Posts

*Last updated January 27, 2021

Right now is a very difficult time for a lot of individuals as concerns around the COVID-19 pandemic continue to be at the top of people’s minds. In addition to the inconvenience of social distancing and isolation and the very real fears for personal health and safety, many people are also facing the stress of reduced hours at work, being furloughed or losing their jobs due to quarantine and business closures.

There is another equally upsetting issue at hand: unemployment benefits identity theft. A record-setting * over 57 million people in the U.S. filed for unemployment due to COVID-19 between March and September of 2020.

Unemployment benefits identity theft has hit states hard all over the country

In September 2020, the California Employment Development Department put out an alert asking California residents to keep an eye out for fraudulent activity in regards to unemployment benefits in the state. According to the Los Angeles Times, as of January 26, 2021, California officials say unemployment fraud has totals of more than $11 billion. California has paid out $114 billion in unemployment benefits since March 2020, and the state Employment Development Department has processed 19 million claims.

Some residents of West Virginia are receiving unemployment benefit cards they never requested.

The Colorado Department of Labor and Employment says the state has seen nearly 10,000 fake claims. The identity thieves are believed to be just as busy with the filing, too. Many victims have contacted the Identity Theft Resource Center (ITRC) over complaints of unemployment benefits identity theft.

Unemployment benefits identity theft is nothing new

Unemployment benefits identity theft is nothing new. In fact, it is one of many types of government identity theft that can occur when a scammer uses stolen personally identifiable information to apply for benefits through the government. However, with so many consumers filing at the same time, an unfortunate number of people have already reported that a scammer beat them to it. Their claims have been rejected for being duplicate applications while someone else is now set up to receive their benefits.

Like many forms of identity theft, unemployment benefits identity theft is one that victims may not discover until the damage is done. If a claim is turned down for unemployment benefits due to a duplicate application, it is important for people to contact the unemployment agency immediately; the ITRC is another resource to guide victims in this challenge (888.400.5530). In the meantime, there are other ways consumers should take action if their claims are rejected:

Place a freeze on your credit report if it’s feasible

Victims might need to open a new line of credit while they are out of work, but that shouldn’t stop them from placing a freeze. Thawing a credit freeze is extremely simple and quick. This can help block an identity thief who may have their personally identifiable information (since they applied for unemployment benefits in their name) from using it for other purposes.

Monitor accounts carefully

Once again, if a thief has enough information to apply for benefits, they could have access to other information or accounts. Consumers should keep a careful watch on all of their accounts, including their credit reports, and change any online passwords.

Be aware that applying for unemployment is only one step

An identity thief may also fraudulently apply for nutrition assistance, WIC, medical coverage or other benefits. If there are any issues involving those services and someone’s identity, people should contact those agencies immediately.

It is a stressful time for many, and scammers are looking to add to it many different ways, including by unemployment benefits identity theft. It’s also exceptionally difficult given the volume of calls and reduction in services from organizations that a victim needs to contact.

However, the ITRC is here for anyone who falls victim to government identity theft. Victims can also live-chat with an expert advisor or download the ID Theft Help App that will allow them to track their steps in a case log, and get on-the-go assistance.

When any disaster or crisis – including the current global pandemic – occurs, people jump into action to help those impacted by the event. Scammers choose to take advantage of that giving spirit, which is why many people are susceptible to charitable giving scams in times of crisis. Scammers look to take advantage of other’s good deeds and turn it into a personal gain for themselves – both financially and by getting access to personally identifiable information.

That is exactly what has happened during the COVID-19 pandemic. In fact, according to Dayton Daily News, scammers have been going door-to-door in Dayton, Ohio posing as The Dayton Foundation. Scammers have been trying to sell coupon books that claim people’s donations will go towards the fight against COVID-19. It is one of many charitable giving scams.

However, there are things people can do to reduce their risk of falling for a charitable giving scam.

1. When giving to any non-profit, people should only give to trusted sources. This way they will know their donation will not fall into the hands of a scammer. If someone does not recognize the name of a charity that is soliciting funds, they should be cautious.

2. Legitimate donations can be made on a cell-phone. However, scammers can also send out texts that look real. People should find the charity they want to donate to and initiate the contact.

3. People should do their research before giving. Charities can be investigated through the BBB Wise Giving Alliance.

Independent charity evaluator, The Charity Navigator, has also compiled a list of ways to make sure people’s donations are going to a real charity.

