As a non-profit agency, the Identity Theft Resource Center prides itself on being a wholly neutral party when it comes to political issues. Our mission is to serve the public-at-large and we take that responsibility very seriously. But from time to time, an issue can pose such a threat to the public that we must speak up, even at the risk of appearing to take sides.

Scammers are casting their nets under the guise of political discord, and they’re relying on hot button issues to instill a sense of public panic. One of the most common scams right now may very well be the “Obamacare” scam, which spreads false information about pending changes to health insurance regulations in order to frighten victims into turning over their money.

Social media posts are already doing half the scammers’ work for them. With news headlines and individual posts about the threat of a repeal of the Affordable Care Act (ACA) without a program to replace it, scammers simply have to point to such an article to say the public must act now.

This is certainly not the first issue that identity thieves and scammers have been able to capitalize on in order to lure new victims. Changes to the IRS regulations, especially ones that will result in delayed refunds in order to prevent fraud, leave the door wide open for scammers to convince you that they can secure your refund for you. The recent controversy surrounding college tuition costs and student financial aid has resulted in scams that claim to help you get your student loan debt forgiven for a significant fee, then ultimately route the victim directly back to a free government program that they could have used on their own.

Before falling for any “act now” offer, it’s important to verify the company behind it and the method they plan to use you fulfill their claim. Many of the Obamacare relief scams have been nothing more than a registration (plus fee) that gives you lists of insurance companies you can contact for coverage; that’s exactly the same thing you could have done without paying their fee. Anyone who claims to get your IRS refund for you at a speedier rate is most likely the same as a payday loan; they’ll give you the amount you’re expecting minus a hefty fee for their trouble. Unfortunately, those things are annoying in their shady tactics, but they’re by far not the worst thing that can happen to you if you fall for one of these scams. Other tactics include stealing your personal identifiable information, your money, or both.

In order to protect yourself, you’ve got to do your homework. Before clicking on any offers or ads, investigate the program thoroughly and find out what options you have on your own.

How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.

Last year was certainly the year of the phone scam, as there were a record 10.2 billion reported phone calls made through auto-dialing software to US citizens alone. Many of these calls were scams that encompassed everything from government agency scams to lottery winnings, and typically went after their victims’ personal identifiable information, money, or both.

Hiya, a company that provides caller ID service as well as call-blocking apps, released its annual report on the types of phone calls that scammers used to target the public. The Robocall Radar: End of Year Report 2016 ranks the type of automatic phone calls in order of prevalence.

According to the Federal Trade Commission’s National Do Not Call Registry Data Book for Fiscal Year 2016, the Do Not Call Registry contained just over 226 million actively registered phone numbers, up from the 223 million at the end of FY 2015. In addition, the number of consumer complaints about unwanted telemarketing calls received increased from just under 3.6 million during FY 2015 to over 5.3 million during FY 2016.

1. Telemarketer Scams – Telemarketing calls are annoying, but they aren’t all scams. However, telemarketing calls that were actually attempts at stealing money and data were the top form of phone scam last year.

2. Spoofing – Again, spoofing a phone number is not proof that the call was a scam, but Hiya’s data shows that spoofed calls are almost overwhelmingly attached to illegal activity. After all, what would the purpose be in showing a different name, city, or phone number on your phone’s screen if the caller was genuine?

3. Kidnap Scams – It’s horrifying that the third place spot is held by kidnapping or extortion scams, but these occur when the scammers robocall random phone numbers, then wait for a caller to pick up. Once the potential victim answers, the caller demands a ransom payment for a friend or relative that they have supposedly kidnapped.

4. IRS Scams – It’s no surprise that this type of scam is in the top five. After all, if you’re a living, breathing American, you probably had to file a tax return last year. It takes no effort at all to lie to you, claiming that you failed to pay the appropriate amount and that you must make immediate payment in order to avoid going to jail.

