IDStrong offers three different subscription tiers for you to choose from. The “Standard” plan provides identity monitoring, data breach exposure alerts, PII (personally identifiable information) monitoring, dark web monitoring, SSN, public records, contact information, social media and address monitoring along with neighborhood monitoring, and more for only $9.95/month. The “Advanced” plan includes everything in the Standard plan plus Experian credit monitoring, including credit report, credit score and alerts for file changes, new loans, and new credit inquiries, bankruptcy, liens, and judgments. With the Advanced plan, you also get lost wallet assistance, identity restoration support, and a live credit agent; all for $14.95/month. The “Comprehensive” plan gives you everything from the Advanced package with credit monitoring of all three credit bureaus (Experian, TransUnion, and Equifax) and all the features of the other two plans combined. The Comprehensive Plan is $19.95/month.
No. IDStrong never sells or shares your private information with anyone. We are all about protecting your privacy by preventing exposure from data breaches and selling or sharing private data. Rest assured, your private information will remain confidential with IDStrong.
IDStrong carries a $1 million identity theft insurance plan to cover our customers with the “Advanced” and “Comprehensive” subscription plans. Some of the things covered under this insurance are reimbursement of stolen funds linked to identity theft or fraud, lost wages, document replacement, CPA services, private investigator fees, travel and childcare, all related to an identity theft incident. Limitations apply, and for a more accurate and detailed outline, you will need to consult relevant insurance coverage documents.
IDStrong’s lost wallet restoration service helps give you back peace of mind. If your wallet is lost or stolen, our dedicated team will help you cancel credit cards, get replacements, and contact the appropriate agencies to secure your identity. The service may include getting a new ID, new credit cards, or contacting the credit bureaus for a credit freeze or to alert them of identity theft or fraud.
Once you sign up with IDStrong, your credit card will be billed monthly until you cancel the service. With IDStrong, there are never any hidden fees or surcharges. You will only be billed for your monthly subscription.
IDStrong’s identity monitoring services cover you from top to bottom. Our identity theft services keep an eye out for any of your personal information, such as a home address change, email account associated with your name, or any other items that link back to you. If any of the following items below belonging to you show up in a data exposure or breach, we will notify you as soon as we detect it.
IDStrong offers a full package of identity monitoring to cover all your personal details. Some of the things we keep an eye on are:
iPhone is a great device, and it has a lot of great privacy features. However, many users never even check their privacy and security settings. You can do so much more with it to secure your data by adjusting a few settings. Some things to keep in mind when trolling the privacy and security settings of your iPhone are:
The Android operating system is great because it is so versatile, but that also opens it up to more vulnerabilities. There are a few key ways you can better secure your Android phone:
Android devices are just as susceptible or even more so to viruses, malware, and even spyware. If you have pop-ups, redirects, or your phone is unusually slow or acting oddly; you may have malware or spyware on it. There are a variety of different spyware programs. If you think someone may be spying on your or accessing your phone without your knowledge, first, search for any programs you do not recognize by following these steps:
Check your downloads folder and also run antivirus/anti-malware software on your Android device. That might help find and clean it as well.
Privacy is a significant concern on the heels of data breaches, ransomware, and cyberattacks hitting the news each day. Thankfully, Windows 10 has a setting where you can set your network type to be private instead of public. Therefore, when you are connected to public Wi-Fi at the local coffee shop or airport, your privacy will remain intact. The Windows firewall is the device that keeps predators out if you set it correctly. To change those settings:
Many people believe that their cell phones are impervious to the same dangers as a computer, but they are wrong. Smartphones and anything connected to the internet is vulnerable to cyber-attacks. Depending on whether you use an iOS device or Android, the settings may vary. However, some things you can do to secure your phone against cyber-attacks are:
The most common way your computer browser gets infected is by downloading a file or software from an unsecured site. You don’t typically realize it until your computer starts throwing pop-ups at you and it slows ways down. To remove them try the following tips:
Before installing anything or downloading files, use common sense to stay safe from adware and spyware.
Waking up some morning to find that your computer has been hijacked by a cybercriminal sparks fear into the hearts of most people. Typically, ransomware works by locking your files and preventing you from accessing them. However, not all ransomware is that sophisticated. There are many different types and variants, but they are all designed to get you to pay a fee. You can do that or try the following instead:
There is always the chance that your beloved smartphone may be lost or stolen at some point. Therefore, before anything happens, make sure automatic backups are turned on, and you have secured your phone with encryption, a “find my” program to factory reset it or find it, and a secure password or PIN. If you lose your phone or someone swipes it:
Browser selection is very personal, and different people lean towards Chrome, Safari, or Firefox for various reasons. But when comparing apples to apples in terms of security, privacy, speed, integration, extensions, battery life, and features, Safari consistently comes out on top. With all the talk about data breaches, malware, and other privacy concerns, Safari goes above and beyond to protect the user’s sensitive information, browsing habits, and security.
A worm virus is a malware program designed to replicate itself and deliver a “payload,” which might be deleting files, destroying networks, encrypting data, or even stealing information. Worm viruses are self-sufficient and do not need a human being to activate them. Once they are released onto a network, they can move, copy themselves to a computer and start wreaking havoc. They typically eat up a lot of memory and bandwidth, which can slow things down considerably. Worms get into networks and computers through vulnerabilities in the operating system. They may be activated through email or malware.
A trojan virus (named after the Trojan horse ploy used in Troy) is a virus that takes control of your computer, steals files, deletes files, modifies data, blocks things, copies files or data, and disrupts network connections. Unlike a worm, trojans are not self-sufficient; they require a person to click or install something to execute/activate them. There is an extensive library of different types of trojans you might come in contact with. They are the most damaging type of virus. A few ways to avoid them are:
Adware is malicious software that tracks your online activity and pop-up ads or redirects your browser to places you did not intend. Hackers make money off adware when users inadvertently click on pop-ups and fake websites that are made to look like the originals. A lot of freeware software has adware built-in, and just by installing it, you could infect your computer. Adware can slow down your computer and cause other damage. Use strong antivirus software to find and clean it up and stay away from downloads from untrusted sources.
Phishing is a tactic that cybercriminals use to get you to click a link or download files. They send an email, text messages, use ads, or social media to trick you so you will act without thinking. Once you do click the link, your privacy and security are threatened. You may lose login credentials, bank access, or infect your computer with dangerous malware. Phishing is the number one way that identity theft occurs. Emails are designed to look legitimate, so you have to look closer to be safe. Never click links or download attachments in emails. Go directly to the website on your browser instead.
