Criminals have developed DNA test scams targeting victims to retrieve medical and sensitive information. DNA test kits have grown in both popularity and affordability in recent years. While not claiming to be foolproof or accurate, they can provide a glimpse into the genetic makeup of your family tree. There have been stories about these swab-at-home test kits providing more important information as well, such as the likelihood of certain medical issues.

Attorneys general in two states have already issued warnings about DNA test scams that steal the victims’ sensitive information. The caller claims to be from a testing agency and offers the victim a free DNA test kit if they meet specific criteria. In one victim’s case, the criteria was a family history of cancer. You would be hard-pressed to find an individual who does not have a relative who has had cancer, so of course, the victim instantly qualifies.

All they have to do to receive their free kit is answer some general questions and provide their medical coverage information. Some experts believe that DNA test scams may have grown out of the recent announcement that Medicare would cover the cost of genetic screening for cancer patients if the kit is an FDA-approved tool.

In some of the reports of these scams, individuals were actually going door to door and offering victims a free kit plus $20 in exchange for their medical coverage information. The kits are easy and cheap to replicate, as they only require some cotton swabs and a mailer envelope. Victims were easily fooled into thinking they were receiving real testing kits.

The best advice for avoiding DNA test scams is remembering that no one will ever call you and offer you something that is genuinely free. Whether it is medical services or anything else, the only reason to offer you anything is because the other person is getting something in return. In this scam victims sensitive data or medical identity is compromised. Remember to always speak with your physician about any potentially necessary tests, or contact your health coverage provider directly to see if there are services or treatments you can use that they cover. Otherwise, steer clear of anyone who wants access to your records or data.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

A new report from the Federal Trade Commission found that tax return fraud actually declined recently, and Social Security scams stepped in to take their place. These scams can manifest in a few different ways, but all of them are intended to steal your money, your identity or both.

Listen to the real scam below:

In one of the Social Security scams circulating, a caller claiming to be from the Social Security Administration informs you that there has been suspicious identity theft activity involving your SSN. You are urged to purchase a prepaid debit card, iTunes gift card or other reloadable funds card and transfer all of your money out of your bank accounts and onto that card. This is supposed to keep those dangerous hackers from getting your money. The agent calls back later to confirm that you have done it, and then tells you the Social Security Administration will record the card’s account number and PIN number in your file, supposedly to protect your money in case something happens to that card. Once you read the card number and the PIN number to the fake agent, they will drain the funds off the card and you will now be completely broke.

The more common of the Social Security scams, is to call a potential victim and claim that their SSN has been suspended. This scam has actually been at work for some time, but there has recently been a renewed number of victim reports. In this Social Security scam, a fake agent tells you that your number has been suspended due to possible identity theft, meaning you will no longer receive benefits, it can no longer be used for health care or other benefits. You are required to confirm your SSN and some other sensitive personal information for the agent in order to reinstate your SSN. After you confirm your personal identifying information, the fake agent steals your identity and uses it for a variety of malicious activities, including opening new lines of credit and claiming your benefits.

In order to protect yourself, you must adopt one ridiculously easy habit: never believe what you hear over the phone. It is far too easy to scam people via phone, and thanks to simple tools that anyone can acquire, the scammer can even change their phone number on your caller ID in order to look legitimate. Therefore, it is vital that you ignore any warning or request from anyone who calls you—and the same is true for emails, social media messages or texts. If there is a genuine problem with your account or your information, you can always contact the organization, agency, or business directly to put the matter to rest.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

If you have not filed your tax return yet, the deadline is looming. If you have filed already, you are probably still very aware of the date as you anxiously await your return. Whether you have filed or not, there is a good chance you have encountered one or two tax scams this year or in previous. Many scammers take advantage of the lack of knowledge and fear that comes with the April 15th tax day. While there may be fewer calls from shady people demanding your tax information after the 15th passes, that only means that tax scams will take on a new look and scammers will adapt.

First, remember that not everyone will file by the April 15th deadline. Whether due to late activity or previously-approved extensions, a significant number of consumers will mail or e-send those returns in after the date. Scammers know this, and therefore, have no intention of cutting off their activity. It is important to be on the lookout even after the deadline has passed and after you have filed your return.

