Your Equifax Download: What You Need to Know about the Equifax Hack

Teenage girl with hands on face victim of cyber bullying

Everyone knows a mosquito bite doesn’t really start itching until the damage has already been done, and the same goes for many kinds of identity-related crimes. With news of the recent Equifax breach continuing to surface, what do you need to know now to limit your exposure?

Equifax has estimated the hack impacts 143 million people, mostly in the United States. (That’s almost half the US population!) The thieves stole names, Social Security numbers, birth dates, addresses, and driver’s license numbers.

Each item of personally identifiable information (PII) is like an ingredient for a recipe. The more ingredients you have, the more recipes you can prepare. Similarly, the more pieces of PII exposed, the more kinds of fraud thieves can commit. If there were a fraud equivalent of The Joy of Cooking, thieves just got access to all the ingredients necessary to make every recipe in the book.

The Problem with Freezing Your Credit Report

The New York Times reported still more bad news in the wake of the Equifax announcement.

The credit freeze service the credit bureau offered (originally offered for a fee until it finally decided to provide it for free for 30 days) generated PINs that were based on the time and date the PIN was created. These PINs are required to release the freeze whenever you need to grant access to your credit files in connection with a loan, an apartment rental, or a job application (where permitted by law). Unfortunately, they’re laughably easy for a hacker to guess before then.

The bigger problem is that a freeze needs to be in place at all three reporting agencies in order to be effective. As credit expert John Ulzheimer told the New York Times, putting a freeze on your credit with only one reporting agency is “like locking one of three doors in your house and leaving the other two unlocked. You’re hoping the thief stumbles on the locked door.”

Types of Fraud to Be Aware Of

The hackers also made off with 209,000 credit card numbers and 182,000 credit dispute documents containing personally identifying information.

In August, there was a spike in credit card fraud, according to the New York Post. It seemed odd to security experts at first, since credit card fraud typically increases around the holidays. The Equifax news seems to provide an explanation for the statistical oddity. “We saw a 15% increase in the overall fraud attempts in our system in August, which is an unusual time of year to see such a spike,” said Liron Damri, cofounder of Forter, a fraud-prevention service for online retailers.

But the threat goes way beyond maxed-out credit cards, fraudulent credit applications, and tax-refund fraud. With Department of Motor Vehicle information also in play, the risks are elevated. A fake ID made out in your name could cause you to get arrested for an outstanding warrant. In the realm of identity-related fraud products, a fake driver’s license is a luxury item for sure, but it’s still one that could hurt you if a scammer provides your information on a fake license the next time they’re pulled over for speeding or collared for a crime.

And then there’s the serious risk of medical-identity fraud. Consumers could see delays in prescription fulfillment because of fraudsters using their health care information. Worse, consumers may not be covered for health care expenses until they are able to prove they are who they claim to be using the same information that the crooks used—a frustrating and often complicated process.

Legal Remedies 

One can only assume there will be lawsuits galore. In fact, one enterprising person has already automated the process. A robot lawyer is on the case, allowing consumers to automatically file a claim against Equifax in small claims court.

According to the Verge, consumers are still able to join class action suits while pursuing a small claims court remedy.

“Even if you want to be part of the class action lawsuit against Equifax,” the Verge reported, “you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee.”

Protecting Yourself Now

To say that the Equifax PIN assignment process was incompetent is an understatement. Nevertheless, it is a teachable moment. While it’s okay to hope that your services and vendors will do things right, you need to stay vigilant. And this should go without saying: if you can change privacy and authentication settings on a product or service, do it. If that’s not possible, perhaps you should consider finding a new vendor or service.

The easiest way to protect yourself, in my opinion, is by using a system called the “Three Ms.” The Three Ms is the centerpiece of my book, Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves, and the approach continues to be the best way to keep your personally identifiable information from being used in identity-related crimes.

And they are simple: 

  1. Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t oversshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and freeze your credit.
  2. Monitor your accounts. Check your credit report religiously, keep track of your credit score, and review major accounts daily if possible. (You can check your credit report for free at Credit.com.) If you prefer a more laid-back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or purchase a sophisticated credit- and identity-monitoring program,
  3. Manage the damage. Make sure you get on top of any incursion into your identity quickly, and enroll in a program where professionals help you navigate and resolve identity compromises—oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions, and HR departments.

Your Chances of “Getting Got”

Scammers pay around $30 per complete ID dossier on the black market. With 143 million packets available through the Equifax breach, that’s more than 4 billion dollars’ worth of information. Though it may not seem so at first glance, this could actually be good news for you: your chances of “getting got” decrease with an increase in available targets.

Odds aside, though, Equifax is not the first, nor will it be the last, breach of note. Being prepared and alert is still the best remedy, because breaches have become the third certainty in life—right behind death and taxes.