Wi-Fi security refers to how you keep your home or office Wi-Fi network safe from hackers, neighbors, and anyone else looking to spy on you, steal your data or commit fraud or identity theft.
Wi-Fi security may include special hardware, software, and Wi-Fi network best practices. Other ways to keep your Wi-Fi network safe are:
If you go out of town, shut down all your network equipment until you return.
Privacy is more important now than ever before. There are dozens of settings in Windows 10 to suture up your privacy and keep your stuff safe. A few tips to follow to make Windows 10 more private are:
Apple cares deeply about user privacy and security. Therefore, they built-in a whole host of options to control how your privacy is maintained and how secure you want your Mac. Apple has centralized all the privacy and security settings in one location: System Preferences > Security and Privacy. You will need to unlock the padlock at the bottom of the page before changing any settings. Some settings to check to make your Mac more secure and private are:
Firefox is a favorite browser among developers because of its privacy, security, and built-in tools for coding. Although out-of-the-box, Firefox is fairly private and secure, you will want to adjust some settings to make it even more ironclad. Some things to consider are:
You may also want to review the security settings like content blocking, advanced settings, and also consider installing a third-party security app like a VPN to keep things even tighter.
Unfortunately, Google is not known for respecting your privacy. However, Google Chrome does have some settings you can adjust to keep things safe and secure. It also includes an Incognito Window, which is a private browsing window where your history is not saved, and you are not tracked.
You might also want to review the settings regarding location tracking, YouTube history, and activity tracking. Other things to be aware of are:
Microsoft Edge is the new Windows browser. You can review all the security settings inside Edge by going to the horizontal dot menu then Settings. It’s a good idea to get into the habit of regularly clearing your browser cache. Other security considerations would be:
You can also use an InPrivate browsing window, which allows you to surf the net without being tracked.
Safari is Apple’s built-in browser on macOS and iOS. It’s very private and very secure, but you still need to adjust some settings; not everything is set optimally as a default. It does include a private browsing window option. Some other things to think about are:
When accessing the internet from a public place such as a coffee shop, the airport, or even the public library, you may be at risk. Hackers often compromise public Wi-Fi due to insecure security settings. You may also be at risk of man-in-the-middle attacks or hijacking. Limit your connection to public Wi-Fi and if you must, never perform bank or credit card transactions while using public Wi-Fi. Financial information is what hackers look for the most. If you want to be really safe, install a VPN on your mobile device before connecting to any public Wi-Fi. A VPN will mask your IP and all your online activities.
A VPN is a virtual private network. It is activated through either software or hardware, and it masks your IP address and internet location so that you can browse freely on the web without being tracked. It basically connects you to a private server in another location (in another country for example), so your actual physical location is hidden. It helps to keep you safe from hackers, spies, and others wanting to use your online activities to collect information about you for ads or other nefarious purposes.
Password security is critical to keeping all your data safe from hackers, spies, and identity thieves, and others wanting to invade your privacy. Some guidelines to keep your passwords safe are:
The experts agree you should have a password made up of a combination of uppercase and lowercase letters, numbers, and symbols. To remember it easily, you can use a passphrase.
Say you love the Red Sox. You could create a passphrase like the one below using all the items mentioned above.
1L0v3thEReDS@x = I Love the Red Sox.
As with any online system, there are inherent dangers. Nothing is guaranteed to be 100% safe. However, most of the social media platforms do include a lot of privacy and security features like two-factor authentication, control over who sees what, and other settings that you may want to review periodically to ensure that your account is as safe as possible.
Yes. Facebook has been hacked a number of times, and millions of users’ information were stolen and used for political and monetary gain. Some of the information obtained in these data breaches was name, username, email address, phone numbers, birth date, residence address, and even more personal details. In some cases, hackers were able to spy on messenger services as well. All of this information can be used to wage an identity theft campaign against you and puts you at risk.
Yes. You should review your privacy and security settings on LinkedIn to be sure your account stays safe. Far too many data breaches have occurred on social media, and you don’t want to become the next victim. A few things to remember when adjusting the security on your LinkedIn account are:
Social media accounts, like everything else, are vulnerable to spying and tracking. The good news is, you can adjust your Twitter settings to make things more private. The first thing you could do is make your entire profile private, but then no one outside your close network could see you. It’s up to you. If you do want to turn it on, go to Settings and Privacy > Privacy and Safety > Protect Your Tweets (on a computer “Audience and tagging). You can also adjust other things like:
In terms of security, visit Settings > Security and Account Access to turn on Two-factor authentication. Also, check out the “Apps and Sessions” section to review permissions in there. Also, remember to change your Twitter password every month or so to keep it safe.
Instagram, like other social media platforms, are in business to make money. They do so through targeted ads based on the information contained in your profile and shared by you and your followers. You can change the settings of your Instagram account to make it private. Therefore, anyone wanting to connect with you has to ask permission first. To change your account from public to private:
You might be worried about your Facebook account after hearing about the frequent data breaches there. If so, you can secure your Facebook account by following the tips below:
You can also block specific apps and users.
You can both deactivate or completely delete your Facebook account. To deactivate go to the down arrow menu (top right), then Settings & Privacy > Settings > Your Facebook Information > Deactivation and Deletion. Choose which one you want and follow the prompts to deactivate or delete it. If you deactivate, all you have to do to reactivate is log back in. You may want to take a complete backup before you delete the entire thing. You have 30 days to cancel the deletion of your account if you made a mistake.
If you no longer want to use Twitter, you can deactivate it, which is their term for account deletion. To do so:
It may take up to 30 days for Twitter to permanently delete your account from their servers.
If you think you might change your mind later, deactivate your account instead of deleting. Warning: deleting means all your photos, videos, and the content will be gone forever. You can easily deactivate your Instagram account by logging into Instagram on PC or laptop (it is not possible to deactivate or to delete your Instagram account on smartphone for now) and going to Profile > Edit profile and clicking the “Temporarily disable my account” link at the bottom of the page. To thoroughly delete it, you must visit their special page here. You have to provide a reason and then confirm you actually want to delete your account by entering your password. Done!
You can also make your account private, so only your fans see your stuff, by going to Settings > Privacy and Security > Account Privacy. On smartphone you should go to Settings > Privacy > and press the toggle for the “Private Account” to make your IG account private for those that are not following your account yet.