5. Debt Collector Scams – Again, these are not from genuine collections agencies, but scammers who dial random numbers. Why does it work? Because just as in the IRS scams, most Americans carry some kind of household debt. By convincing you that you’ve failed to make a payment, scammers can steal your personal identifiable information and coerce you into giving them a payment over the phone.

The rest of the top ten scams include surveys, vacation and travel offers, lottery or contest winnings of some kind, the famous tech support scam, and political scams. That’s not to say there aren’t other types—one thing the security industry has learned is that criminals come up with new ways to steal from you every day—but these are the ones that continue to be the most common.

The real question, though, is why? If these scams continue to make headlines, why are they still so effective? The numbers from Hiya don’t prove how often victims fall for these scams, only how often these types of tactics are used, but that does lend itself to a correlation between the number of calls and their effectiveness. In most of these scams, there’s an emotional tie-in: your grandson has been kidnapped, you’re going to jail for failure to pay your taxes, you’ve just won millions in the lottery, you can finally take your spouse on a dream vacation. This emotional connection grabs your attention and prevents you from really processing the facts behind what you’re hearing. In order to avoid becoming a victim of a phone scam or any other fraud attempt, it’s vital that consumers pause and think about the scenario before responding.

As always, anyone who believes their identity has been stolen or their personal data has been compromised is invited to connect with the ITRC through our toll-free call center at (888) 400-5530, or on-the-go with the new IDTheftHelp app for iOS and Android.

There are quite a few hot-ticket events around the country, and that means scalpers and scammers are waiting at the ready to make some fast money. Whether it’s Super Bowl tickets, concert tickets, or—in the case of a currently newsworthy event—festival passes to Coachella, the internet has created a veritable Wild West for buying third-party event tickets.

Coachella is a weekend-to-weekend festival that takes place each year in California’s Coachella Valley. The outdoor event draws top-name celebrities and musicians alike, and the festival atmosphere brings in crowds numbering close to 100,000 people per day. The tickets, which run from about $400 to $900 each, are a hot commodity and sell out very quickly.

Part of the quick turnaround on the tickets is due to scalpers buying up entire blocks of tickets and then reselling them online for a profit. The common practice means a lot of people won’t think twice about purchasing their tickets from a site other than the official festival website, and that’s something scammers are banking on.

One reported scam for last year’s event cost one would-be attendee $400. The seller listed the tickets on Craigslist and required payment in the form of a MoneyPak prepaid debit card. Once the victim purchased the card and the seller claimed it, the victim never received the tickets and never heard from the seller again. Attempts to call the seller’s stated phone number went to a free texting app.

Other scams surrounding past years’ events include attempted phishing emails that sought attendees’ personal information, credit card numbers, and more. Yet another reported festival scam offers attendees add-on tickets to other events, only these other events—from restaurant and lodging options to getting to rub elbows with famous people at VIP parties—don’t even exist.

With tickets to the 2017 festival going on sale on January 4th, scammers are waiting with these same tactics, and a few new tricks as well. Here are some ways to be prepared:

1. The event fine print itself states that they are not required to honor, refund, or support any tickets that were purchased from a third-party. Even buying a genuine ticket from an outsider runs you the potential risk of losing your money.

2. But what if a friend of a friend of a friend suddenly can’t use his ticket—or any other high-dollar item, for that matter? Meet in a public place to make your purchase, and ask the seller to sign a detailed, itemized receipt for it.

3. If you are ever purchasing event tickets online, never pay with a prepaid debit card or gift card if you can avoid it. Using a credit card or a mobile payment option like PayPal offers you some measure of buyer protection if this turns out to be fraud.

4. As for those phishing emails, once you have your tickets there’s no reason for anyone to request your credit card number or your other personal details. If you don’t have tickets but receive an email offering you a great deal, do not click a link or open an attachment; instead, verify the company’s existence online and make your purchase through their site.