A final tip: check with your insurance company, financial services institution, or employer. You may already have access to identity protection and resolution services, which is your best bet when it comes time to navigate the identity theft quagmire.

Image: AIMSTOCK

The post Your Equifax Download: What You Need to Know about the Equifax Hack appeared first on Credit.com.

Can Your Adopted Pet Expose You to Fraud?

Unfortunately, pet ownership can also make you a target for phishers, scammers and identity thieves.

Pet ownership has definite upsides. You get companionship and exercise and the satisfaction of doing a good deed. Plus, people who own pets live longer. Unfortunately, pet ownership can also make you a target for phishers, scammers and identity thieves.

The Vector du Jour

With 65% of U.S. households including pets (and an estimated $60 billion in spending on them), pet owners represent persons of interest for scammers.

The focus here is on a nearly universal practice: microchipping.

When a pet is adopted, it almost always comes with a microchip implanted at the back of the neck between its shoulder blades (or on the left side of the neck among European rescues). The chip is the size of a grain of rice, and it includes a 10-digit number that has been registered to the adopter. With more than 94% of dogs coming by way of either rescue and/or adoption according to the Humane Society, this is a fertile field for fraud .

These microchips can aid in the return of a lost animal, but are far from a perfect solution. In fact, a study published in 2012 by the American Society for the Prevention of Cruelty Toward Animals found that after searching the neighborhood and having the pet return on its own, microchips were the most common way pet owners were reunited with their owners. In a study published by the Journal of the AVMA, research revealed that only 22 percent of lost dogs entering shelters were returned to their families. That percentage rose to more than 52 percent when a dog was microchipped.

So there is an argument for microchipping. Because there is no unified database for these microchips, a found pet may be on any number of registries, which is good news from the standpoint of crime prevention, because scam artists can’t just pet-nap an animal, scan it, and contact the owner to collect a ransom. (That said, this scenario is theoretically possible. A universal microchip reader can be purchased by anyone.)

Public-Facing Data Is Risky

Many microchipping companies recommend that you provide your mobile phone number. It makes sense on the pet recovery side of things, but none at all on the protecting yourself from scams side—mobile numbers are fast becoming our new Social Security numbers.

The basic mechanism of the scam is simple, and you should be wary of it. You will either get an email (which you provided information to the registry) or a text (to the mobile number you provided), and it will include your pet’s name and some issue that needs your attention. Maybe your dog license is expired. It could be anything. The point is that with your personal information out there in a public-facing database, you’re ripe for the picking. It’s a scam waiting to happen, and you have provided the means of your own victimization by doing the right thing by your pet.

If you have replied to one of these messages, it’s a good idea to check your credit for any changes, because you may have been communicating with a scammer. (You can check two of your scores for free on Credit.com.)

Whenever you get an unexpected message, however you get it, you are in danger of getting got. A basic rule of thumb: distrust AND verify. Provide no information until you’re sure who’s asking for it.

What You Can Do

You can see if your information is public by searching for your phone number. You should also search your home and email addresses. Your goal for the best possible data hygiene would be that none of that information yields your name on a search engine.

If you find your information is out there (and not just in connection with a pet), call the company that provides the information online and ask for it to be hidden from the public. While this may slow the process of getting your pet back should it go missing, you will still be reunited, while not exposing your data to anyone who plugs random 10-digit numbers into a pet microchip registry.

Image: fcscafeine

The post Can Your Adopted Pet Expose You to Fraud? appeared first on Credit.com.

CFPB Sues Firm for Allegedly Scamming 9/11 First Responders

RD Legal, a settlement advancement company, has been accused of pushing expensive products on NFL concussion victims, as well.

A firm accused of scamming 9/11 first responders and former NFL players into giving them large chunks of their compensation funds via costly advance payment deals has been sued by federal and state authorities.

RD Legal Funding, based in Cresskill, New Jersey, was sued by the Consumer Financial Protection Bureau and the New York State Attorney General’s office, the agencies announced Tuesday. The firm is accused of persuading victims who were awaiting payouts to accept advance payments from RD Legal, then pay large fees when their settlement payments arrived.

In one case the CFPB says was typical, a first-responder victim paid $33,000 for an $18,000 advance on a $65,000 payout from the Zadroga Fund, set up by Congress to compensate 9/11 first responders dealing with high medical costs.

RD Legal also is accused of targeting former NFL players diagnosed with neurodegenerative diseases and thus entitled to payments from a class action lawsuit settlement, the CFPB said.

“It is unconscionable that RD Legal scammed 9/11 heroes and NFL concussion victims out of millions of dollars,” said CFPB Director Richard Cordray, in a press release announcing the action. “We allege that this company and its owner lined their pockets with funds intended to cover medical care and other critical expenses for people who are sick and sidelined. Our lawsuit seeks to end this illegal scheme and get money back to those entitled to receive it.”