Most platforms have a way for you to review the data kept on you. For example, Facebook allows you to download all your data so you can review it. That data may include posts, comments, images, videos, personal details, and more. It’s a good idea to check and see how much information a company has on you, then you can decide what to do about it.
Each of these platforms does offer settings where you can manage whether or not you want to see personalized ads. That means that the advertisers will use your profile and social media data to push ads to you that are in line with your preferences. In some cases, such as Snapchat, you can opt-out of personalized ads. You must review the privacy settings for each account to turn off ad personalization.
To manage your ad preferences on Facebook, click or tap the down arrow in the top right. Follow the steps below:
To manage how data about you is used in ads on Instagram, go to Settings, Ads, and then select Data About Your Activity From Partners. Use the toggle switches to turn on or off the use of personalized ads factoring in your data on Instagram.
You can choose to opt-out of personalized ads on Twitter by selecting the hamburger menu at the top left and then selecting Settings and privacy. From there, go to Privacy and safety and then select Ads preferences. Check off the box that says Personalized ads if you want them; uncheck it if you don’t.
To adjust personalized ads on Snapchat, tap your profile icon and then the top-right gear icon. Tap Manage and then Ad preferences. Inside there, you have a few options to choose from. Use the toggle switches to turn on/off personalized ads for the various scenarios.
Social security fraud consists of one or two things. It may be a thief stealing and using your social security card to open new accounts or obtain false identity papers. It may also be someone using your social security number to apply for and receive SS benefits. Either way, it is all about money.
Often these scammers call elderly Americans and scare them into thinking they are losing their benefits, so they pay a fee for a new social security card which never shows up. Often social security fraud is perpetrated by loved ones close to you. Some social security administration employees even steal consumer’s information to gain access to benefits.
If the alert comes from your credit monitoring company, then log in immediately and find out what it involves. Or contact support for more information and for assistance. You may be the victim of fraud. If you receive an email or a call about your social security number, it could be a scam. Never give out personal information like your social security number or credit card details to anyone you don’t know.
Application fraud is linked to identity theft and is when someone tries to use your information (name, address, birth date, social security number) to open new accounts (bank accounts, credit cards, etc.) in your name. By reviewing your credit report regularly, you can avoid this problem or at least address it as soon as it occurs to prevent any real damage.
Credit card fraud is when a criminal steals your credit card number or physical card and makes purchases on your account without your authorization. Hackers use many techniques, including skimming, social engineering tactics, malware, and outright theft, to get a hold of your credit card number.
You can protect your credit cards from fraud by always leaving them at home when you don't need them. Some other tips include:
If you lose your credit card, report it immediately and cancel the card.
Criminals install credit card skimmers into ATMs and gas pumps that steal your credit card data (including PINs) instantly. Sometimes they use small cameras to observe you entering your PIN. In the case of Target and Home Depot data breaches, they used malware installed on payment kiosks that grabbed credit card information that way. Always look for loose parts or anything that does not belong before using an ATM or gas pump to pay.
Bank fraud is whenever an unauthorized person accesses your bank account and either locks you out or drains the funds from it. Bank fraud can occur through the illegal use of your paper checks, electronically if someone steals your bank login credentials, or through the theft of your debit card, where they use it to make purchases.
You can prevent bank fraud by keeping a close eye on your mail. Thieves often steal bank statements out of the mailbox to get information. Some other tips to keep your bank account safe are:
An account takeover is a scary event. It is when scammers contact the bank or credit card company pretending to be you. They have enough information to pass the security tests (your name, address, social security number, account number, etc.). Then they change the access codes, mailing address, or passwords so you can no longer get into your own account. Now they can drain your bank balance or spend up a storm, and you can’t even fix it because you no longer have access.
Phishing attacks are email campaigns waged by novices and expert criminals to steal your information, your money, or spy on you. They work by sending you an email that looks like it came from a legitimate source (your bank, a company you do business with, or some other reputable sender). The email sometimes alerts you to a problem or demands that you urgently click a link to fix something or miss out on a great deal. When you click the link, you are taken to a fake website (which may look just like the one you are used to), and you enter your credentials to log in, and thieves now have them. Sometimes, by clicking the link, your computer may be infected by ransomware, malware, or a virus.
The only way to stay safe from phishing attacks is NEVER clicking links in email or downloading attachments. Always verify the sender’s email address.
A very popular scam gaining traction these days are voicemails left on your phone that claim to be from the IRS. The robotic voice warns that you are in violation of not paying taxes, and the police are on their way to arrest you, or you will be sued. The thing is, the IRS doesn’t make phone calls, threats or send the police out. They have a strict protocol to deal with legitimate tax issues. These are scammers hoping to get a quick payout because they panic you into not thinking before sending them money. There are dozens of variations on this scam. If you have a legitimate tax issue, call the IRS directly to inquire about it.
Bitcoin is the name of the game when it comes to virtual currency. It makes sense that fraudsters, scammers, and criminals would be using bitcoin to stay in the shadows. Bitcoin is untraceable and, therefore, the chosen medium for payments on the dark web. When doing business with strangers, it is always a good idea to use a dollop of skepticism. Some of the most notable bitcoin scams are:
Cash apps scams involve popular payment platforms like Cash App, Venmo, Zelle, Apple Pay, Google Pay, Facebook Payments, etc. Criminals have devised ways to use fake emails (looking like cash app receipts), so you think you had received money when you did not. Then they demand a refund or some of the cash back, which you pay, and then find out you were never credited with the initial payment. Sometimes they steal goods which you mail right off but were never paid for. Other more sophisticated operators may call you and pretend to be your bank, asking for access codes, which then tie into your cash app, and they can drain your funds that way. Always secure these apps with 2-factor authentication and Face ID or Fingerprint ID if you can. Never give out personal information to anyone who calls you.
PayPal is one of the most popular online payment methods in the world. Thus, it is ripe for scams. Thieves use a variety of methods to steal from you via PayPal, such as phishing emails, malicious websites, fake social media ads, and spoofed links. Often, they will send emails regarding a problem with your account. They make these emails look so much like real PayPal emails; customers are fooled. Always be on the lookout for advance-fee scams using PayPal, overpayment tactics through eBay, phishing emails, or anything that notifies you that you won a prize or lottery. It’s probably a scam.
