As everyone now knows, 143 million Americans had their personal data compromised during a two-month-long data breach at credit reporting agency Equifax earlier this year. Authorities are now reminding consumers to watch out for bad actors looking to profit from everyone’s worries about their newfound vulnerability.
New York Attorney General Eric Schneiderman on Monday warned consumers to be vigilant against possible hacking and phishing attempts following the massive Equifax data breach.
Phishing is a type of online scam that targets consumers by sending them an email or placing a phone call that appears to be from a well-known source – in this case, Equifax or your bank. The scammers ask for personal identifying information and then use the information to open new accounts, or invade the your existing accounts.
Equifax announced last week that hackers had gained “unauthorized access” to their systems — i.e. a data breach — for nearly two-and a half months. The attack, which was discovered July 29, involved the following personal information: names, dates of birth, addresses, Social Security numbers, and driver’s license numbers.
That is bad, very bad; it’s basically the identity theft jackpot. Every account that needs verification that you’re you asks for that exact set of data, so now anyone can be you.
Additionally, Equifax adds, another 209,000 customers had their credit card numbers stolen, and another 182,000 customers had “personal identifying information” listed from dispute documents.
Schneiderman points out that ne’er-do-wells may take this unfortunate incident and turn it into an opportunity to further victimize those affected by the breach, as well as those whose information wasn’t hacked.
“In addition to taking measures to protect their credit cards and bank accounts, New Yorkers should also think twice before clicking on any suspicious links claiming to be from Equifax or financial institutions,” AG Schneiderman said in a statement that applies not only to New Yorkers, but all consumers.
To that end, consumers should be on the lookout for these common phishing attacks:
• Emails that claim to be from Equifax that claim you can check to see if your data is compromised.
• Emails that claim a problem with your credit card, your credit record, or other personal information.
• Calls from scammers who claim they are from your bank or credit union.
• Fraudulent charges on any credit card because your identity was stolen.
How To Spot A Scam
The Federal Trade Commission offers consumers a wealth of information related to protecting themselves from and spotting these types of phishing scams.
“Phishing scammers make it seem like they need your information or someone else’s, quickly – or something bad will happen,” the FTC notes.
For instance, a scammer might say your account will be frozen, you’ll fail to get a tax refund, your boss will get mad, even that a family member will be hurt or you could be arrested.
“They tell lies to get to you to give them information,” the agency adds.
Be Cautious & Report
The FTC notes that individuals should be cautious about opening any attachments or clicking on links in such emails. Even if the email appears to be from a legit source, those addresses could be spoofed or those accounts could themselves have been hacked.
When you receive such an email, the FTC suggests consumers do their own typing. Use your search engine to look up the website or phone number provided in the email. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.
If you’re not sure of the legitimacy of an email, just call the company yourself.
“If you think a company, friend or family member really does need personal information from you, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email,” the FTC notes.
The same can be advised when receiving a suspicious phone call; ask for a number to call back and check the authenticity by searching online. You can also call the company to ensure they are actually contacting you.