As always, anyone who believes their identity has been stolen or their personal data has been compromised is invited to connect with the ITRC through our toll-free call center at (888) 400-5530, or on-the-go with the new IDTheftHelp app for iOS and Android.

The current political climate has put medical care and health insurance coverage in the crosshairs. It’s now a hotly contested topic for a lot of people, and the coming year may result in even more changes. That’s why it’s important to understand the real danger: scams.

There are a few ways you can keep yourself safe from scammers where your health insurance coverage is concerned, no matter who your provider is. Some of these tips will be specific to different aspects of health insurance, while others are simply smart habits to develop in any circumstance.

  1. Protect Your Data – When the Affordable Care Act launched HealthCare.gov and the online Marketplace, individuals had to enter a lot of highly sensitive information in order to determine the best coverage for their needs. Unfortunately, hackers took full advantageof the wealth of information, while “inside job” identity thieves stole multiple applicants’ records. And that’s just on the legitimate sites, not to mention the phony sites that sprung up with the intention of stealing identities.

When you’re checking out websites that offer health insurance coverage or responding to emails, make sure you safeguard your information. If the site isn’t trustworthy and doesn’t include an HTTPS security designation, don’t type in your personal information.

  1. Watch Your Wallet – If you have to pay a fee for a coverage determination or a rate quote, you’re talking to the wrong people. Health insurance companies don’t charge the public when looking into the coverage they can provide, so any company that wants a transaction fee or some other charge is not operating as they should.

While they might need to know something like your household income, they will never need your bank account number in order to “process” the quote.

  1. Don’t Call Us, We’ll Call You – Phone scammers made a record 2 billion phone calls in 2016, trying every conceivable scam. With any coming changes to the current health insurance regulations or new programs, there’s every reason to believe scammers will up their phone call game.

Remember, never give out your personal identifiable information to anyone who calls you. If you are interested in the service they claim to offer, take their complete information—including company name, phone number, caller’s name, and the number of years this company has been offering healthcare coverage—then verify the information from another source. Only after you’re certain this is a legitimate company should you contact them through a verified number and speak to an agent.

  1. Bait and Switch – There have been reported scams in which a caller claims the victim owes them money for coverage, despite the victim not even knowing who this company is. In much the same way that your mortgage or auto loan can be “bought” by another bank—which you will be notified of in writing—insurance underwriters might work with different companies.

However, you will be notified of any changes in your provider’s status and you will never have to pay another company—no matter what the caller tells you—without having prior knowledge of the switch. Furthermore, anyone who ever calls you and tells you to make an immediate payment over the phone or risk losing your coverage is scamming you; if you do owe money, you will receive a bill and will not be threatened with loss of health care.

As always, anyone who believes their identity has been stolen or their personal data has been compromised is invited to connect with the ITRC through our toll-free call center at (888) 400-5530, or on-the-go with the new IDTheftHelp app for iOS and Android.

Gift cards are a convenient and thoughtful way to give presents to those hard-to-shop-for friends and relatives. Some people might think they’re impersonal, but that’s not necessarily true. The thoughtfulness is still there since you knew which of their favorite stores to give, but you’re still able to make sure the recipient gets exactly what he wants…and in the right size and color!

Unfortunately, the very thing that makes gift cards such a practical and thoughtful gift is what makes them an important part of the scammer’s toolbox. Gift cards are anonymous, untraceable, refillable, and accepted both in stores and online. They can be purchased nearly anywhere, and once paid for, they are just as vulnerable to theft as cash. For those reasons, scammers have relied on gift cards as forms of payment from their victims for quite some time, but a new gift card scam has cropped up just in time to ruin the holidays.

Most retail gift cards have a dull gray coating covering the PIN number on the back. This coating is scratched off by the recipient before using the card to make a purchase, but scammers have learned a terrible workaround. Using similar gray coating stickers that can be purchased online, they go into a store that sells lots of gift cards. They scratch the existing coating off the PIN number and take a picture of the barcode and PIN, then place a new sticker over the PIN.