RD Legal also is accused of telling consumers they would speed up the payout process by cutting through red tape when the firm had no ability to do so. RD Legal also allegedly failed to provide advances to consumers for months after they were promised.

“The allegations contained in that lawsuit and accompanying press statements are outrageous and without merit,” said David K. Willingham, counsel for RD Legal, in an emailed statement. “Indeed, in January 2017, RDLF was forced to take action and sued both the CFPB and NYAG for engaging in an inappropriate overreach of their legal authority and failing to engage with RDLF on basic legal issues surrounding its contracts for the purchase and sale of the legal receivables at issue in both lawsuits. The claims made today by the CFPB and NYAG misunderstand and falsely characterize clear documents with those parties as “loans,” and falsely state that RDLF is ‘scamming’ the affected parties when it did nothing more than provide immediate liquidity – in the form of an arm’s length transaction – to people who voluntarily sought the benefits of early funding.”

Alleged Actions ‘Simply Shameful’

“The alleged actions by RD Legal — scamming 9/11 heroes and former NFL players struggling with severe injuries—are simply shameful,” said New York Attorney General Eric Schneiderman, in the same press release issued by the CFPB. “RD Legal used deceptive tactics to charge unlawfully high interest rates for advances on settlement and compensation funds, allowing them to profit off the backs of these unsuspecting individuals.”

The “funding fee,” in industry language,  can often be around 100%, as it was in the examples cited above by the CFPB.

This is not the first time RD Legal has caught the attention of federal authorities. Last year, it was sued by the Securities and Exchange Commission for allegedly defrauding investors who had bought into its hedge fund, designed to raise money to make such advance payouts. RD Legal denies those accusations.

The American Legal Finance Association, a trade association that represents consumer legal funding companies, says these payouts should not be regulated as loans because they are “non-recourse transactions,” meaning there is no collateral, and there’s no guarantee that the advance will be repaid.

“Consumer legal funding is used by victims of accidents who are struggling to make ends meet while they wait for a resolution in their case who have typically exhausted other financial options and often do not have access to traditional forms of credit,” the organization says on its website. “Legal funding fills a void in the financial products arena.”

But consumer advocates say it’s critical that federal authorities regulate bank-like activities from non-bank entities.

“Gone are the days when the financial services industry was dominated by hometown banks that served customers well and gave their kids a lollipop. Today, nonbank financial companies offer products to millions of consumers,” said Rohit Chopra, senior fellow at the Consumer Federation of America, in a statement reacting to Tuesday’s lawsuit. “Americans need a strong consumer agency to restore law and order to the financial services industry. This oversight isn’t just a win for consumers, it’s a win for every lender who shouldn’t have to compete against fraudsters.”

Image: kali9

The post CFPB Sues Firm for Allegedly Scamming 9/11 First Responders appeared first on Credit.com.

Trulioo Review: The Global Identity Verification Company Helping Businesses Fight Fraud

Fraud prevention button, concept about cybersecurity and credit card protection

Having the proper level of online security in place to guard against fraud is something your customers expect of you. In the digital space, trust and security are very important to your customers, but it’s also important for you to verify customers’ identity to keep your business safe.

Trulioo is a global identification verification company that provides advanced identification verification analytics and helps businesses prevent the risk of fraud and comply with cross-border anti-money laundering (AML) and know your customer (KYC) rules.

Trulioo’s service offers comprehensive identity intelligence data from more than 100 trusted sources all over the world, and the company has the ability to verify over 4 billion people in more than 60 countries.

In this review, we’ll go over the features of Trulioo’s solutions, along with how their service works and how it stacks up against other identity verification companies in the industry.

Overview of Trulioo’s Service

Trulioo’s main goal is to help their clients build a framework of trust and security online. They focus on trust, privacy, and inclusion. There are three main solutions Trulioo provides, which are highlighted below.

Identity Verification – Trulioo’s identity verification solution is called GlobalGateway, an international electronic identity verification product designed to meet anti-money laundering (AML) and know your customer (KYC) rules and compliance requirements. GlobalGateway minimizes the risk of online fraud with its identity and age verification features, and it has flexible integration options.

Data Exchange – Trulioo’s Data Exchange solution allows their customers to safely select data partners and clients who are interested in providing access to consumer data for electronic identification verification (eIDV).

Customers can search through the database to see which potential partners are verified or not verified and earn new revenue by monetizing their data through hundreds of global customers.

AML Watchlist Services – The AML (anti-money laundering) watchlist is a list of individuals who are suspected (or convicted) of various financial crimes and restricted from doing business in certain countries. These lists originate from government sources, international regulators, and law enforcement agencies.

Trulioo’s comprehensive global AML watchlist allows financial service providers and financial institutions to meet compliance rules with real-time watchlist checks against known or suspected entities and individuals that are associated with risky activities like money laundering, terrorism, financial fraud, arms proliferation, drug trafficking, or politically exposed persons (PEPs).