The Federal Trade Commission has also recommended people conduct Google searches like “best charity” or “highly-rated charity” to help decipher the real ones from the fake ones.

4. People should ask the charities for information about their mission, goals and history – including requesting their 990-form. If they are unable to answer those questions, they are probably part of a charitable giving scam. Any legitimate non-profit organization should be able to answer people’s questions about their organization and their giving guidelines.

5. Donors should beware of the scammer’s tricks. They will often try to rush people to make their donations and will use names that are similar to existing charities. Fake organizations might also try to tell people their donation is tax-deductible when it is not.

If people have questions regarding charitable giving scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor.

For those that cannot access the website, they can call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will provide assistance as quickly as possible.


You might also be interested in…

Each year, the Identity Theft Resource Center (ITRC) reflects on the previous year’s exploits and anticipates trends for the next. When we first published our thoughts on 2020 back in December, it was stated that we anticipated the identity theft trends for 2020 would include 2020 being the year for privacy. While privacy remains an important topic, the recent changes in the landscape with other cyber issues have changed the conversation.

Data Breaches in Overdrive

Data breaches have continued to occur and the ITRC believes hackers and scammers will shift things into overdrive due to the amount of money that is about to flow through the economy, creating a redistribution of assets.

The coronavirus has forced most companies and their employees to work remotely. While that used to be a luxury, it is the new normal for many who previously haven’t had the experience. That has created a whole new challenge for companies, platforms, service providers and each individual employee.

In this post-COVID-19 shift, the ITRC anticipates breaches will continue to occur at an increased rate, both the number of breaches and the number of records exposed in a single incident. Given that there are a lot of new users that are creating an increase in user-data being housed in databases, it’s easy to see why this will be a potential outcome as a result of shifting workforces.

Increase in User Vulnerabilities Exposed

Security deficiencies are exposed daily, and more rapidly, because of the sheer volume of use of platforms. No one anticipated all of the vulnerabilities that would have to be fixed due to the increase in use. The ITRC has seen a massive shift in those priorities.

Now, issues that might have been well down the road to update need immediate attention because of how organizations have had to shift their use of products and services. Also, those providing those products and services must address the issues now to maintain the integrity of their users’ data.

There are other vulnerabilities with the new remote workforce that will be exploited as they become apparent over the course of the coming weeks and months.

Cybersecurity Issues Exacerbated by Remote Work

The previous 2020 identity theft trends that the ITRC predicted, in all likelihood, will happen. What is now new are the challenges that shifting to remote work as the primary method of working due to COVID-19 entail. All of the problems like ransomware, phishing attacks and patching are still going to be issues. However, they will be exacerbated by this shift in business being done by remote individuals. People who are not accustomed to working from home will be easy prey for hackers and scammers to exploit because of their lack of familiarity with platforms and processes.

Adding to that, companies that moved to stand up a remote workforce quickly may not have the proper policies, processes and employee training in place to guide their workers.

ITRC Is Here For You

Predictions like the 2020 identity theft trends are only educated guesses, based on previous events and information. Businesses, policymakers and the public will have to wait and see how the 2020 trends for identity theft, cybercrime and data privacy play out. Regardless of what happens the rest of 2020, the ITRC will be available, working to teach each person how to fight back against the techniques scammers will use to commit identity theft and support victims through the process of regaining their identities.

For a complete look at the ITRC’s 2019 Data Breach Report, click here.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

You might also be interested in…

Grandparent scams have been around for a long time. However, scammers are coming up with a new twist based on the coronavirus. COVID-19 grandparent scams are playing on the fears many people have right now, that they might lose a loved one.

Who Is It Targeting: Phone and email users

What Is It: A grandparent scam is a phishing scam that claims your family member is in trouble

What Are They After: Scammers are posing as grandchildren who claim they are sick and need money to pay their hospital bills. The information is easily gleaned from social media accounts, giving the caller a name that the person knows to use in their scam. In the current times of the coronavirus, COVID-19 grandparent scams can be particularly compelling.

How You Can Avoid It:

  • Never make a payment over the phone to anyone you do not know or were not expecting to hear from
  • Resist the urge to act immediately, no matter how dramatic the story is
  • If you receive a call like one of these, say that you have to go to the store or bank to secure the money and have them call you back; during that time, reach out to your friend or relative to confirm that they are okay

If people have questions regarding COVID-19 grandparent scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor. For those that cannot access the website, they can call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will provide assistance as quickly as possible.


