Protect Yourself from Tax Fraud

Tax Fraud

Tax day means profits to tax scammers. Last year, the Federal Trade Commission reported that tax-related identity theft was one of the most common forms of identity fraud. For five consecutive years, tax fraud has been on the rise and at the top of the fraud complaint list. In addition, IRS impostor scam complaints in 2014 increased 24 times over the previous year.1

Unfortunately, there are a multitude of identity thieves who seek to profit from their scams by filing fraudulent tax returns. You may not know that these thieves are using your Social Security number to file a tax return until you attempt to file yourself. At that point, restoring your refunds and identity becomes a nightmare.

Protect yourself this tax season with these tips:

  1. Use Digital Caution: If you receive an email, text or a contact request via social media channels appearing to be from the IRS it is a phishing scam. Do not click on any links, or reply to the email. Forward the email to for investigation and send suspicious texts to 202-552-1226. Delete the email or text immediately afterwards.
  2. Ask the Right Questions: A phone call appearing to be from the IRS could be a scam. An IRS agent will never demand immediate payment, require a specific payment method, ask for credit information over the phone, threaten to put you in jail, have you deported or take away your driver’s license. Don’t give the caller any information and collect the caller’s name, badge number, call back number, and caller ID. Call the IRS directly and verify if the caller is an IRS employee with a legitimate reason to contact you.
  3. Update Your Anti-Virus: Keep your computer’s anti-virus software up-to-date and password-protect sensitive documents saved on your computer to prevent misuse.
  4. Check Your Mail Frequently: An unlocked mailbox is an open invitation to thieves. Take mail containing sensitive information directly to the post office.
  5. Dispose of Old Documents: Use a cross-shredder to dispose of documents you no longer need.

Most importantly, if you’re enrolled in PrivacyArmor®, provided by InfoArmor, log in to your online account to access alerts regarding your identity or credit and be sure to activate all features to help protect your identity. In the unfortunate event you are a victim of identity, credit or tax fraud, a Privacy Advocate® will help remediate the fraud by handling the restoration process on your behalf.

Connect with InfoArmor on Facebook or Twitter for additional identity protection tips and industry news.

Source: 1.Federal Trade Commission

Searching for Love Online? Be Cautious.

Online Dating

In today’s digital and busy world, online dating has become a popular avenue to find love. In fact, more than 49 million Americans have tried online dating.1 Unfortunately, scammers and criminals have also picked up on this trend and are making financial gains off of vulnerable online targets by creating fake profiles to lure in their potential victims.

In 2014, the Consumer Sentinel Network received 5,240 complaints about romance scams. 2 That same year the FBI’s Internet of Crime Complaint Center received additional complaints about confidence fraud/romance scams that totaled $86,713,003 in reported losses.3 Protect yourself from online romance scammers and avoid becoming their next victim by reviewing these simple tips:

  • Only use online dating websites with reputable reputations.
  • Do not leave the online dating platform for private conversations. Scammers like to remove the safeguards from reputable dating websites and go to IM services such as Yahoo and MSN.
  • Ensure your security settings are correct on your online dating platform as well as your social media accounts.
  • Recognize strong and quick pronounces of love in a short period of time – they are typically scammers.
  • Never share banking or credit card information or send money via a money order, wire transfer of international funds transfer. Scammers will make up “emergencies” and “traveling expenses” to get you to fund them.
  • Avoid personal web cam conversations and pictures with nudity as these can be used as blackmail. Be especially cautious if you are the only one using the web cam.
  • Watch out for bad grammar and spelling, as this could be a sign of poor translation from an overseas criminal.
  • Search names and photos on Google to check the authenticity of their identity.
  • Report any potential scams to the online dating platform provider.

Online dating scams range from minor white lies to outright thievery. Trust your gut. If something sounds wrong or seems out of place chances are it is likely a scam. Pay attention to what is being said and how it’s being written. Look for any red flags and follow the tips above so you’ll be much more aware, prepared and ready should someone try and take advantage of you.

1. Statisticbrain Online Dating 2. Federal Trade Commission Consumer Sentinel Network Data Book 2014 3.FBI IC3 Annual Report 2014
Additional Sources: Federal Trade Commission  & Federal Bureau of Investigation

Buying a New Car?