How Trulioo Works

Trulioo uses quality sources, including government, credit, utility, and telco, to fuel the data for their solutions. They work with leading data source providers to ensure the integrity of their service.

Companies interested in trying out Trulioo’s solutions can request a demo at any time. There are two main ways to use Trulioo’s service.

Online Portal – Trulioo has an online portal for their GlobalGateway product that allows customers to easily verify people from the customer’s own web browser. The portal provides instant identity and address verification in more than 60 countries, and customers can access information from up to 200 data sources around the world.

The portal also provides automated watchlist checking and won’t take up any space on your computer since there is no software to be installed.

Open APIs – An API, or application program interface, is a set of routines, protocols, and tools for building a software application. This allows Trulioo customers to implement the GlobalGateway platform into their own online environment.

How Much Trulioo Costs

Trulioo offers free 7-day trials for their services with limited access so customers can give their software a try before committing to making a purchase. They also allow you to book a demo directly from their website.

There are three levels of pricing for the GlobalGateway product:

National – $19 per month

International – $79 per month

Enterprise – Contact Trulioo for pricing

Transparency Levels

Trulioo openly shares a lot of information about their products right on their website, including their prices, with the exception of their enterprise level monthly subscription. In-depth brochures, product videos, reference papers, and more can also be easily accessed from their website.

They invite companies to reach out to them with questions, comments, or concerns and have support teams available 24/7 in many countries.

For additional information, Trulioo has a helpful FAQ page with information about their products, how they collect data, and more.

Alternative Identity Verification Services

Identity verification services like Trulioo create a safe and secure environment for businesses and their customers. Here are two other companies that offer similar solutions and products to Trulioo.

Jumio

Jumio offers digital identity verification services to businesses so they can complete transactions safely and securely. They service a wide variety of industries, including finance, retail, travel, and gaming, and authenticate identification credentials issued by more than 130 countries.

Veridu

Veridu provides identity verification solutions to prevent fraud and solve all issues faced by e-commerce companies like verified onboarding, verified transactions, and verified activity. Veridu has free demos available on their site so potential users can test their services and view what it looks like from a customer’s perspective.

Final Word

Trulioo offers a comprehensive identification service that solves online identity verification challenges and fraud risks that businesses face. Trulioo uses real and reliable data sources, and their GlobalGateway product is easy to implement.

 

Unlike other identification verification companies, Trulioo openly offers a free trial on their site along with pricing information for their services so potential customers can test out their product and obtain a realistic idea of how it will fit into their budget.

The post Trulioo Review: The Global Identity Verification Company Helping Businesses Fight Fraud appeared first on MagnifyMoney.

7 FinTech Startups Helping Businesses Fight Fraud

fraud identity theft hacker

Whether it’s a small shop or a multinational company, businesses must constantly have their guard up to protect against fraud. Installing security cameras, verifying dollar bills aren’t counterfeit, and hiring a security guard to prevent shoplifting can all help with physical fraud. But as commerce and banking continue to go online, digital security is critically important as well.

LexisNexis’ 2016 True Cost of Fraud study focuses on U.S. merchants. The study reveals businesses reported an increase in the cost of fraud as a percentage of annual revenue for the third year in a row.

On average, companies have dealt with nearly 650 fraudulent purchase attempts each month, and over 200 of those are successful. Increasingly, fraudulent purchases are coming from remote channels, either from mobile devices or other online methods.

Combating in-person, online, and mobile-transaction fraud can be an exhausting process, and several financial technology (FinTech) companies are working to help businesses outsmart thieves and win the fight.

1. Feedzai

freedzaiFeedzai uses machine learning and big-data analysis to help companies prevent fraud while managing payment processing, opening new customers accounts, underwriting merchant accounts, securing marketplaces, and validating customers.

Feedzai claims its Fraud Prevention That Learns technology, which bases its decisions on historical and real-time behavioral profiling, can detect fraud up to 10 days earlier than the competition, and identify 61% more fraud with lower false alarms.

2. IdentityMind Global

identitymindIdentityMind Global has a platform that payment service providers, online merchants, and financial institutions can use to identify and prevent fraudulent purchases, botnets, phishing attempts, account takeovers, and other types of attacks in real time.

The platform also offers anti-money laundering (AML), know your customer (KYC), and other risk management services to companies, including Bitcoin exchanges and internet lenders.

3. InAuth

inauthInAuth is a risk management and fraud-detection and -prevention platform for the banking, payments, health care, e-commerce, and mobile commerce industries. Large companies can also use it to secure and identify employees’ devices and information.

InAuth’s InExchange service allows businesses from different industries to share positive and negative information about devices, helping companies determine whether or not the device has been linked to fraudulent activity in the past. InAuth also works to identify when devices are infected with malware or crimeware, and whether or not it’s a rooted or jailbroken device, potential signs of fraudulent use.