Of course, extensions or late filing only applies to some people. If you have already filed but a caller tells you that your return was never received, you can probably have a good laugh and hang up the phone. Why? Because the IRS does NOT call you, but rather sends letters through the postal service instead (if you have not received any confirmation that your postal return was received, you might check in with the IRS to be safe, but they still will not call you).

What if the caller has a different story? What if someone posing as an IRS agent tells you that your return had an error, or that they suspect you have been the victim of identity theft since someone else sent in a return in your name? Those scenarios can be very frightening, and that means these tax scams are a lot harder to ignore.

First of all, the same rule from above still applies: the IRS will not call you, even for something as serious as those situations. You will receive a mailed letter if there is an issue, and this letter will provide you with the information you need to take your next steps. Even if your caller ID says “IRS,” you should be very careful since it is most likely a scam.

Next, it is important to develop a good habit of safeguarding your information, no matter who calls or why they claim to need it. If you are ever asked to verify your identity by providing anything more sensitive than your name or home address, do not comply. Instead, take down the caller’s information and contact their company or agency yourself using a verified contact method.

Also, if you are ever told you failed to pay your taxes correctly or owe a penalty, you will never be required to make an immediate payment over the phone (see previous mentions of phone calls). You will have time to look into the matter and take appropriate action. This is very important: you cannot pay with an iTunes or other gift cards, no matter what the scammer tells you. You will also never be required to use an untraceable method like a prepaid debit card or wire transfer. Your own check, a money order, or a cashier’s check are all valid forms of payment.

Finally, tax scams rely on the fear factor of messing up where the IRS is concerned but do not fall for this scare tactic. The burden of proof has been on the IRS’ shoulders for quite some time, not on the individual taxpayer. Do not be frightened into handing over your money or your identity to a thief.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: Imposter Scams Were The Most Reported Consumer Complaint

The Federal Trade Commission (FTC) is the U.S. government agency tasked with protecting consumers. Whether it is issuing warnings and recalls about dangerous products, policing companies for misleading advertising or helping write regulations in regards to harmful products, the FTC is certainly the unsung hero that protects all of us on a daily basis.

The FTC has another crucial job, it is the go-to department for reporting scams, fraud, and other related crimes. As such, the FTC keeps tabs on the types of consumer reports that are filed each year and releases this comprehensive information in its annual report from the Consumer Sentinel Network.

The 2018 report has been released with a shocking new finding: for the first time since the FTC began tabulating and reporting the complaints, imposter scams topped the list of most commonly reported consumer fraud.

An imposter scam occurs when a criminal uses a false identity or persona to trap you. It might be someone pretending to be a Microsoft employee, a Google ad salesman, someone from your bank or credit company, an IRS agent, or a customer service representative from your utility company, just to name a few examples. Using this false persona, the criminal alerts you to some plausible reason why you must pay money or face a consequence of some kind.

For obvious reasons involving threats of jail time and significant penalties, government imposter scams are commonplace. Scams involving phony IRS or Social Security agents made up about half of the 535,417 imposter scam attempts that were reported to the FTC last year. The thought of a fraudulent charge on your credit can make some scam victims comply with a banking imposter scam, but thinking that they have broken the law with regards to their taxes is far scarier.

What is interesting about the increase in government imposter scams is that it is branching out from the norm. IRS scams were commonplace for a long time, as a caller would contact you and claim you have failed to pay your taxes. Now, Social Security imposters contact potential victims and frighten them into thinking their SSN has been suspended or their benefits will not be issued that month unless they verify their identities.

In either case, the goal is money or information. If a scammer can convince you to pay or provide your personally identifiable information, then they can cash in. Sometimes the scammer even manages to acquire both a payment and your data, which will then be used for identity theft.

Unfortunately, as the number of complaint reports to the FTC increased, so did the number of losses that victims reported. With nearly three million different consumer reports made to the FTC last year, the total amount of loss was $1.48 billion, a 38 percent increase compared to the previous year.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The How and Why of Tax Identity Theft

Of all the user-centric, social media websites on the internet, it is possible that none has faced as much intense public and government scrutiny as Facebook. Apart from various bugs, glitches, and possible hacking attempts the company has endured since its launch, governments around the world have taken the website and its founder to task for nearly abusing its users’ privacy.

The site has a long history of gathering, storing, and selling users’ information and internet habits to third-parties, some of whom users do not want to be associated with. There have even been allegations that one specific third-party, Cambridge Analytica, was using information to influence political action.