Protect Your Information.

Buying a New Car

Thinking about buying a new car? Before you drive off in your new car remember that the dealership you work with has access to a considerable amount of your personal information. This sensitive data is used to confirm your identity and finances. In most cases your information is also sent out to third parties for car loan inquires and applications.

Protect your personal information before purchasing a new car by following these simple steps:

  1. Research the dealership and validate their business. You don’t want to do business with dishonest companies.
  2. Confirm that they shred any copies or securely save any scanned copies of your driver’s license or proof of insurance before you take a test drive. Remember to obtain all copies once you have finished test driving.
  3. Ask if your personal financial information is required on the requested forms before providing it. Typically dealerships don’t need your social security number until you arrange the financing deals of your purchase.
  4. Regularly monitor your credit and bank accounts after purchasing your car. Look for any suspicious activity.

VTech Data Breach

Children Playing

On November 24th, 2015 VTech, an electronic toy maker, discovered that their customer account information was breached. A 21 year old hacker from the UK has been arrested for retrieving information from 4.9 million parent accounts and 6.37 million children’s profiles. He began collecting information on November 14th, 2015 though VTech’s Learning Lodge app store customer database and their Kid Connect servers.

Adult accounts contained passwords, security questions, mailing addresses, names, email addresses and birthdays. Children accounts held name, gender, and birthday but unfortunately were also compromised. Children’s photos, chat logs, and audio recordings from VTech’s Kid Connect messaging service was also breached.

To prevent additional information from being compromised VTech shut down sites associated with the breach while they conducted a formal investigation.

Why is this important? Not only are the parents at risk for identity theft, the children effected by this breach are at an even higher risk. Most people do not know their child has been a victim of identity theft until they are older and begin to apply for credit, college, and jobs.

If you believe you or your child were a victim of this breach:

  1. Change your VTech account password and security questions immediately in addition to any other accounts that are associated with the compromised password, email, and security questions.
  2. Monitor your bank accounts even though no credit card information was taken. Pay close attention to any suspicious activity. Hackers retrieved enough information to be able to piece together applications for fraudulent accounts.
  3. Check your mail for any suspicious mail directed at your child (i.e. notice from IRS about taxes, collection notices, bill invoices).
  4. Watch out for phishing scams. Enough personal information was stolen to socially engineer scams that are specifically crafted for you or your child.
  5. If you suspect that you or your child have become a victim of identity theft, inform the credit bureaus, place a fraud alert and file a fraud report.

If you’re enrolled in InfoArmor’s PrivacyArmor®, rest assured that we are proactively monitoring for misuse of your identity and if you’re enrolled in the family protection, your children’s identities are protected as well. In the unfortunate event that fraudulent activity occurs, we will help you through the process of restoring your identity.

Read more about the VTech Breach.

Don’t Leave Your Boarding Pass Behind

Airline Ticket_Boarding Pass

Holiday travel is upon us. Make sure you are protecting yourself in one simple way. Don’t leave your boarding pass behind. Don’t think people can retrieve information from it? Guess again. You boarding pass contains the following:

  1. Your Name
  2. Frequent Flyer Number and/or Rewards Number
  3. Member Status
  4. Additional Personal Information
  5. Sensitive Barcodes

Criminals who come across boarding passes can try and retrieve your reward points, which are just as valuable as money. Thieves can try and access your online profile with the information on your pass, and fill in any missing profile information by looking at social media profiles (birthdate, address, email address, etc.). When a thief obtains a victim’s reward login information they can personally use the points or sell the information on the Dark Internet.

In addition, there are sites today that criminals, and yourself, can decode data within barcodes. Airline barcodes contain additional personal information and record locators/record keys. This can give criminals access to your current travel itinerary and any future flights that are booked under your flyer number.

To prevent a thief from stealing your hard earned points and personal information follow these tips:

  1. Never leave your boarding pass behind and properly discard it after your flight
  2. Monitor your rewards account just like a bank account
  3. Use unique and strong passwords for all of your accounts
  4. Report suspicious activity or usage that you see on your rewards account

For additional information give us a call at 800-789-2720 or read Krebs on Security’s article.