4. Jumio

jumioAvailable for merchants in the retail, travel, gaming, finance, telecom, and sharing economy industries, Jumio offers digital identification verification, mobile checkout, and form-filling software. Two of its three products can help prevent fraud.

Netverify helps authenticate potential customers by letting them take a picture of their photo ID and use their phone or computer to scan their face. The software verifies that the person matches the photo in the ID. BAM Checkout lets customers make mobile purchases by taking pictures of their credit or debit card and driver’s license. The software compares the names on the ID and card, and can help prevent fraud while creating an easy checkout process for customers. Jumio also has a third service, Fastfill, which allows customers to quickly fill in their information by snapping a picture of an ID card.

While Jumio filed chapter 11 bankruptcy in March 2016 due to some reported financial irregularities within the company, Jumio’s assets were acquired by Centana Growth Partners. Under this new umbrella, Jumio does seem to have steadied itself and raised an additional $15 million from Centana in August 2016.

5. iovation

iovationiovation delivers device-based fraud prevention and authentication services to help prevent mobile and online fraud. The service automatically collects information about a device. This information is used to visit a company’s site and decide whether or not they should allow, deny, or conduct a manual review of a transaction. For example, iovation may notice a device was used to make over $1,200 of purchases in the previous 12 hours, check to see if a phone number is connected to more than three devices, and see if this purchase is coming from a high-risk location.

Using iovation’s fraud prevention service, companies can require suspicious users to go through additional identification protocol or prevent a transaction outright. They can also use iovationScore, a predictive risk score, to help them identify good and bad customers. As a result, they make a checkout experience smoother for good customers, by letting them skip a security check, for example. The scoring system uses real-time machine learning to monitor billions of transactions globally and increase its predictive capabilities.

6. BioCatch

biocatchBioCatch has created cloud-based technology that builds user profiles based on over 500 cognitive parameters, including behavioral patterns. By learning what it looks like when fraudsters create accounts, purchase products, or browse websites, BioCatch can help detect and stop future potential frauds. BioCatch can also help detect when someone takes over a legitimate account by comparing a user’s normal behaviors, including typing speed or cursor movement, to behaviors during the fraudulent session.

7. Trulioo

truliooCanadian startup, Trulioo, uses data from over 140 sources to collect and share information on over 3 billion people, making it one of the largest consumer data companies in the world. E-commerce stores can use Trulioo to verify new customers, reducing the risk of fraudulent purchases and subsequent chargebacks. Financial institutions can use Trulioo’s data to help them meet AML and KYC identity verification requirements.

The post 7 FinTech Startups Helping Businesses Fight Fraud appeared first on MagnifyMoney.

Scam Alert: Those Campaign Calls May Be a Trick

election_phone_scam

As Hillary Clinton and Donald Trump ramp up their campaigning efforts in the last weeks of this year’s presidential election, robocalls have increased significantly. And not just the legitimate ones. Scammers also have upped their efforts in hopes of gaming the politically fervent and gullible.

A recent review of political robocalls tied to the 2016 presidential election found that legitimate calls from the Trump and Clinton campaigns have increased by 64% since the beginning of the year, jumping 20% from July to September. At the same time, political scam calls have increased nearly 10 times that amount, up 614% since the beginning of the year.

These findings by Hiya, a company providing caller ID products and services, also showed that total Trump campaign calls to potential voters outpaced Clinton by 388%. The majority of legitimate calls from both campaigns originated from phone numbers in the Washington, D.C., and New York metro areas. Scam calls for Trump and Clinton, however, originated primarily from the following area codes.

  • 213 (Los Angeles)
  • 803 (Columbia, South Carolina)
  • 312 (Chicago)
  • 281 (Houston)
  • 212 (New York)

However, the review found that legitimate calls for the candidates originated in the following areas.

Top 5 Clinton Area Codes (where calls originate)

  • 202 (Washington, D.C.)
  • 646 (New York)
  • 215 (Philadelphia)
  • 315 (Syracuse, New York)
  • 561 (Palm Beach County, Florida)

Top 5 Trump Area Codes (where calls originate)

  • 202 (Washington, D.C.)
  • 646 (New York)
  • 315 (Syracuse, New York)
  • 585 (Rochester, New York)
  • 310 (Los Angeles)

According to Hiya’s research, which was conducted online by Harris Poll from Sept. 28-30 among 2,007 adults, most of the scam calls fall into the following three categories.

1. Re-register or Voter Verification
In an attempt to gain access to personal information such as emails, addresses and Social Security numbers, scammers pretend to re-register voters or verify their voter registration information.

2. Campaign Donations
While political campaigns can and will legally seek donations by phone, you may not want to donate directly over the phone without doing your due diligence to confirm the organization.

3. Election Surveys
Offering incentives such as free cruises, trips or gift cards, scammers ask voters to answer survey questions on behalf of a political party before asking for credit card information to cover the cost of shipping, taxes or handling of the “prize.”