Craigslist is a hugely popular classified ads website. However, in recent years it has become overrun with scammers, both sellers, and buyers. Be watchful for anyone selling a car online (a lot of them don’t even exist). When you see an ad for a house or apartment rental, tread lightly, and do your homework. Often these are criminals looking to steal a quick security deposit. Some other Craigslist scams to be aware of are:
The FTC receives thousands of complaints from victims of fake check scams each year. You receive a check in the mail; it may claim you won some sort of international lottery (which you never entered). You can cash the check right away, but all you have to do is pay a small fee for taxes. You deposit the check, send out the fee, and the check bounces. Now you are out of the money you sent, and you can’t reach anyone to claim your prize because it was fake. Sometimes these scams involve fake secret shopper offers or overpayment for goods, and then they want a refund. Regardless of how you are caught, if you send them anything, it will be gone forever.
eBay is a very popular online marketplace. You can buy or sell just about anything on there. Therefore, it has also become a breeding ground for scammers. Always be careful when doing business online as a buyer or seller. Some eBay scams to watch out for are:
Investment scams are where perpetrators promise victims high rates of return on their money for low or no risk. Because investment schemes can involve thousands of dollars, fraudsters sometimes set up elaborate offices staffed with dozens of employees and fancy websites to lure you in. You may receive an invitation via phone or email to get in on these great deals before they are gone. Some common investment scams are the “pump and dump”, the advance-fee scam, boiler room scams, Ponzi schemes, offshore investments, and pensions scams. Watch out for anyone “selling” you an investment that sounds too good to be true or is time sensitive.
Who doesn’t want to win the lottery? Unfortunately, scammers know this and play on it. Sometimes it’s an email or something in the mail. Other times you might get a call claiming you won a prize. All of these are scams designed to drain money from you via taxes, insurance, or additional fees. Experts warn, “if you have to pay, you didn’t win.”
Many senior citizens have a lifetime of savings, and they are less savvy about scams, and they make great targets for fraudsters looking to make a buck. Criminals are without conscience preying on elderly adults, and they can be very tricky using a variety of methods. Some of the most common scams to watch out for that target seniors are:
Facebook is famous for data breaches and also a prevalent venue for scams. Tricksters use fake ads, videos, fake news, and offers to get unsuspecting users to click links. These links often take you to fake websites that will steal your information or money. You also have to be careful of “friends” who are actually faked accounts used by scammers. Sometimes Facebook scams turn out to be romance scams. Be careful!
Traveling can be great fun but also dangerous if you don’t watch out for some common scams. A broken taxi meter is quite common, and then your driver overcharges you by a lot. Natives may try to shove gifts, beads, or herbs into your hands and then demand payment. Your taxi driver might also be in cahoots with an expensive hotel and tell you your booking was canceled for the one you have set up. Sometimes a stranger will spill something on you while pilfering your wallet. You will be too distracted to notice until it is too late. Other things to watch out for are fake police, fake Wi-Fi spots, found jewelry, motorbike damage, and overly friendly natives who want to show you a good time.
The world is full of legitimate remote positions that you can perform while in your pajamas. However, scammers use fake ads to lure hopeful job applicants who want to reap the benefits of working from home. Be careful of the return check scam where your new “employer” sends you money to set up your office and then demands a refund before their check bounces. Stuffing envelopes, starting a business, surveys, and mystery shopping are other work-from-home scams to be aware of. If you see an ad for medical billing or some other job that clearly requires expertise and it says: “no experience necessary,” it may be a scam.
A college scam is when fraudsters target vulnerable, innocent young victims in college. Typically, students are more likely to be fooled by the tactics used to steal their money or identity. Some common college scams include:
The FTC reports $143 million lost every year to romance scams. Fraudsters set up fake accounts and woo you, moving quickly to gain your trust and then suddenly experience a financial setback and need your help. These scammers profess strong feelings rapidly, they often want to move the conversation “off-platform,” so they don’t get shut down or caught. They also use an unlimited number of excuses for never meeting in person. Often these scammers will pretend to be in the military to explain absences and an emergency that requires quick cash.
Nigerian men and boys perpetrate many of the scams that plague Americans. It has become a booming industry in a poor country. First discovered in the 1990s, these scams consist of young Nigerian men using email and websites to dupe Americans out of millions each year. The most famous scam is the Nigerian letter scam, where you receive an email from a prominent diplomat or widow pleading with you for help getting his or her fortune out of the country. Of course, they offer you a huge reward, which is simply a sham. They bargain with you for taxes and fees, which you gladly pay in hopes of your payday, which never comes. Nigerians are also responsible for the country’s highest number of romance and dating scams bilking poor, lonely people out of $143 million per year.
Also known as the “one ring scam,” this one involves a robocall that rings your phone only once. It is designed to pique your interest and get you to call the number back (since everyone has caller ID now). The number is an International phone line costing you $20 for the call and then $9 per minute after that. If you do call, they will try to keep you on the line for as long as possible to rack up the profits. Never call back numbers that you don’t know.
The FTC has a website to assist you with filing complaints about all types of scams and fraud. Log onto ftccomplaintassistant.gov and choose from the menu, the type of complaint you wish to log. You can report identity theft, international scams, people who violate the Do Not Call Registry, spam, text, or scam phone calls. You can file your complaint online, or they even have a chat feature where you can speak with them live.
Other ways to report a scam or fraud are:
The dark web is a layer of the internet that cannot be found by traditional browsers. It is made up of peer-to-peer networks that are encrypted and secured for private conversations and commerce. You can only access the dark web using a special browser called Tor. A lot of illegal activity takes place on the dark web. You can buy just about any illicit product or service there. Information stolen in data breaches is often sold on the dark web.
Tor stands for “The Onion Router,” and the dark web is sometimes called Onionland. The websites have .onion as an extension in the URL. It refers to the technology and how traffic is routed through various servers to keep things safe and private. Tor is also the name of the web browser people use to access the dark web.
Although there are legitimate chat rooms, chess clubs, bookstores, and antique markets, the dark web is also used to transact a lot of illegal business. You can purchase drugs, guns, counterfeit products, hacked accounts, and even services like hiring someone to commit murder. According to CSO Online, you can purchase a “lifetime” Netflix premium account for $6. The dark web is also where identity thieves buy and sell data stolen in data breaches.