From there, it becomes a waiting game. The card isn’t worth anything until it’s activated at the checkout, so the scammer just keeps checking the balance on the card by phone or online until he finds that someone has actually purchased it. Then he drains the money from the card, leaving your gift card empty. When you try to use it or you’ve given it to someone this holiday, it’s worthless and your money is gone.

In order to avoid this scam, check your blank gift cards carefully before you buy them for any signs of tampering. This would include scratches to the back surface of the card, a gray coating that doesn’t look like the coating on other cards nearby, a bent or torn cardboard sleeve glued to the card, and other similar signs of wear.


Questions about identity theft? Contact the ITRC toll-free at (888) 400-5530 or on-the-go with the new IDTheftHelp app for iOS and Android.

In the fight against fraud, scams, and identity theft, one of the major obstacles is the anonymous and often global nature of the crime. Scammers can be located virtually anywhere, and thanks to the technology that powers their crime, finding the criminals can be like looking for a needle in a worldwide haystack.

But law enforcement officers have recently scored a major victory against international scammers thanks to an insider tip. Multiple call centers in India were investigated and raided after a report that the employees were tasked with texting US phone numbers with warnings about overdue taxes. When the recipients called the number provided in the message, the call center staff would pose as American IRS agents and demand payment. In many cases, the calls included threats that the police were on their way to arrest the victims for failure to pay what they allegedly owed.

Scams like this one work because of the ominous nature of the revenue service, at least in the minds of consumers. Unfortunately, that reputation is undeserved, even if it’s widespread. The IRS does not contact anyone via text or phone call to demand payment, and any legitimate correspondence begins with a letter mailed through the postal service so the recipient has a paper trail in their case.

In the case of these particular call centers, more than seventy people were arrested, including the owners, managers, and supervisors. Another 600 staff members are still being investigated as they were the actual callers. So far, the investigation has led to estimates that over $100,000 a day was collected throughout the course of the year that the centers were in operation. Local authorities are working with the FBI to try to sort out where those funds originated, ideally to return some of the victims’ money.

Cases like this one are truly a happy ending in the crime of identity theft and fraud. It’s uncommon that victims of scams like this one ever find out who perpetrated the crime, let alone have any hope of recovering some of their stolen money. That’s why security experts and advocates work hard to raise awareness of scams and fraud, hoping to prevent more citizens from becoming victims.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

With the growing problem of young people who are struggling to pay off hefty student loan debt, scammers have stepped in to take action…and take advantage. Much like the scams that once targeted homeowners with promises of relief from variable rate mortgages, students are the next crop of unwitting victims.

These new scams target unsuspecting students and recent graduates with promises of lower interest rates, lower total payoff amounts, and even outright forgiveness of the entire debt. That’s a pretty enticing promise considering the original borrowed amount and the extreme interest payments some students face. It’s also not an entirely unheard of idea; there are many programs for lowering your credit card interest rates, renegotiating a loan amount, and even forgiving certain types of educational financial aid, making the scam even more plausible. Rather than preying on gullible people, these scams work overtime to reach highly educated individuals and therefore must seem believable.

There are genuine consumer assistance programs out there, and they are designed to help individuals who are facing overwhelming debt. Through credit counseling and debt consolidation, these experts can help steer you in the right direction towards paying off your loans in a way that is productive but doesn’t leave you eating rice and beans three meals a day. Unfortunately, when looking for these legitimate programs, you’re very likely to come across scams or be targeted with flashy sidebar ads that make outrageous debt-forgiveness promises.

One of the first manifestations of this type of scam isn’t actually illegal, but it still preys on victims who are already burdened with an overbearing debt. By charging massive, undisclosed “fine print” fees for signing up, some of which can reach well over a thousand dollars, consumers who’ve reached out for help may find themselves in equally difficult financial straits.