What to Do If You’ve Been Scammed

If you think you may have been a victim of a scam, you can minimize the damage by monitoring your credit for signs of fraud.

Remember, an identity thief may take over your bank account and drain your balance, charge a credit card up to the limit, take over your utility or mobile phone account, and apply for credit and loan accounts in your name, sticking you with the bills and a damaged credit history to clean up. An identity thief could also apply for health insurance, jobs and tax refunds and even commit other crimes while impersonating you.

That’s why watching your accounts for unauthorized transactions, unfamiliar entries on your credit report and sudden changes in credit scores are so important. These are all signs of potential fraud and you’d be wise to address them immediately.

You can start monitoring your credit scores for free today through Credit.com’s free credit report summary, updated every 14 days.

Image: Martin Dimitrov

The post Scam Alert: Those Campaign Calls May Be a Trick appeared first on Credit.com.

Want to Help Hurricane Matthew Victims? Watch Out for Charity Scams

charity-scams-surrounding-hurricane-matthew

Hurricane Matthew is making headlines, as many Americans prepare for the heavy winds and flooding that could potentially come with the storm as it heads toward the coast.

When these storms roll in, it’s common for people to set up crowdfunding sites to help those in need. While many of these sites are legitimate, it’s important to remember that they aren’t typically vetted by reputable authorities, so they can be set up by anyone — including those who want to scam you. (We saw this type of thing happen after several other natural disasters, including Hurricane Katrina.)

“After every natural disaster, people become so generous and want to help,” H. Art Taylor, president and CEO of Better Business Bureau (BBB) Wise Giving Alliance, said in an email.

If you’re considering donating to help those who felt the effects of Hurricane Matthew, the BBB encourages you to be smart and thoughtful about how you give and offers several ways to do so. For example, if you’re giving funds online, make sure you’re careful about the links you click and where you enter personal information.

You’ll want to verify that the site is in fact what you believe it is (as scammers often create a misspelled version of a site to confuse those who may mistype their intentions) and also that it is secure (look for https in the URL). It’s also a good idea to go directly to a charity website by typing it in yourself, instead of via a link that came in an email.

According to the BBB, there are some things to think about when considering donating to a storm relief charity.

  • Nearby Groups: Consider charities that have people in the areas that were affected by the storm who can actually help those who are experiencing the aftermath, as they’ll be able to help more quickly.
  • Be Wary of Claims That 100% of Donations Go to Victims: For the most part, charities have fundraising and administrative costs, so claiming they won’t take a portion is not providing you with full transparency. (Remember: Even using a credit card comes with a fee, so if you’re paying with plastic, the charity will have to cover that fee or may offer the option to build your transaction fee into your donation.)
  • Avoid Pressure: Reputable charities are not known for pressuring people into giving money, so if this is your experience, you may be dealing with a scammer.
  • Giving Items Instead of Money: Donating food, water, clothing or some other item, while done so with the best intentions, may not always deliver the best results. Before doing so, check with the charity to find out its distribution plans and, as the BBB advises, “be wary of those who are not experienced in disaster relief assistance.”

The BBB also mentioned people should be aware of “storm chaser” scammers — those who come in after storm damage and offer “deals” to help people with repairs. It’s a good idea to do your research and verify legitimacy before hiring anyone.

If you do have to pay for repairs after the storm subsides, and you do so on a credit card, make sure you don’t charge more than you can afford, as credit card debt can be almost as damaging as the storm. You can see how any credit card debt you carry is affecting your credit by viewing a free credit report summary, updated every 14 days, on Credit.com.

Image: LTopDesign

The post Want to Help Hurricane Matthew Victims? Watch Out for Charity Scams appeared first on Credit.com.

How the Wells Fargo Scandal Could Impact Your Credit Score

Wells Fargo Bank

Since 2011, roughly 2.1 million accounts were opened by Wells Fargo Bank for existing bank customers who didn’t actually intend to apply for them on their own. While some legislators are calling for the company’s CEO John Stumpf to resign, the damage for many Wells Fargo customers impacted by the fraud has already been done. In some cases, customers have seen their credit scores damaged.

If you’re a Wells Fargo customer, you probably have just one question:

What should I do if I’m one of the bank’s customers who ended up with accounts for which I never applied and what’s best for my credit scores?

 

We’ve got you covered.

The fake accounts opened by Wells Fargo employees fell into four separate buckets of account types, according to the Consumer Financial Protection Bureau. Three of those four account types could result in some sort of credit score reduction: Deposit accounts (checking, saving); Credit card accounts; debit card accounts.

Credit Card Accounts

According to the CFPB, Wells Fargo submitted roughly 565,443 credit card applications that “may not have been authorized.” The application likely resulted in a credit report being pulled and a credit inquiry occurring, which as I explained above can cause a score to go down, albeit a minor decrease and in some cases has long since been removed. The more meaningful issue regarding credit cards is what to do with the open credit card account that is almost guaranteed to be on your three credit reports.