Now, after a lot of public and legislative demand, Facebook will launch a new feature this year that lets its users clear their Facebook “connection” history. No, this will not delete your posts or photographs instead, Facebook clear history will show users what apps and websites they have visited that maintained a connection to their Facebook accounts, and give users the ability to break that connection by deleting their history.

Why should you do this? First, it puts a dent in the number of websites that can see your posts or content and gather information about where you go, who you visit, what you like, and more. From there, it can stop that information from being sold to advertisers.

The purpose of Facebook clear history really comes down to removing any trace of a connection rather than just blocking a website from accessing your data. Think of this example: if you were simply to remove a baby product website from your Facebook access, that one website could no longer target you with ads. However, any other website that sells similar products may still be able to see that you were once connected and that you interacted with those ads.

Until this new feature launches, there are some things consumers can do if they want to help safeguard some of their privacy on social media. Remember, though, the entire reason you can use these platforms for free is because they are benefitting financially from third parties who pay for access to your account activity.

First, stop logging in with Facebook. It’s very convenient to simply tap “log in with Facebook” on an app or other websites, but it connects that app or website to your Facebook account. Next, stop sharing the news of your latest high score in a game; no one actually cares how well you are playing, but more importantly that game is connected to your profile information. The entire reason that game lets you play for free is because they want that access.

Finally, do your own privacy checkups from time to time, not just on social media but on all of your online accounts. Delete cookies and your browser history if you do not want that information stored, and make sure your passwords are strong and up-to-date in order to keep hackers at bay.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The How and Why of Tax Identity Theft

A lottery scam is still an ever-present threat despite high-tech cybercrime initiatives like hacking. These far more low-tech means of stealing from innocent victims take no skill whatsoever to accomplish, meaning they may be more likely to impact you than high-tech crimes. A Greenburgh woman has been arrested in connection with a lottery scam that authorities said bilked at least 30 elderly victims out of more than $1 million.

There are many different ways a lottery scam can manifest, but they all have a few things in common. First, there’s some “story” behind why they need you to pay a small fee in order to claim your outrageously high-dollar winnings. Second, they want access to your bank account to directly transfer your winnings to you.

The fees – Different versions of lottery scams have different reasons for this phony fee. It might be taxes on your new wealth, a “transfer” fee since the lottery originates in a foreign country, a currency exchange rate fee (again, due to the different country of origin), or a processing fee to transfer the money to you. In any event, it’s all fake. There’s no reason at all—not even taxes, which are paid after you accept the money and not before—to give anyone a payment in order to claim something you have won.

The account access – Scammers who claim you’ll receive a direct deposit or electronic transfer will ask for your bank account number, your routing number, and even things like your Social Security number or birthdate. The criminals have no intention of putting money into your account, but with the information they requested they can easily remove every penny you already have.

A lottery scam, fake sweepstake, and phony contest have some other common threads, and you can spot them before they strike if you understand a few universal truths:

1. You will never, ever win a contest of any kind if you did not enter it. That means the Jamaican lottery or the Facebook sweepstakes or any other phony contest is not going to send you millions of dollars.

2. There is no such thing as a transfer fee, upfront tax costs, or any other payment required for receiving the money you have already won.

3. Online contests should be treated with caution. There are some legal web-based outlets for selling lottery tickets within the US, but even those sites are coming under fire for being too similar to known but unrelated scams.

4. You do not have to “win” to be a victim. Officials have reported a marked increase in scams in which the thief claims he is a foreigner who bought a legitimate lottery ticket within the US, but that he cannot win because he is not a citizen. He offers to split the money with you if you will go claim the winnings but asks you for a hefty fee up front to ensure you do not run off with his ticket.

5. Ticket scams are another common threat, especially for sought-after sports events or sold-out concerts and theater performances. Beware of messages that claim you have won tickets (or have the opportunity to pay for a chance to win tickets) to March Madness, “Hamilton,” or any other exclusive event.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The How and Why of Tax Identity Theft

The federal government shutdown is affecting hundreds of thousands of employees and their families, but other victims stand to be harmed as well. While the government and its agencies handle the employees and continued services for the duration, criminals have been busy contacting consumers with plausible shutdown-related scams.