Of course, other versions are nothing more than bait-and-switch cons which promise a lower interest rate but actually result in a longer payoff period, meaning the consumer actually pays more in the long run. Still other scams do literally nothing that the student could not have done for himself, while also taking all of his personal identifiable information in the process. Turning over the large amounts of sensitive personal data required for any kind of loan application process can leave the door wide open for identity theft if your information is not protected.

In order to protect yourself from the risks associated with financial scams, do your homework. First, investigate the options that are laid out by the loan issuer. The US government does have student loan forgiveness options if you meet the right criteria. There are also programs that will help recent graduates forgive their debt in exchange for a few years of service within the country, like agreeing to teach in a public school located in a poverty area. Barring an actual erasure of the debt, a credit counselor can help with lowering your interest rates, consolidating some of your debt into one easy-to-manage loan, and setting up a workable schedule of payments that meets your financial needs.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

If you’ve ever bought anything online, you’ve probably experienced that same moment of hesitation before clicking “confirm” on your purchase. Is this seller trustworthy? Is he going to send me a defective item? Is he going to take my money and not send anything at all?

Those are very valid fears considering the high numbers of online shopping scams that are reported each year. But what a lot of consumers overlook is the fact that the seller may be putting himself at just as much risk of falling victim to a shipping scam. Due to some of the ways that the major online marketplaces meet the needs of both buyers and sellers, the door has been left wide open for thieves to steal from small business owners and individuals alike.

One of the major platforms that helps buyers and sellers is PayPal. It’s a secure and purchase-protected platform that has made the process of online shopping a lot more trustworthy. Unfortunately, scammers know how to skirt the system in order to achieve their end goal of ripping off their victims.

Scammers simply list a different address on the invoice than in their communication with the seller, meaning a scammer can make a purchase that lists one address on the PayPal invoice, but when it comes time to ship the item, he’s asked for it to go to a different address. The seller ships the item to the new address, and the scammer cancels the payment on PayPal as soon as he has the tracking number and knows the item has shipped. PayPal only knows about his actual address on his invoice and therefore refunds his money for failure to receive the item.

Another common scam involves retail giant Amazon, who also offers third-party vendors the opportunity to reach a vast customer base online. In Amazon’s case, they don’t deal with the same type of invoicing and shipping addresses, so the scam is a little different. The buyer makes the purchase, receives the item, and may even leave a review for the seller. Then, they simply contact Amazon customer service and state that the item never showed up; they also delete their review to cover their tracks. Amazon has no record of it showing up, and in the interest of customer service, they refund the buyer’s money and charge it to the seller.

If you’re a small business retailer or just an individual selling an unwanted item, there are a few things you can do to protect yourself from this type of shipping scam. If you’re using PayPal, never agree to ship an item to an address other than the one on the invoice. Doing so nullifies the invoice according to PayPal’s terms, so even if the customer has a good excuse—it’s a gift for a relative, he’s moving and wants it to arrive at his new address, or any other reason—never agree to swap the addresses.

Any time you send an item to an online customer—but especially when using Amazon—go the extra mile and pay to ship it with a recipient’s signature required. It will cost you a little more, but the post office will have a record that the buyer received and signed for the item, preventing them from stealing your item and claiming it was never sent.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

As scams that target the public go, many of them seem pretty hard to believe. The famous Nigerian prince email scams, for example, have circulated for years and contain absolutely ludicrous stories of desperate need. It might seem hard to believe that anyone would fall for it, and scammers have even spoken out about the reason behind these wild tales: they want only the most gullible victims to respond.

But there are a lot of scams that are hard to ignore, largely because they contain specific information about you. It’s even more alarming when the scammer contacts you by phone, threatening you with severe consequences for not complying.

That’s the case for far too many people who’ve been victimized by IRS scams. In these all too common attacks that have stolen millions of dollars from consumers, criminals posing as IRS agents reach out to potential victims and claim their taxes have not been paid, openly stating that there will be criminal penalties if they don’t pay immediately.