Beware of Third Party Tablets

Tablet Amazon is making the news this month for selling tablets from third party budget manufactures in China. Why you may ask? These $40 tablets were pre-loaded with malware. The discovered Trojan horse, Cloudsota, allows hackers to remotely take control of the tablet, disable anti-virus applications, and engage in malicious activities without the owner’s permission. Researcher Cheetah Mobile believes that the hackers are in China and, as of now, there is no knowledge on how the malware was installed.

Thousands of people have purchased these infected products in 153 countries, with the United States, Mexico and Turkey being the most impacted.

If you have purchased an infected tablet, Cheetah Mobile has provided instructions on how to remove the malware from your tablet here.

Source: International Business Times

Surprise: You Have Fake “Friends”


By Paul Rockwell, Head of Trust & Safety at LinkedIn.

I’m regularly asked why a professional social network like LinkedIn needs a Trust & Safety team.  Like other user generated content platforms, we have a steady stream of actors that dampen the normal member experience.  One way that manifests itself is through members accepting connection requests from those they don’t know.

A recent study conducted by InfoArmor indicates that this isn’t unique to LinkedIn.  The study revealed that 10 percent of all social media users will friend someone they don’t know and their circle of friends don’t know.

For those under 30, the research uncovered another startling find: 53 percent will friend someone that they don’t know, but who has a connection with one of their existing friends.  The thinking is that because their friend has added the person, that friend must have exercised some level of due diligence in vetting them.

Unfortunately, that isn’t happening, and the act of friending someone you don’t know puts you and your other friends at risk.

“Why?” you ask?  Let’s start with privacy settings: 40 percent of those surveyed said they rarely or never check their privacy / sharing settings, even though they claim to have a high degree of familiarity with them.  That’s surprising, given how confusing the settings can be – especially on social networks, where some have overhauled the settings to make them more intuitive and easy to understand.

Having loose settings means you could be sharing your contact information (e.g. phone number, DOB, email address, employer, name/link to your significant other, etc.), places you frequent (via check-ins), photos of yourself/family/friends/home, where, when and with whom you vacation, and the list goes on – all with people you don’t know.

In order to steal an identity, blackmail, rob/assault/harass, and commit a host of other real-world crimes, all someone needs is to do is find a person with weak social media privacy settings!

This flow of data also exposes your real friends and family, since they’re trusting that you’ve vetted your connections, and as a result, a sizeable portion of your friends and family will accept an invitation from one of your new, fake friends.

Here are a few tips to help keep yourself protected:

Social Media Technology

  1. Revisit your privacy/sharing settings just to make sure you’re not sharing more than you want to with a broader audience.
  2.  If someone you don’t know wants to connect with you on a social network, don’t share personal details of your life with them!
  3.  If you’re an employer, take proactive measures to educate employees (start with on-boarding) about your company’s policies, then have open, honest and constructive conversations with those that deviate.


Remember that employers have some exposure related to the social media activities of their employees, too.  While roughly half of HR professionals surveyed in the InfoArmor study use social media to check the background of candidates, they don’t place a high level of importance on the activity, and implement almost no controls to regulate social media of the candidates once they’re hired.  Given 40% of the surveyed HR  professionals believe reckless social media activity by employees can cause significant damage their employer’s public image, one would expect more controls to be in place.

At the end of the day, I’m not advocating that you decline all friend/connection requests or that employers become big brother (although some regulated industries require this).  But given how widespread ID theft is today, the trend of accepting invites from someone you don’t know could open a Pandora’s box.  Educating yourself and only connecting with those you really know are the first steps in ensuring a greater sense of security for you and your network.

Paul Rockwell is head of Trust & Safety at LinkedIn.


Cyber Monday and Holiday Shopping Reminders

The ever so famous Black Friday, Cyber Monday, and additional online shopping for the holidays will soon be here. Having the convenience and ease of getting all your needs online can cause you to carelessly forget to protect yourself. Simple mistakes could alter the way your holidays fall out if you become a victim of identity or credit fraud.Cyber Monday

When online shopping this holiday season:

  • Check the credibility of the site you want to purchase from, read reviews, check their locations and review their contact information
  • Look for secure connections (https)
  • Do not use unsecure wireless networks to make online purchases
  • Use a credit cards verses a debit card and never send in cash or use money-wiring services for online purchases
  • Keep a copy of your receipts and compare them to your credit card statement
  • Watch out for phishing scams

The Dangers of Social Engineering

Social Engineering

Although fraudsters and scam artists have been around long before social media, they’re reinventing ways to procure information from innocent people. From trickery to misrepresentation, it’s easy to fall prey to these online swindlers, who collect information about you to “socially and personally” target you.