The dark web is not illegal but has a bad reputation for illegal activity. The NSA has operatives who troll the dark web looking for criminals and trying to track down who they are, to arrest them. Along with other things, criminals offer phishing kits and instructions on how to steal your identity and then use it for profit. One particularly famous marketplace was called Silk Road, which provided everything you can think of, but eventually, the government shut it down.
First of all, it is not easy to find stuff on the dark web unless you have specific URLs with a .onion extension. Along with illicit products, you can also find treasure troves of data containing people’s names, email addresses, home addresses, social security numbers, credit card numbers, banking information, and even medical data. Stolen in some more serious data breaches, you might also find passport numbers, driver’s license numbers, family information, login accounts, usernames, and passwords in plain text. With so many data breaches, there is a good chance your information is out there on the dark web waiting to be purchased or sold.
No one person currently regulates the dark web. Each individual peer-to-peer network is owned and operated independently. Since most of it is anonymous, the government (U.S. National Security Agency) has very little way of finding out who owns what. However, they do have specialized hackers who regularly work on the dark web, and they do try to shut down the more serious offenders offering child pornography, guns, and illegal drugs. Sometimes it takes years to locate the actual perpetrators.
The currency of choice on the dark web is the crypto-currency, Bitcoin. The reason for this is that it is untraceable and anonymous. Neither party knows who the other one is, ever. CSO Online claims that Bitcoin is one of the major reasons for the incredible growth of the dark web. Many dark web marketplaces use shopping carts, ratings, reviews, and even forums. Some vendors use an escrow service to hold the funds until both parties are satisfied. If you are victim of ransomware and identity theft, you will be asked to pay via Bitcoin.
It is not easy to search inside the dark web. The websites don’t care about aesthetics or SEO because search engines don’t work there, so they are old-school, messy, and many are inactive. Some people put out directories, but you will most likely find that more than 75% of the information is already defunct by the time you try searching for things. Criminals set up shop, make a quick buck, and then shut down before the Feds can arrest them. Experts estimate that there are about 50,000 active websites on the dark web without a search engine to find them or a clear directory.
Due to the vast number of data breaches over the past few years, chances are that yes, your information ended up on the dark web and is for sale. Even if it’s just your name and email, you could be at risk for phishing campaigns, spam calls, and identity theft. Criminals don’t need much to contact you and try to trick you into giving them more information until they have enough to open new accounts and steal from you. That is why dark web monitoring is so important.
Dark web monitoring is part of the service offered by credit monitoring companies like IDStrong.com. We troll the dark corners of the dark web searching chat rooms, marketplaces, and other alleyways looking for your information that may be exposed to criminals and identity thieves. Some of the things included in dark web monitoring are:
If any of these things pertaining to you show up on the internet, you will be alerted, and if you are a victim of identity theft, IDStrong’s experts can help you fix it right away.
Identity theft is when someone steals your personal information to impersonate you, steal from you, or commit fraud. Identity thieves use other people’s identities to open new credit lines (apply for loans/rent property/secure utilities), get credit cards, access bank accounts, receive medical services, file taxes, and commit other types of fraud. Identity theft is a very serious crime, and victims could experience damage to their credit, loss of money, or other very serious consequences.
Unfortunately, identity theft is quite common. In 2019, more than 14.4 million people experienced identity theft. That equals 1 in 15 people. In the U.S., identity theft is very prevalent, with about 33% of the population having been the victim of identity theft. One in five have had multiple identity theft incidents.
The problem with identity theft is that it can go on for a while unnoticed. Therefore, you must be diligent in watching out for any signs that indicate someone else is using your identity.
One of the most obvious ways to tell if you are a victim of identity theft is to get a copy of your credit report from the three big credit reporting agencies (Equifax, TransUnion, and Experian). Look it over closely for any errors or accounts you don't recognize.
Some other ways to tell if you are the victim of identity theft are:
If you were involved in a data breach, your chances of identity theft increase. If you receive notification of a data breach, take steps to secure your identity quickly.
Identity theft is becoming more common, but the good news, there are many ways you can protect your personal information to try and prevent it.
More than 60 million people have been victims of identity theft. It can happen at any time to anyone, even you. If your identity was stolen recently or you found out that your information is floating around on the dark web, you should take the following steps immediately.
It is quite common for hackers and thieves to steal email addresses. However, it is less common to have your email account hacked or used by someone other than you. If this occurs, you must contact the email vendor or server company and have them clean any malware or viruses connected to your account.
Change the password immediately and run deep scans on your computer or website to look for any backdoor trojans that may have stolen access in the first place.
Be extra cautious about receiving spam and phishing emails. NEVER click links in emails or download attachments.
Identity theft is when someone steals your personal information to use your identity for financial gain. Some of the various ways that identity theft happens are:
To prevent identity theft, always be careful when giving out your personal information. Sign up for credit monitoring and watch out for spam calls, suspicious emails, and unsecured internet connections.
The loss of your wallet can feel devastating, but if you take quick action, you may avoid identity theft. Search thoroughly for your wallet before you go canceling anything. If you finally determine that it is indeed lost or was stolen, follow the steps below:
Children have unblemished credit from the time they are issued a social security number. However, thieves can get access to your child’s information through the school, social media, medical records, government offices, or public records. If this happens, they could start using your child’s identity to get a driver’s license, credit cards, open bank accounts, and take out loans. By the time your child applies for student loans, the damage done could be catastrophic. To protect your child’s credit, regularly get a copy of their credit report. Some other things to do are:
Identity theft itself is bad, but criminal identity theft is worse. It occurs when someone uses your identity to commit crimes or provides your information after they are arrested. Now you have a criminal record, and you are completely innocent. Criminal identity theft can be very difficult to fix and prove. It is sometimes best to get an attorney to work out all the details for you. Thankfully, it is not as common as regular identity theft, but at least 12% of victims say criminal activity was part of the identity issue. There are many types to be aware of, and you should always review your public records information frequently to check for any fraudulent activity or suspicious criminal history.
Identity monitoring is when you trust a service like IDStrong to closely monitor various sources to ensure that your personal information does not appear online. If it does, we alert you immediately upon identifying the exposure or the breach. We monitor sources such as social media, public records, DMV databases, court records, law enforcement records, dark web pages, forums, chat rooms, etc. We also keep a close eye on data breaches and check to see if you were included in the list of victims. The types of information we keep an eye on include: your name, phone number, email, SSN, passport number, medical ID, insurance card numbers, usernames, driver’s license number, bank account numbers (even international bank accounts), your address, and more.