One law enforcement agency has already alerted area residents to a Medicare scam related to the shutdown. Callers posing as government employees contact random citizens and claim their Medicare (and conceivably Medicaid as well) coverage will be suspended during the shutdown unless the would-be victim signs up to have their information submitted manually. Faced with losing healthcare and prescription coverage, it’s easy to see why someone might willingly hand over all of their personally identifiable information.

Another variation related to the shutdown involves zero-interest temporary loans to “help” federal employees weather the weeks ahead without a paycheck. It sounds like the ideal solution to a terrifying problem, right? Just receive the loan and pay back the funds when work resumes and any back pay arrives? Unfortunately, this isn’t a government program or even one that’s backed by any financial institution. It’s entirely the product of a scammer’s imagination; providing your personal data and your bank account information—presumably for the loan to be directly deposited—only makes you their next victim.

Yet another confirmed instance involves phishing emails that appear to come from your bank. The subject line may actually be very comforting, something about skipping payments during the shutdown, but that’s only to get you to open the email. Like most phishing emails, you’re directed to click the link to sign up for the free payment forgiveness offer, but the link can install harmful software on your computer, redirect to a fake website that steals your information, or worse.

It’s sickening to think that anyone would be so cruel as to steal from federal employees or Medicare recipients at a time like this, and worse, would use a frightening scenario such as the shutdown to steal from the public. Sadly, scammers love nothing more than a widespread crisis to lure their victims into their net.

There are some steps that consumers can take to protect themselves. Fortunately, these are not only useful during this shutdown, but rather are good habits to develop to keep yourself safe at all times:

1. Do not confirm your identifying information for anyone who contacts you.

No matter what excuse they give, refuse then take down their information. Then, using only a verified contact method, contact their business or agency yourself and find out what is wrong with your account.

2. The government will not call you out of the blue, regardless of what agency they work for.

If you receive a call from someone claiming to work for the government, it’s probably a scam.

3. The same applies to financial institutions.

Legitimate offers from a bank will arrive via postal mail and will never expect you to provide personal information to a caller or via email.

4. The best offense is always a strong defense.

Become “suspicious by nature” when anyone contacts you and wants your information or account access.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next: The Government Shutdown is Hurting Crime Victims

If you pulled up in your driveway and saw an orange extension cord running from your exterior outlet to your neighbor’s house, you might have something to say about it. If your neighbors ran a long wire to your cable box to steal your cable, you would probably do something about that as well.

But your neighbors could be stealing your internet connection without your knowledge. Without the need for wires or cords, they could have gained access and your signal strength could be suffering. Worse, you don’t know what kind of activity they’re engaging in over your connection, or what else they may be able to infiltrate over your wifi.

There are a few ways you can tell if someone—a neighbor or even someone paused nearby in a vehicle—is using your internet connection:

1. Internet Slowdown – if your internet connection is suddenly slower, meaning web pages don’t load like they once did or your favorite videos just display an icon circling around instead of playing, you might be running too many devices on your connection. If you know that you haven’t increased the number of computers, phones, tablets, laptops, or IoT devices, someone else may have joined.

2. Check Your Connection Settings – if you can access the app for your router (the box that turns your modem into a signal broadcaster so wireless devices can reach it) or visit the manufacturer’s website to see your account, you should be able to see how many devices are connected to your network. Their customer service department can help you with this step.

Once you find out if someone else has jumped on your connection, it’s actually a pretty easy fix. First, password protect your wifi network, which is a good idea even if no one has been using your connection; however, if you already had a password in place, then the outsider has gained access to it somehow, so simply change it. Also, be sure to check for any available updates to your router’s software since outdated software could have vulnerabilities that outsiders can exploit.

Unfortunately, if someone has been using your wifi, there’s a chance they also accessed sensitive information about you and your family. Change the passwords on all of your sensitive accounts like email, banking, and retail shopping sites, and monitor your accounts for any suspicious activity.


Read next: “Don’t Get Scrooged by a Holiday Scam”

Wouldn’t it be nice if criminals took a break for the holidays, leaving the rest of us to enjoy our celebrations without the worry of scams and fraud? Unfortunately, they don’t slow down at this time of year, and if anything, scammers actually ramp up their activity to take advantage of unsuspecting consumers.

Luckily, you can preserve your holiday cheer and reduce your chances of becoming a victim by learning a few signs of some common scams. Remember, these scams can take on holiday-themed forms at this time of year but can still be a threat all year long.