Get smart on the top six social engineering cons:

  1. The misplaced flash drive. Wow! You’ve just come across a flash drive that’s been dropped in your office parking lot. Think twice about plugging it into the company computer. It could be harboring malware that could infiltrate your company’s digital infrastructure.
  1. Most times phishing scams are easily identified given scammers’ sloppy grammar or vocabulary. But phishing is becoming much more sophisticated as emails are built to persuade you to click on a link or submit personal information. Beware of emails soliciting personal information!
  1. It’s from a friend. Social media platforms have made it easier than ever for scammers to access your information and use it to compromise your friends. Beware of suspicious emails containing attachments that your friends wouldn’t normally send.Phishing
  1. Ring-a-ling. While scams may originate on social media, hackers have used old-school methods to procure additional information. After finding your phone number, they’ll get to know you just enough from your social media profile and then call you up to see how much more you will reveal – passwords, credit card information, additional personal details. The sky’s the limit. If a caller starts asking for personal information, do not share personal information, but rather ask for their phone number and offer to call them back. Then research their claims and their number.
  1. Guard your email account. Think about what you store on email – it’s no doubt a treasure trove of information. From financial information to credit card numbers, email accounts are pay dirt for hackers. Set strong passwords, don’t use public Wi-Fi and monitor for any suspicious activity.
  1. Tech support calling. If you receive any unsolicited calls indicating you need technical support, be wary! Scammers call their victims pretending to be from a reputable company, investigating a malware attack. They try to persuade users to grant them remote desktop access. Once in, the sky’s the limit!

Source: http://www.cio/com/article/2884639/security0/7-social-engineering-scams-and-how-to-avoid-them.html

Risky Business—Who’s in Your Social Network?

In addition to being a place you can catch up with friends and share updates with your family, social media can also be a very scary place. As social media evolves, the effects of sharing information (especially too much information) in social channels still remain to be seen. A recent survey by InfoArmor revealed that although social media users cite crime and loss of privacy as their most feared outcomes of oversharing, they do little to protect themselves online.

Are you a statistic of sloppy social media use?

80% Acknowledge half or fewer or their connections are not true friends.

40% Rarely or never check their privacy settings.

41% “Friend” a user they don’t know based on a mutual connection.

2X More likely to have your social ID stolen if you’re a Millennial.Social Media Masks

Check out the full survey for more startling statistics on Americans social media use.

What can you do to protect yourself online?

An ounce of prevention is worth a pound of cure, especially when protecting your social footprint. Although we live in a time when identity fraud occurrence isn’t an if, but a when, you do have the power to reduce your risk of compromise:

  1. Be vigilant in checking your privacy settings on your social channels;
  1. Be cognizant of the consequences of posting highly personal or too much information, since information shared online can never truly be erased;
  1. Censor yourself. Only post information that would not be damaging to you in in the future; and
  1. Lead by example and teach children and teens not to overshare, and take ownership of your personal information online.

How savvy are employers when it comes to social media?

The answer is a surprising – not very! A recent survey among the HR community revealed that although HR and hiring managers acknowledge the dangers employees’ social media activities pose, firms are not adapting to address these impending threats. Consider that:

40% Cite damage to their companies as their greatest fear of employee social media use.

56%  Have a social media policy in place, but…

70% Don’t actively monitor their social media policy.

Young Group Social Media

When it comes to social media use, companies are trusting that their employees will not compromise themselves or their employers. In a world where the volume of information shared on social is

staggering, the potentially devastating effects of this laissez-faire approach should be keeping executive management up at night.

While educating employees about appropriate social media use is beneficial, employers should not only adopt strong social media policies, but also implement procedures to actively enforce the policies with clearly indicated consequences for inappropriate use.

Visit InfoArmor’s full survey for more information about social media trends in HR.