs into your hands and then demand payment. Your taxi driver might also be in cahoots with an expensive hotel and tell you your booking was canceled for the one you have set up. Sometimes a stranger will spill something on you while pilfering your wallet. You will be too distracted to notice until it is too late. Other things to watch out for are fake police, fake Wi-Fi spots, found jewelry, motorbike damage, and overly friendly natives who want to show you a good time.

How can I avoid a work-from-home scam?

The world is full of legitimate remote positions that you can perform while in your pajamas. However, scammers use fake ads to lure hopeful job applicants who want to reap the benefits of working from home. Be careful of the return check scam where your new employer sends you money to set up your office and then demands a refund before their check bounces. Stuffing envelopes, starting a business, surveys, and mystery shopping are other work-from-home scams to be aware of. If you see an ad for medical billing or some other job that clearly requires expertise and it says: “no experience necessary,” it may be a scam.

What is a dating/romance scam?

The FTC reports $143 million lost every year to romance scams. Fraudsters set up fake accounts and woo you, moving quickly to gain your trust and then suddenly experience a financial setback and need your help. These scammers profess strong feelings rapidly, they often want to move the conversation “off-platform,” so they don’t get shut down or caught. They also use an unlimited number of excuses for never meeting in person. Often these scammers will pretend to be in the military to explain absences and an emergency that requires quick cash.

What is the nationwide Sierra Leone scam?

Also known as the “one ring scam,” this one involves a robocall that rings your phone only once. It is designed to pique your interest and get you to call the number back (since everyone has caller ID now). The number is an International phone line costing you $20 for the call and then $9 per minute after that. If you do call, they will try to keep you on the line for as long as possible to rack up the profits. Never call back numbers that you don’t know.

How do I report fraud or other types of scams?

The FTC has a website to assist you with filing complaints about all types of scams and fraud. Log onto ftccomplaintassistant.gov and choose from the menu, the type of complaint you wish to log. You can report identity theft, international scams, people who violate the Do Not Call Registry, spam, text, or scam phone calls. You can file your complaint online, or they even have a chat feature where you can speak with them live.

Other ways to report a scam or fraud are:

  1. Contact the FTC via phone at 1-877-FTC-HELP.
  2. They have a helpful video instructing you on how to report your claim here.
  3. Contact local law enforcement also and file a police report.

SOCIAL MEDIA & IDENTITY THEFT

Could my social media accounts be hacked?

Yes. Facebook has been hacked a number of times, and millions of users’ information were stolen and used for political and monetary gain. Some of the information obtained in these data breaches was name, username, email address, phone numbers, birth date, residence address, and even more personal details. In some cases, hackers were able to spy on messenger services as well. All of this information can be used to wage an identity theft campaign against you and puts you at risk.

Can I tighten up my twitter privacy settings?

You sure can. There is a whole list of things you can do to secure your Twitter account and keep prying eyes out. You can even make your entire account private, so only your connected buddies can see your stuff. You can also control who gets to tag you in photos; you can turn off location, discoverability, and the personalization of ads that targets you for things you might be interested in based on your demographics or tweets. You should check out all the settings to secure your account, turn on two-factor authentication, and review the apps that have access to your data.

What if I want to delete my Facebook account, can I?

You can both deactivate or completely delete your Facebook account. To deactivate go to the down arrow menu (top right), then Settings > General > Your Facebook Information > Deactivation and Deletion. Choose which one you want and follow the prompts to deactivate or delete it. If you deactivate, all you have to do to reactivate is log back in. You may want to take a complete backup before you delete the entire thing. You have 30 days to cancel the deletion of your account if you made a mistake.

How do I delete my Instagram account?

If you think you might change your mind later, deactivate your account instead of deleting. Warning: deleting means all your photos, videos, and the content will be gone forever. You can easily deactivate your Instagram account by logging into Instagram online and going to Profile > Edit profile and clicking the Temporarily disable my account link. To thoroughly delete it, you must visit their special page here. You have to provide a reason and then confirm you actually want to delete your account by entering your password. Done!

You can also make your account private, so only your fans see your stuff, but in many cases, that is counterintuitive to the purpose of social media.

Do I need to change my LinkedIn security settings?

Probably. Most default privacy and security settings for social media are broad and allow way too much access to your sensitive information. You may want to review the LinkedIn settings and adjust the privacy settings to limit who sees what, turn on two-factor authentication, turn off targeted ads and adjust who can and cannot contact you and see your profile on LinkedIn. This social media platform is a great way to stay in touch with colleagues and potential employers, but sometimes a little information is too much. A couple of other things to adjust is news mentions and turn off share profile edits, especially since LinkedIn experienced their own data breach.

How do I secure my Snapchat account?

Snapchat’s privacy policy is quite liberal, and they do share a lot of your information with other platforms. Therefore, it’s important to review your privacy and security settings to tighten things up. Make sure you review access, permissions, advertising preferences, and communication (who can contact you and how).