You might also be interested in…

UPDATED 12/8/2020- With so many people working and socializing from home, more than just businesses – employees, families and friends – are trying to find a place to gather (hold virtual meetings, religious services, game nights, birthday parties and happy hours). Zoom has become “that meeting place” for most. According to the Chief Executive of Zoom, in December the video platform had approximately 10 million users, to currently over 200 million users.

While Zoom has become popular rather quickly, some of its security vulnerabilities have taken the spotlight too. Some of the recent Zoom privacy issues have included user data being sent to Facebook and a flaw leaving Mac users vulnerable to their microphones and webcams being accessed. Another Zoom privacy issue has included a lack of password protection. That has led to some meetings being “Zoom-bombed,” like an AA meeting where trolls harassed those participating in the recovery process.

Zoom executives have come out and said they are working to address the Zoom security problems, including enabling passwords by default in all future meetings, clarifying its encryption practices, releasing fixes for Mac-related issues and more.

In the meantime, there are few things users can do to make sure their Zoom meetings are secure.

Protecting Meetings

Zoom now offers its users multiple ways to protect their meetings. Users can secure a meeting with end-to-end encryption, create waiting rooms for attendees, require a host to be present before the meeting begins, lock a meeting and more. These features can be found in the host settings. These Zoom privacy measures can also help reduce the risk of someone getting into a meeting that does not belong and “Zoom-bombing” the meeting.

Protecting Data

According to Zoom’s website, recordings can be stored locally on the host’s device with the local recording option or on the Zoom Cloud with the Cloud Recording option that is available for customers who are paying for Zoom’s services. The meeting host can manage their recording through a secured interface and the recording can either be shared, downloaded or deleted. Zoom phone voicemail recordings are also processed and stored in the Zoom Cloud and can be managed through Zoom Client. Meeting hosts can manage the Zoom data settings in the settings tab.

Protecting Privacy

Zoom currently stores user email addresses, passwords, names, company names, phone numbers and profile pictures. Company names, phone numbers and adding a profile picture are optional for users. If a user is concerned about their Zoom security, they can elect to only provide their name, email address and password. Users will not be asked to provide any personally identifiable information and should report any message asking them to do so directly to Zoom because it could be a scam.

Oversharing

While Zoom has taken responsibility for its security issues, it is important users do their part. Oversharing their meeting information on social media can lead to some scary consequences, making it easier for others to join what was intended to be a private Zoom meeting. It could also lead to information in someone’s profile settings being stolen. To prevent oversharing, users should not post meeting information on any of their social media platforms. Instead, send the invitation directly to the person they would like to invite. Also, consider revisiting what level social media privacy and security settings are set – otherwise, users may be sharing more information than they intended with people they shouldn’t.

Avoiding Zoom Scams

Security issues are not the only problem Zoom is running into. Zoom phishing attacks are making the rounds threatening employees that their contracts will be terminated, and then asking recipients to input their login credentials in a fake Zoom login page. According to Check Point Research, scammers registered more than 2,449 Zoom-related domains from late April to early May.

There are also Zoom phishing scams saying people received a video conference invitation, like the one the Identity Theft Resource Center received that is pictured below. The email looks real because it is sent with “High Priority” as indicated by the red exclamation point. It is generically from “Zoom” and there is no name of the sender. However, if you hover over the email address with your mouse, it shows a full address that is gibberish. Do not click on links you are not expecting. Rather, go directly to your Zoom account to manage any invitations. At the bottom, there is also no contact information or business logo verifying it is the company.

Image provided by Identity Theft Resource Center

In a statement to NBC 7 San Diego, a Zoom representative said that there are three web addresses that may appear in a legitimate invitation.

  • Zoom.us
  • Zoom.com
  • Zoom.com.cn

The rest of the statement said:
Users across all services and technology platforms should be cautious with e-mails or links received from unknown senders, and they should take care to only click on authentic links to known and trusted service providers. Zoom users should be aware that links to our platform will only ever have a zoom.uszoom.com or zoom.com.cn domain name. Prior to clicking on a link, users should carefully review the URL, being mindful of lookalike domain names and spelling errors.

If anyone ever comes across a Zoom email they are not expecting, they should ignore it and go to their work manager to verify whether or not it is real.

The current times are unprecedented and people are doing what they can to stay connected. Zoom and other video conferencing platforms will continue to play a large role during these times – and beyond. However, being aware of some of the Zoom privacy pitfalls, and can be done to keep themselves and their information safe while they are on their next virtual meeting, game night or happy hour should be the first priority.