The impact of the credit card account can fall into one of three categories as it pertains to your credit scores; positive, negative or neutral.

Positive impact: If the account has no balance and a large credit limit then it’s very likely helping your credit scores because of the positive influence it’s having on your credit card balance-to-limit ratios. If this is the case then leaving the account open, assuming you actually don’t mind having it, may be the best course of action especially if you’re about to go out and apply for some sort of credit and need the best credit scores possible.

Negative impact: If the credit card account is relatively new then it may be lowering your scores because it is lowering the average age of the accounts on your reports. Closing the account isn’t going to change that because closed accounts still have a “date opened” and a young closed account is considered the same way that a young but open account is considered. If this is causing too much of a score problem then asking that it be removed may be your best bet. The deletion will back out any impact on your scores.

Neutral impact: If the credit card is unremarkable then it is likely not having any measurable impact on your credit scores. So, no huge credit limit helping your balance-to-limit ratios and the age of the account isn’t helping or hurting your scores.

In that case you can either live with the account and leave it open or you can close it or perhaps even ask that it be removed.

Deposit Accounts and Debit Card Accounts

According to the CFPB Wells Fargo opened roughly 1.53 million deposit accounts and an undisclosed number of debit card accounts that may not have been authorized by the customer. Deposit accounts generally include checking, savings and money market accounts…any place where you can make a deposit. Deposit accounts and debit cards are never ever reported to the credit reporting agencies so if one was opened in your name it’s not on your credit reports.

However, if the bank pulled a credit report prior to opening the deposit account or issuing the debit card (not unheard of) then there could be a credit inquiry on your report that you didn’t instigate. If that happened then there’s a chance your credit score went down as a result. Having said that, the inquiry would fall into one of these 3 categories and would be considered accordingly…

  • If the inquiry is over 24 months old then it has already been deleted by the credit bureau/s and is no longer being considered by any credit scoring systems.
  • If it is between 12-23 months old then it is still on your credit report/s, but is not being considered by any credit scoring systems.
  • If it is under 12 months old then it is being seen and could result in a lower credit score on that one credit report. If possible, I’d ask that any unauthorized inquiries be removed because they have no redeeming value. Point being, inquiries never help your scores.

While it was not mentioned in the CFPB’s Consent Order, in many scenarios overdraft protection on checking accounts is reported to the credit reporting agencies as an unused installment loan, normally with a line of no more than a few hundred dollars.

If that did, in fact, occur with these Wells Fargo checking accounts then the installment loan could result in a lower score but only if that loan is significantly lowering the average age of the accounts on your credit reports. The age of your credit history factors into your credit score. If it’s too low, it could drag your score down.

The post How the Wells Fargo Scandal Could Impact Your Credit Score appeared first on MagnifyMoney.

5 Ways to Avoid ATM Fraud

ATM

You’ve probably heard of ATM fraud, and you may even know that it’s on the rise, but did you know that, according to FICO, ATM compromises in the US jumped six-fold in 2015?

We don’t know about you, but that number has us worried.

While there’s not much you can do to completely free yourself from the risk of ATM fraud (other than never use one, of course), there are a couple things you can do to make sure you’re doing everything you can to avoid it.

Here are a couple tips to keep in mind for your next trip to the bank that might help keep you from becoming a statistic.

Tip 1: Go inside

If you need to visit an actual bank branch to get money out of your account anyway, why not head inside and withdraw the money from an actual teller instead of using the machine (or at least use an ATM that’s located inside the branch, rather than ones easily accessible to scammers on the street)? It might take you a couple extra minutes, but you can rest assured no one is stealing your account digits from the machine.

Tip 2: Cover your hand when inputting your pin

If you must use an ATM, be sure to use one that’s at your actual branch, and cover your hand completely when inputting your PIN number in case scammers are using videos to capture your movements. It doesn’t hurt to take a look around the ATM before using it, also, in case any cameras or monitors are within site, although usually they won’t be. Also try removing enough money to hold you over for a while, rather than just a day or so, to cut down on the number of times that you have to use an ATM, in general.

Tip 3: Check your card transactions frequently

While it doesn’t necessarily need to be every morning (although it only takes about a minute, so why not?), it’s a good idea to check in frequently with your checking account to make sure everything looks accurate and to report immediately any fishy activity. The sooner you can trace fraudulent behavior the better, and you’ll be more likely to remember exactly which ATM you retrieved money from the day before rather than a week or two later, as well.

Tip 4: Sign up for account alert technology

If your bank offers them, be sure to sign up for any account alerts that are available. Often this means you’ll receive emails or texts when money is withdrawn over a certain amount or from an account that is rarely used, etc. If it was you doing the withdrawing, great, and if not, you can alert your bank immediately to the fishy activity.