Sadly, for those who do fall for the scam and send in payment, things only get worse. Once the scammers know that you’re a willing mark, they continue to call with new threats and even bigger demands for money. Some victims have sent literally everything they had, only to be told to reach out to their other relatives for more money.

These IRS scams and other similar fraudulent failure-to-pay calls work because the caller seems to know so much about you. He might have your name and address, your family members’ names, and in some cases, even your Social Security number. If he knows so much about you, surely this is genuine, right?

Unfortunately, this is one of the many ways that thieves can benefit from your stolen data. They may have accessed old information from a data breach that was sold online, or hacked your existing accounts to glean information about you. Something as harmless as an obituary for a family member can even tell a scammer a lot about you, including the names and number of children you have, where you live, and the fact that you may have just received a life insurance settlement.

It’s all too easy to appear to be legitimate, and even if they’re wrong and you call them on it, the worst that happens is they hang up and move on to the next potential victim. They have nothing to lose by calling you, and a lot to possibly gain.

It’s crucial that consumers remember they are never required to make an immediate payment for outstanding charges over the phone, via prepaid debit card or wire transfer, or simply based on information they received in a phone call. Any legitimate charges from the IRS, your financial institution, your utility company, or any other entity will be sent to you in writing so you can have a record of the matter, and will contain detailed information so you can speak with someone about your case.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

In the realm of internet activity, there are a lot of different ways that scammers and hackers can nab your personal information. All too often, though, the victim of the data theft accidentally does the dirty work for the scammer.

If a hacker can get you to click on a link and install a virus on your own computer, his job is done. All he has to do is sit back and mine your data, including your contacts list, your usernames and passwords, even stored information locked up in your documents, depending on the type of virus he sent you.

Given the threat of malicious software downloads, you’d think that people wouldn’t still fall for this tactic. Unfortunately, it’s all too common, and hackers are happy to up their game with new methods of encouraging you to fall for it. Whether it’s sending you an email that appears to come from someone you know (through either spoofing the sender’s account or hacking into their account), or trapping you with a text message from an unknown phone number that claims to include “crazy” pictures of you, there’s no end to their creativity in trying to phish you out.

But there’s another trick up the hacker’s sleeves when it comes to phishing, and that’s social media click bait. Click bait is a term that usually applies to “news” articles that are shared online. They might have scandalous-sounding headlines like, “You won’t believe what (insert celebrity name here) wore on the red carpet!” but the goal is simply to get you to click on the link. Typically, click bait is relatively harmless, other than making money for the website in advertising revenue every time someone clicks. The “bait” doesn’t have to be an article, though; it could just as easily be a post on your timeline or a private message with something enticing, like, “Check out these pictures of you from last weekend!”

A new study took a hard look at how easy it is for scammers to lure us in with phishing emails and click bait. In an experiment involving nearly 2000 email and social media users, the target groups were sent either an email or a social media message that offered them photos of themselves that someone had taken. The results were pretty surprising:

“In the first study, which addressed the targets by their first names, 56% of the email recipients and 38% of the Facebook message recipients clicked on the links… In the second study, where the first names were dropped but the specificity of the phishing message upped the curiosity factor, only 20% of email recipients clicked through, while the percentage of Facebook users who clicked went up to 42%.”

Unfortunately, the experiment concluded with a questionnaire for the test subjects and the results were puzzling. 78% of the respondents said they were unaware of the danger of clicking on an unexpected link. Even more interesting, the questionnaire asked the respondents whether or not they had clicked on the link. Only 20% in the first group had said they did, and 16% in the second group admitted it; of course, the researchers could track the links, and found that the numbers were actually 45% and 25%, respectively.

This lack of awareness coupled with an underlying understanding that we shouldn’t be clicking on messages we can’t verify is actually very telling from a security standpoint. It means that greater awareness of the threat needs to be shared, but also that many users understand there is some kind of risk, even if they don’t know what it is.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.