The current times are unprecedented and people are doing what they can to stay connected. Zoom and other video conferencing platforms will continue to play a large role during these times – and beyond. However, being aware of some of the Zoom privacy pitfalls, and can be done to keep themselves and their information safe while they are on their next virtual meeting, game night or happy hour should be the first priority.

If people have questions regarding their privacy settings, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor toll-free.

For those that cannot access the website, call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will assist you as quickly as possible.


You might also be interested in…

This post will be updated as more information becomes available

UPDATE: 6/15/2020- According to the Wall Street Journal, Treasury Secretary Steven Mnuchin said the administration is “very seriously considering” a second round of stimulus checks. The proposed $3 trillion Health and Economic Recovery Omnibus Emergency Solutions, or HEROES Act, was passed by the U.S. Senate but has not been passed by the U.S. House of Representatives. It would authorize another round of stimulus payments for most U.S. households. For more information on what the HEROES Act would provide, click here.

UPDATE: 4/29/2020- Anyone who did not file a tax return for 2018 or 2019 and have dependent children must register with the IRS by Tuesday, May 5, at noon EST to get an additional $500 economic impact payment for their dependents. If anyone misses the deadline, they will have to wait until they file their 2020 tax return to get the money. For more information on how to fill out a non-filer form, and how to avoid a non-filer scam, click here.

UPDATE: 4/15/2020 – Stimulus check have begun being distributed and people are already seeing them show up in their bank accounts. The IRS has created a portal where people can check the status of their economic impact payment. It could take a few minutes to load the website due to overload. However, people will be able to see what day they are expected to receive their payment, as well as the payment method.

Non-filers can now also file through the IRS to get their payment sooner. To learn how to file, and how to avoid a non-filer scam click here.

UPDATE 4/13/2020 – The Treasury Department and the IRS have announced that the distribution of stimulus checks will begin this week and that most of them will be deposited directly, requiring no action. Anyone who does not typically file a tax return will need to file a simple tax return to receive their stimulus check.

If there is anyone who has not filed their 2019 tax return but did file a 2018 return, the IRS will use the information provided in the 2018 return. The Treasury also plans on creating a web-based portal where people can enter their direct-deposit information online. The stimulus checks will be available to consumers through the end of 2020. For more information, consumers can visit IRS.gov/coronavirus. To learn more about the stimulus checks, click here. For tax rules to help you fill out your 2019 taxes, click here.

ORIGINAL 3/27/2020- With the COVID-19 pandemic impacting everyone across the United States, the U.S. federal government passed the largest stimulus package ever to help minimize the financial impacts for businesses and consumers. Coronavirus stimulus checks are being mentioned in the news daily, which is leading fraudsters to come up with stimulus check scams.

While there are a lot of questions about the $2 trillion stimulus package and stimulus check payments, most consumers should not have to take any action to receive their stimulus check because the payment will be directly deposited by the IRS into their bank account from the information provided on their 2018 or 2019 tax return. Payments will begin arriving in mid-April.

If anyone receives any messages or letters regarding a government check, it is very likely a coronavirus stimulus check scam. The government will not ask anyone for their Social Security number, bank account number or credit card number; the government will also not ask anyone to pay a fee upfront to get their government check; there will not be a way to “expedite payment” through a service provider either.

If anyone did not provide their bank account information on their last tax return, the IRS will mail people their stimulus checks. There have also been discussions about the possibility of sending some payments to consumers on prepaid debit cards to speed up the process. While that is a possibility, if someone reaches out saying that they can get the stimulus payment to you on a debit/credit card, please report it to local authorities or the Internet Crime Complaint Center (IC3) to verify whether it is real or fake.

With the stimulus package passing, people can expect to see a rise in stimulus check scams. When the government ends up mailing checks and/or prepaid debit cards, people can also expect to see a rise in prepaid card scams and physical mail theft.

To avoid any of these scams, consumers should make sure they have filed their taxes and have provided their direct deposit information to the IRS in their latest tax return. Consumers should also check to see if they are qualified to receive a coronavirus stimulus check, and for how much.

Finally, if consumers receive anything that does not seem correct or something they are not expecting, they should ignore it and go directly to the source to verify its legitimacy. There is a possibility it could be a stimulus check scam.

If people have questions regarding stimulus check scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor. For those that cannot access the website, they can call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will assist you as quickly as possible.