1. Secret Sister/Gift Exchange Scam – You may have already seen social media posts for a secret sister gift exchange, but know this: no matter who posted it or how much fun it claims to be, it’s a scam. Even worse, depending on how it manifests and where you live, it may even be illegal to participate.

This one works in a similar vein to a pyramid scheme. You buy six to ten gifts and mail them to other people on the list, and in turn, future participants send you gifts. Your initial handful of gifts is supposed to multiply as the list gets bigger, but too many victims of this scam report that all they got was a hit to their bank accounts when they sent off those first gifts.

2. Charity Scams – Thieves take full advantage of our goodwill and generosity, often with sad situations that make us feel grateful to have so much. With the widespread availability of crowdfunding and online posting through social media, it can be very difficult to know who to help and how. Be safe this season by designating your donations before the holidays and choosing reputable organizations whose values align with your own.

3. Shipping, Fake Retail Scams – As our holiday shopping gets fully underway, it can be hard to discern genuine retailers and their messages from the phonies. Copycat websites, fake internet storefronts and bogus emailed receipts that trick us into divulging sensitive information are just a few of the tools scammers can use to steal your identity, your money or both.

4. E-Cards – There are several reputable websites that offer adorable “e-cards,” complete with photo personalization, animated video, and even musical sound effects. Unfortunately, the cards arrive as an email in your inbox telling you to click the link to view it; it takes no tech skill whatsoever to launch a spam email campaign that tricks recipients into downloading a virus instead of a delightful card. Make sure you verify it with the sender before you click any links.

5. Seasonal Employment – There’s never a time when most of us couldn’t use a little extra money, and scammers take advantage of that fact even more at the holidays. Bogus job offers that steal your identifying information, criminal scams that get you to “reship” stolen property and too-good-to-be-true jobs that require you to send in money or access to your bank account are just some of the ways scammers posing as employers can harm you.

This holiday season, arm yourself with information so you won’t have to waste time worrying about scams and fraud. Also, do your friends and family a favor: give the gift of awareness by keeping others informed about these scams and more.


Read next: “What’s the Latest Threat From Your IoT Toys?”

As the holidays approach, savvy consumers should already be on the lookout for scams and fraud. But what about at work? Do you know how to avoid one of the newest twists on an old scam?

Boss phishing—sometimes called CEO phishing or spearphishing, since the message appears to come from someone high up in the company—has been around for a long time, and its targets can be both financial and data-driven. Usually, in the form of a genuine-looking email, the request asks someone to send over sensitive information, change account numbers and move money around, or even change things like usernames and passwords.

It works for one very simple reason… when the boss says to do something, you do it. However, this kind of trust in following orders means the consequences can be very serious for the company and lead to blowback for the employee who was tricked. This newly reported spearphishing scam, though, is particularly horrible since the innocent employee might be the one who’s most profoundly harmed.

In the new variation, the “CEO” emails someone and directs them to buy thousands of dollars’ worth of gift cards for the employees’ holiday bonuses; this could be with their personal credit card or with a company credit card. After the cards are purchased, the “CEO” emails again and says to scratch off the protective strip then submit the card numbers so the boss can email all of the employees their gift car codes.

In a real report of this crime to the Identity Theft Resource Center, a few hours after sending the gift card codes to the scammers, the victim learned the company computer had been hacked. The emails weren’t genuine, and the scammers made off with $5,000 in gift cards.

Fortunately, you can avoid this scam rather easily, but it does require you to get in the good habit of questioning orders. Hopefully, any company leader whose employee receives a strange request won’t be too put out that they took the initiative to verify it before complying.

1. Never click a link or open an attachment in an email unless you know you can trust it. This applies to both your personal email and your business account.

2. Never follow through with strange requests from anyone within the company—like sending over all the payroll records (which contain Social Security numbers), W2s, sensitive account information, or funds—without picking up the phone and verifying the request.

3. Never hit “reply” to share sensitive information. Instead, create a new email with the requested information in case the initial email was hacked or spoofed.

Of course, it can be daunting to “second guess” the boss but that’s what scammers are counting on when they target someone within your company. Think of it this way: it’s far better to ask a silly question and risk a little awkwardness in the workplace than to put your company in a bad situation. Failing to verify a request that turns out to be a phishing attempt can have serious financial consequences for the business, especially if sensitive information is shared.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next: “What do you do with your scam awareness?”