Credit monitoring is a service that acts as a watchdog continuously monitoring and checking your credit report and your personal information like (name, address, email address, phone number, and other details) that pops up on the internet somewhere or the dark web. The service alerts you via notifications whenever a change occurs like a new account shows up on your credit report. Or if your address changes and your cell phone number is found on the dark web, those are other reasons you might see an alert. The purpose is to protect you so that thieves do not steal your identity and open new accounts or gain access to your funds.
A fraud alert is a notice you can put on your credit report that notifies potential new lenders and creditors that you have been the victim of fraud. When they see this notice, they take extra precautions to verify your identity before approving any new credit or lending you money.
There are three types of fraud alerts, a standard fraud alert, an extended fraud alert, and an active-duty fraud alert just for military men and women stationed overseas. A fraud alert does not hurt your credit, and it lasts for a year but is renewable. An extended fraud alert lasts for seven years, but you must prove that you are a victim of identity theft to use it.
You only have to contact one credit reporting agency to ask for a fraud alert, and they will contact the other two.
If you are the victim of identity theft or fraud, you probably want to consider a credit freeze. It’s when you contact the three credit bureaus and ask them to freeze your credit. This means no one can get access to a copy of your credit report until you “thaw” it out. The purpose of a credit freeze is to prevent someone from opening new lines of credit or changing anything on your credit report without your permission. If your information was stolen in a data breach, this is a good preventive measure to take.
As technology evolves, more and more of our information is stored online and on computers connected to the internet. A data breach is when that information is accessed, stolen, or sold without our authorization. Data breaches can cost money and ruin a company’s reputation. We trust companies to keep our private information safe. Some information stolen in data breaches ends on the dark web and is sold to identity thieves. Other criminals use this information for financial gain.
The average cost of a data breach is $3.86 million. Some of the most common and valuable information stolen is your name, email address, passwords, driver’s license number, medical records, credit card information, social security numbers, and banking data.
Data breaches occur in a variety of ways. Sometimes information is stolen by employees who work for the company. Other times hackers gain access to the system and take what they want. As with the case of the Heartland Payment Systems data breach, physical computers were stolen that contained sensitive information.
A cyberattack or hacking incident refers to a criminal who uses software or hardware tools to break into your device, computer, mobile phone, or network to spy on you, steal something, hold your data ransom, or commit fraud. Cyber incidents are at an all-time high right now.
A physical data breach, such as the case of the Heartland Payment Systems incident is when hardware such as computers are physically stolen and removed from the premises. These computers contained a lot of private payroll information such as banking details, social security numbers, and the names and addresses of the people they belonged to. Not only do companies need to secure against cyber-attacks but also physical loss.
Accidental web exposure occurs when a company puts information online, providing access to specific individuals or vendors, but they fail to secure it properly, and it is exposed to the world. This was the case for First American Financial Corp., a title company that exposed thousands of real estate customers’ data online. Due to the nature of the business, some of the types of information leaked was bank account numbers, mortgage statements, social security numbers, tax records, wire transfers, receipts, driver’s license numbers, and more.
Edward Snowden is an excellent example of an insider data breach. It occurs when someone inside the company, an employee, perhaps steals or leaks information to the general public. Another good example is Anthony Levandowski, an ex-Google employee who stole thousands of files and blueprints before using them to start his own company. The Target data breach was also labeled an “insider” data breach due to a vulnerability with a vendor’s website that had access to their system.
An employee error data breach is when a data breach occurs without any malicious intent on the part of the employee. Perhaps they click on a link in a phishing email, infect their computer with malware, and allow a hacker in that way. This can occur through insecure settings or misconfiguration of security protocols exposing private or sensitive data to the public. Many of the data breaches above occurred due to employee error.
Data breaches vary widely, and anything can be stolen. However, the most damaging information that may be obtained in a data breach is social security numbers, credit card data, banking information, and other personal details like medical history and family information, which is not included in public records. Additionally, logins for website accounts are especially vulnerable. Any little bits of information may be useful to criminals who want to steal your identity or your money.
By now, most of us have been included in a data breach, whether or not we even realize it. If you hear about a company data breach and you are a customer of theirs or have done business with them in the past, go online and search for an FAQs page alerting you of the action you need to take. Most of them include class-action lawsuits, and you may be entitled to a settlement amount. Other precautions to take are canceling and replacing any credit cards used there and changing login passwords.
A bank account takeover is a terrifying experience. It is when a thief gets ahold of your login credentials or other information and contacts the bank to change all your passwords and things like your mailing address so that you are essentially locked out of your own accounts. They can then use your money and take everything. It may not be immediately obvious to you that someone has breached your account. This occurrence usually happens because of a data breach, malware, phishing email, phone scams, or even man-in-the-middle attacks when you log onto your banking website at a coffee shop using unsecured Wi-Fi. The best defense against a bank account takeover is a VPN and changing your bank account passwords often.
Identity theft is an unfortunate result of data breaches. Your personal information is supposed to stay private, but when it is exposed to hackers, criminals, and thieves, there is a greater risk of identity theft. To prevent it or to at least respond as quickly as possible:
Most companies that experience a data breach put up a website or portal where victims can go to enter their name or other information and check to see if they are part of the breach. Other companies may send you a letter in the mail or an email explaining what happened. Often you may not be aware that you were involved in any data breach, but chances are, you probably were. Take quick steps to protect yourself if you discover that your information was stolen or shows up on the dark web. Sign up for identity and credit monitoring.
There have been so many large data breaches. However, according to CSO Online, the biggest data breaches to date are:
There are dozens of different variants of malware; many are the cause of data breaches. When a hacker is able to install a piece of malware due to an employee clicking a link in an email, or some other way, that malware allows them access to the network, and they can take control. Once they are in, they can exfiltrate and copy the data and expose it on the dark web or sell it to other hackers. The result is a data breach.
Ransomware is a type of malware where the bad actor installs malware on your computer, server, or device, encrypts the data so you cannot access it, and then they demand a ransom. Once you pay, they promise to unlock your data. However, many hackers also post samples of the stolen data on the dark web (exposing personal information). They threaten to release the rest of it to pressure you into paying up.