You might also like…

Due to the coronavirus, the stock market is making headlines right now, for all the wrong reasons. Scammers see it as the perfect time to prey on consumers with investment scams.

Who Is It Targeting: Small-time, first-time, and seasoned investors

What Is It: Various scams that target novice and seasoned investors

What Are They After: When the stock market makes headlines—whether good or bad—scammers are more prone to come after unsuspecting consumers and steal their money. Some investment scams may simply tell victims to invest heavily in a certain stock, while others will actively trick investors into handing over their personally identifiable information. With news of the coronavirus growing each day, this is also a time when spoofed emails—such as those that appear to come from a financial institution or brokerage—can lure someone in and steal their account access.

How Can You Avoid It:

  • Do not act on instinct or be driven by panic
  • Remember that the stock market is a long-term prospect, not a “get rich quick” scheme
  • Always seek out professional information before you respond or take action

If you think you may be a victim of identity theft or an investment scam, contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. You can also live chat with an expert advisor. Find more information about current scams and alerts here. For full details of this scam check out this article from TMJ4.com


Scammers have gotten creative as the COVID-19 pandemic has driven most people to spend their days in their homes – including creating phishing emails that attack both businesses and consumers. Fraudsters are currently taking advantage of the millions of people working from home. They may try representing themselves as the U.S. government, whether it be about a stimulus check, unemployment benefits, etc. Now, with the National Guard and other types of support being implemented in certain areas, the alarm is being sounded on scammers going door-to-door.

The National Guard is being deployed to assist with the Federal Emergency Management Agency work in some states. Some of the aspects of their duties include helping FEMA with gathering swabs and transporting them to certified labs for testing; delivering medical supplies as directed and creating medical stations. The National Guard says they have been activated for logistical support, and are not being deployed for enforcement. That means they will not be going door-to-door to implement any self-quarantines or shelter-in-place orders. If a “military personnel” comes to a person’s door posing as a National Guardsmen, the healthcare department or a healthcare professional regarding COVID-19, whether it is with a “test,” “cure” or regarding sheltering in place, it is likely a scam.

With that being the case, interactions someone may have with the National Guard would be at an identified FEMA drive-thru testing station or designated location for medical assistance. These two scenarios are examples of where you may be asked to provide personal information to the National Guard in reference to COVID-19 relief.

These types of door-to-door scams are not uncommon during a time of crisis. Scammers typically use them as an opportunity to pose as someone who can help people, but in reality, all they will do is hurt them.

If someone is going door-to-door posing as a utility worker, law enforcement, government agency or healthcare professional, ask for their identification before engaging in any conversation. Providing an ID card doesn’t always mean the person is legitimate because it is easy for a scammer to create what might look like an ID, dress up and act like someone else. If the person at the door is reluctant to show their ID or you have concerns about their legitimacy, close the door and call the organization that they are representing.

Also, if someone comes to a person’s door offering that if a fee is paid, they can provide faster service for aid, it is a scam. In fact, that is one of the go-to tactics scammers use to lure victims in. In the event that you are asked to provide personally identifiable information by someone on your doorstep, calling the organization that they are representing could prevent you from self-compromising sensitive information.

Finally, if someone is uncomfortable with anyone who comes to their door, they should call their local law enforcement. It is always better to be safe than sorry.

If people have questions regarding COVID-19 scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor. For those that cannot access the website, call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will assist you as quickly as possible.


Read the latest…

As the U.S. continues to struggle to meet the need for coronavirus testing, some scammers are beginning to call people and offer them free tests. Consumers should be on the lookout for these coronavirus testing robocalls.

Who Is It Targeting: Phone users

What Is It: Robocalls that steal personal information

What Are They After: While robocalls can be a nuisance, scammers have found a new way to make people pay attention and play along. Anything that makes headline news is increasing scammers’ ability to lure people in. While hospitals around the country struggle to get enough COVID-19 testing supplies, these coronavirus testing robocalls offer the recipient a free test in their area. However, in order to find out where the nearest test location may be, consumers have to hand over personal information.

How Can You Avoid It:

  • For the most accurate COVID-19 information and testing options, follow your local news outlets or the CDC’s website
  • Never give out all of your information or any form of payment to someone who contacts you
  • Never confirm your identity for a caller because they should know who they have called

If you think you may be a victim of identity theft or have received coronavirus testing robocalls, you can contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. You can also live chat with an expert advisor. Find more information about current scams and alerts here. For full details of this scam check out this article from CNN.com.


You might also like…