Tip 5: Keep all your information up to date

Signing up for alerts is one thing, but it will be hard for the bank to contact you if you’ve moved or changed your phone number or email address and not updated your information at your bank. Be sure to check with your account every couple months to make sure all your contact details are up to date.

While we’re on the subject, you might want to check out this piece about seven reasons why your debit card makes you a target for fraud, too.

The post 5 Ways to Avoid ATM Fraud appeared first on MagnifyMoney.

Identity Theft Is Dead! Long Live Identity Theft!

Incidents of identity theft held fairly steady last year, according to a new report by Javelin Strategy and Research. It would seem with time-honored methods of ripping people off going the way of Bonnie and Clyde, fraudsters — ever sophisticated, creative and persistent — scrambled to find new ways to increase revenues in 2015. Of course, they did. They always do.

If I could drive one point home after reading the latest Javelin report, “2016 Identity Theft: Fraud Hits an Inflection Point,” published this week, it would be that identity theft continues to be a blight on the lives of millions of Americans.

Now say it with me: “It’s just a matter of time.”

The cardinal rule of the identity theft quagmire is simply that, sooner or later, every last one of us will get got. No exceptions.

Regardless of statistics suggesting a plateau in the number of identity-related crimes, there is still nowhere to run or hide from the scammers, phishers and identity thieves who view us as their day job. Think of the war on identity theft (or the unending assaults upon us by identity thieves) as being a never-ending round of whack-a-mole. Contain it here; it pops up over there. According to the report, “the total number of victims remained steady at 13.1 million, and the total fraud amount fell slightly to $15 billion. However, that stability masks major changes in fraud in the U.S.”

The total number of victims last year was at its second highest level in the last six years. Since we’re in the middle of an identity theft pandemic, second place should still be worrisome. While identity theft is a fact of life—I would argue the third certainty right up there with death and taxes—it is imperative that none of us be lulled into a false sense of security in what might be mistaken for a “new normal.” Only in movies like the Resident Evil series does mayhem and villainy predicate all aspects of reality. We’re still in the here and now of a vicious crime trend, and it’s nothing we can’t handle.

What Me Worry?

One of the reasons it is imperative to stay on the alert is the way identity theft is evolving. The latest statistics reveal new twists in the evolution of this now-entrenched crime wave. While on the surface, there’s the good (well, not really that good) news — there were roughly as many victims in 2015 as the year before, and they stole a tad less — there is way more to the story. The area of concern is a 113 percent increase in new account fraud and a big jump in card-not-present transaction fraud.

With the introduction of EMV, or chip and PIN (or — in America — chip and signature) technology, it has become harder for fraudsters to counterfeit cards. The criminal response to this seems to be a shift to the creation of new accounts using Social Security numbers and other personal information readily available online — data that sometimes comes via the social media posts of millions of Americans who over-share information that fraudsters can use to create a new account, but more often comes via black market websites that sell information lost in data breaches.

Another Important Finding

The Javelin study also found that distrust of financial institutions, specifically a failure to take advantage of services like transaction monitoring, email alerts, credit freezes and black-market monitoring creates new challenges. As a result, information is being “used for 75 percent longer by fraudsters and incurring a 185 percent greater mean consumer expense than those victims that have high trust in their financial institutions.”

These two changes need to be addressed, specifically in the way you manage your identity portfolio — keeping it safe from evil-doers.

In my book Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves, I provide a practical approach to the reality of identity theft. It’s called the Three Ms, which are: 1.) Minimize your risk of exposure, 2.) Monitor your accounts and 3.) Manage the damage.

The goal (indeed the imperative) is to reduce your attackable surface and make yourself a harder target. When the inevitable happens, you need to know you have a problem as quickly as possible and what to do or to whom to go to in order to put yourself back together again. Keeping an eye on your credit reports and scores are two ways to monitor your identity. You can check your credit reports for signs of identity theft (i.e. new accounts you didn’t open) for free once a year on AnnualCreditReport.com. You can track your credit scores for free every month on Credit.com.

That said, when it comes to new account fraud, you can’t simply rely on an annual free credit report and self-help. You should really seek help from a professional — oftentimes it is available for free as a perk of your relationship with a financial services institution or your insurance company.

At the very minimum, if you know your information has been involved in a data breach, regardless of the solution presented by the breached organization (for which you should sign up because it’s free and more monitoring is better than no monitoring) it’s probably a good idea you freeze your credit and become far more sensitive to notices you receive, calls you field or e-mails that ask you to click on a link or provide any information.

Penny-wise and pound foolish doesn’t even begin to describe how you will feel if you trust fate over institutions, because the day will come when a debt collector calls looking for money you never spent, and all the Monday morning quarterbacking in the world won’t settle those accounts.

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

More on Credit Cards:

Image: iStock

The post Identity Theft Is Dead! Long Live Identity Theft! appeared first on Credit.com.