A computer worm is another online threat that is very scary because it does not need any human interaction to copy itself and execute code. It can cause a lot of damage by jumping from computer to computer and spreading the infection. Worms are often spread through malicious links in email or through hardware or software vulnerabilities. Typically, when infected by a worm, your computer's performance may dip, resources will be used up, and you may see new or missing files. Worms can result in linking your device to a botnet and may end up resulting in a data breach.
A Trojan virus is malware that piggybacks on legitimate software (hence the Trojan horse idea). If you download freeware or even purchase software infected with a Trojan, you may inadvertently install a Trojan virus when you install it. Trojans hand over control to the hackers allowing them to spy on you, delete files, modify security settings, copy data, and slow down your machine's performance.
Spyware is just what it sounds like. It is a form of malware that allows the owner to spy on victims. Often you may not even realize that your device is infected. Hackers may be able to see your logins, copy keystrokes, steal bank and other financial data or personal information for identity theft.
Adware is one of the oldest types of malware, and what it does is pop up ads and redirect your browser searches to show products or malicious links put there by hackers. Sometimes adware will show a box telling you that your device is infected, and you simply need to call a phone number or click to fix it. What it really is, though, is a scam, so you will buy useless software that doesn't fix anything, or you never had a problem, to begin with. Not all adware is malicious; some is perfectly legitimate by marketing companies used to direct consumers toward their products.
Credit is when a lender, credit card company, or financing institution lends you the money to buy something which you must pay back at a later date based on the agreed-upon terms. Credit also refers to your credit history, meaning how well you paid back your loans, credit card balances, and mortgages.
There are three big credit reporting agencies in the U.S., Experian, Equifax, and TransUnion, and they keep track of everyone’s credit history. These companies also use the information to calculate your credit score, which lenders use to gauge your creditworthiness before lending you money. Each of these companies is independently owned and operated, and therefore your credit report with each may be different.
Having good credit is very important if you want to buy a house, need to apply for a loan, or just want a credit card. Maintaining good credit is easy to do with the proper tools and credit monitoring.
All the information contained within your credit report is used by the credit bureaus to calculate your score. Lenders use these scores to determine whether or not you are a good risk to lend money to.
Typically, scores range from 300-850. A low score may prevent you from getting a mortgage or approved to rent a piece of property. A high score allows you to take advantage of better interest rates and loan terms. The table below shows what constitutes a good or poor credit score.
Your credit report is an extensive compilation of information about you that creditors and lenders use to determine your creditworthiness. Some of the information contained on it is your name, address, date of birth, and social security number. It also lists all the creditors you have borrowed money from over the past seven years. It contains your loans, mortgages, and other debts and how well you paid them (on time, late or not at all). Your credit report may show the original loan and the balance due as well.
Credit reports are maintained by the three big credit agencies (Equifax, TransUnion, and Experian), and they also calculate a credit score based on the information in your credit report.
You have the right to a free copy of your own credit report each year (with each agency). Lenders may also obtain a copy of your credit report with your authorization. If you sign up for credit monitoring, that company may also have access to it.
A credit monitoring service will send you credit alerts when something changes with your credit report. A change may be a new home address, a change in your credit score, a new account that was just opened, or other personal details that were altered by you or someone else. When you sign up for credit monitoring, you can choose from text messages, email, or even credit alerts through the mail or phone.
If you receive a credit alert that something has changed on your credit report or that someone has accessed your information, you should log in and check it out immediately. If the warning is that your information showed up on the dark web, you may want to take specific actions to protect yourself against identity theft.
It might also make sense to obtain a free full copy of your credit report to rule out fraud. Sometimes lenders report incorrect information on a credit report, and if so, you will need to contact them to correct it.
If your credit report contains errors, it could affect your ability to get loans, apply for a mortgage, and even rent an apartment. The first thing to do is to get a copy of your credit report. Scan it carefully for any errors or information that should not be on there. If you find errors, dig out your paperwork proving your claim. You will need it.
Next, contact the lender or credit company directly to notify them of the error and try to get them to fix it. Tell them you need to have them update your file with the credit reporting agencies. If they refuse to fix the error, have them add a file to your record that shows you disputed the information.
Now, contact the three credit reporting agencies (Equifax, TransUnion, and Experian) and notify them of the error. Explain that you tried to get the lender to fix it, and they refused. Sometimes the credit agency will fix it on their end. If not and you still have trouble getting satisfaction, contact the FTC who governs credit reports and agencies. You can file a complaint using a form on their website. The FTC will open an investigation, and you will be notified of the results. Be sure to include your proof when filing your complaint.
Most people go through rough patches when it becomes tough to make ends meet. Unfortunately, one of the side effects is that it can affect your credit. Poor credit means you won’t be able to apply for any loans, buy a house, or get credit cards. If you are given credit, you will pay higher interest rates with worse terms. Thankfully, there are some ways to fix your bad credit.
Get a copy of your credit report to see where things stand. Correct any errors on it and then follow the steps below to start building better credit.
Be patient things will improve the longer you follow these steps.
It is sometimes very difficult to apply for a mortgage or loans with bad credit. However, there are some options. First, get a copy of your credit report to see how bad things are. Then try these tips below:
Bankruptcy is a last resort option for people who cannot pay their debts. It is a federal program that takes time and a lot of paperwork. You should not choose bankruptcy lightly. It will have far-reaching effects on your life and your credit.
Depending on the type of bankruptcy you file (Chapter 11 or Chapter 13), it could stay on your credit report for at least seven years and up to ten! Lenders view bankruptcy very negatively, and filing will most likely lower your score into the bad or very poor category for a long time. Therefore, explore all your other options before filing for bankruptcy.
No. A credit report is a collection of information about your debts, credit history, and how well you pay your bills. A consumer report is more of a full-blown background check, which may include a credit report but will also include things like criminal history, arrest records, marriages, divorces, military data, educational background, lawsuits, property ownership, and other details.
Employers, landlords, licensing agents, and government agencies may conduct a consumer report about you. Lenders and financial institutions will pull a credit report before lending you money.
A fraud alert is a special notice you can place on your credit report to notify lenders and potential creditors that you have been a victim of identity theft. A fraud alert does not hurt your credit, and you only have to notify one of the three big credit bureaus. They are legally bound to alert the other two.
When you put a fraud alert on your credit, a potential lender must take extra steps to verify your identity so that no strangers can open up new lines of credit in your name.
There are three types of fraud alerts. One is a standard alert that lasts for one year. An extended fraud alert lasts for seven years and is available to people who have been exposed to a data breach. Then there is an active-duty fraud alert for military personnel who are overseas and need to protect their credit while they are away.
If you were a victim of identity theft or you were involved in a data breach and afraid of identity theft, one of the tools at your disposal is a credit freeze. A credit freeze is something you can request that the credit reporting agencies put on your file to stop anyone from getting a copy of your report (except you) and opening new lines of credit. The federal government requires that all credit bureaus offer credit freezes to consumers for free.
When you put a credit freeze on your credit report, you will be provided with a PIN. You can give this PIN to lenders or other creditors who require a copy of your credit report. You can remove the credit freeze at any time with a single phone call.
A credit lock is similar to a credit freeze, but it is not government-sanctioned or regulated, and you may be charged fees. A credit lock is a temporary tool to “lock” your credit so no one can gain access to it. All three credit reporting agencies offer them, and you can lock and unlock your credit on the fly using an app on your mobile device. Typically, credit locks are bundled in with other premium services offered by credit bureaus. They are quick and easy to use, but again, they are not as safe as a credit freeze, and they are unregulated, so services may vary and not be consistent or reliable.
Credit monitoring is a service where a company continually monitors your credit report. You are notified of any changes, updates, credit score modifications, or when anyone opens new accounts in your name or obtains a copy of your credit report. The service may also include monitoring the dark web, social media, public records as well as other places looking for your personal information to help protect you against identity theft. Credit monitoring can be especially helpful in keeping your child’s credit safe until he or she reaches adulthood.
There is no way around it; late payments to creditors mean a lower credit score. However, depending on how many late payments you made and the circumstances, you may be able to get them removed and raise your score. First, get a copy of your credit report to see how many late payments are reported and by which lender/creditor. Then you can try some of the things below to attempt to get them removed.
Everyone is eligible to get a free copy of their full credit report from all three agencies every 12 months (one year). Experian, TransUnion, and Equifax bound together to make this easy for consumers by creating an FTC-authorized website where you can make your request. Go to annualcreditreport.com and click the button to request copies. Experts recommend staggering your requests every four months so you can get them throughout the year.
Since all three credit reporting agencies are independently owned and operated, they will have different information on you, and you will need to contact each one to correct errors. To contact them, use the links or phone numbers below:
A public record is a piece of information that is not deemed “private” by the government. It may include forms, documents, or digital records protected by laws such as the Freedom of Information Act (FOIA). Public records may come from various sources (often government agencies, law enforcement or the courts), and they may be stored as a paper document or online in databases.
Many major life events involve government agencies at the state or federal level. Many of these agencies now store public records online for easy access. Data brokers and other companies can purchase lists of these events and your public records. Sometimes these companies mine for the information and collect it through various other sources. Some examples of major life events that may end up with public records are:
Information is currency. Once you provide your information, even for something simple like a magazine subscription, that information may be sold or passed along to various other companies for years. Other companies invest in data mining technology to collect as much as they can about you to keep it all together in a profile that is worth something to marketing companies and scammers.
Sometimes you may see an option to opt-out of having your information sold, but other times you aren't consulted; your information may be sold without your knowledge and a lot of it ends up online.
Some ways you can prevent it are using the Do Not Call Registry, opting out of prescreened offers with the credit bureaus, and contacting DMAChoice to opt-out of marketing solicitations. You can also contact FERPA to protect your children's information stored with schools. If you want to protect your banking information, contact the Federal Deposit Insurance Corporation. You would also have to contact many data brokers to remove your information from their websites as well.
If you want to be completely off the grid, it's not going to be easy, but it can be done. First, you should contact the Do Not Call Registry to eliminate legitimate sales and marketing calls. However, spammers won't respect that list, and you may still get some scam calls.
For regular mail and email, you can contact the Direct Marketing Association (DMA) to opt-out of marketing offers. You can register online or through the mail.
After registering with both of these agencies, you should see a dramatic decrease in the amount of marketing email, phone calls, and regular mail. However, these resources do not stop scammers, so be very cautious about responding to anything if you receive calls or offers after registering.
It is not easy to remove all public records about yourself. However, if you find information online you want to be removed, you can contact the agency (such as the DMV or town clerk’s office) and ask them to remove your name from specific sources or keep the information offline. Some agencies may agree to comply, but some public records cannot be removed. They remain publicly accessible due to laws, like the FOIA protecting them.
Your personal information and public records are readily available to data brokers and marketers. The bad news is there are a lot of sites that store your public and personal information. The good news is you can opt-out of it and have it removed. Unfortunately, it does take time. You will have to contact each agency/website that has your information and follow their opt-out policy. Some are pretty easy where you just fill out a form. Others require you to verify your identity with a photocopy of your driver's license or some other identifier first.
Another option is to use free services like DMAChoice, the official credit reporting agency opt-out site to eliminate prescreened offers, or register with the Do Not Call Registry, but that doesn't always work very well.
There are also paid options that will opt you out of data broker sites, but it will cost you some money, and the results may not be 100% perfect.
The largest data brokers in the world (where you can start) are Axiom, Intelius, InstantCheckmate, PeekYou, PeopleFinders, Spokeo, and the WhitePages.
To remove even more of your information from the internet, you will need to contact a few major search engines to opt-out. Although the U.S. does not have a General Data Protection Regulation (GDPR) like Europe does, each state has its own protection regulations on how information may be collected, stored, and discarded. California's Consumer Privacy Act (CCPA) is one of the strictest in the country.
If you don't want your address showing up in Google Maps, you can contact Google to opt-out of using it.
Google also recommends that you contact the owners of any websites that contain information about you that you don't want to show up in searches. If the website owner refuses, you can file a complaint with Google and have them remove the search data. Although the information will remain online, it may not come up in searches.
Each search engine has a process you must follow to have information removed from the search engine databases.
Each state has specific rules regarding criminal record expungement, but most U.S. states do allow the suppression of some criminal records. However, serious crimes like felonies and sex crimes often stay on your record forever. The expungement process is not quick or easy, and you have to pay a fee, but in some cases, you can have your old, minor criminal history removed so that employers and others performing a background check will not see them. Law enforcement may still be able to pull your full history up, though.
Mugshot removal is when a person requests that their mugshot be removed from public records or online sources. There is no law preventing sources from posting mugshots, so it may be hard or easy to get them removed, depending on the location, the company, and the state governing the laws.