This couple fought $25,000 in fraudulent credit-card charges after falling prey to identity theft — then things got even worse

Lots of lessons learned and shared by some folks hit hard by identity theft. By not locking or at least monitoring all three credit reporting agencies you are inviting the same troubles this family experienced.

https://www.marketwatch.com/story/this-couple-fought-25000-in-fraudulent-credit-card-charges-after-falling-prey-to-identity-theft-then-things-got-worse-2019-08-23

‘One Ring’ robocall scam targeting New York and Arizona area codes, FCC warns

Don’t return that middle of the night phone call if your cellphone only rang once.

“The scam calls, also known as “Wangiri” — which is Japanese for “one ring and drop” — are an attempt to trick customers into phoning the number back. If you do, it can result in getting billed toll charges as though you called a 900 number.”

Source: ‘One Ring’ robocall scam targeting New York and Arizona area codes, FCC warns – New York Daily News

Information from Over 2 Million Credit Cards Stolen From Restaurant Chain and Sold on the Dark Web

It appears that the fruits of a major data breach are now for sale on the dark web.  If you have visited any of these restaurants, please consider changing your credit card number or at the very minimum monitor your statements carefully.

From the article:

“In an effort to inform the victims as well as to reassure them of their security, the company advised guests at Buca di Beppo, Mixology, Planet Hollywood, Tequila Taqueria, Chicken Guy, and Earl of Sandwich to review their card statements and to look out for suspicious transactions.”

Source: Information from Over 2 Million Credit Cards Stolen From Restaurant Chain and Sold on the Dark Web | Dark Web News

Amex, Netflix customers targeted in phishing campaign

Windows Defender Security Intelligence’s uncovered a phishing campaign targeting Netflix and American Express that attempt to steal payment card information.

 

From the article:

“The campaign was detected on the weekend of March 16 and is still active, according to the Windows Defender Security Intelligence Twitter feed.

In each case the phishing emails purport to be from the host company with the Netflix note telling the recipients their account is on hold due to a problem with their last payment. Attached is a form that the victim is told to download, fill out and return.”

Source: Amex, Netflix customers targeted in phishing campaign | SC Media

It’s Scary How Much Personal Data People Leave on Used Laptops and Phones, Researcher Finds

In a dusty plastic bin under my bed lies at least four laptops, six cellphones, and a half-dozen hard drives. I have no idea what’s on any of them. Most of these devices predate the cloud-storage era, and so likely contain solitary copies of photos, texts, and emails, among other confidential files (porn?) that I’d probably be horrified to learn had fallen into the hands of strangers.

Source: It’s Scary How Much Personal Data People Leave on Used Laptops and Phones, Researcher Finds

Undisclosed number of TurboTax accounts breached

Intuit the company behind tax preparation software TurboTax alerted users their accounts may have been accessed by an unauthorized party.

“Threat actors used usernames and password combinations obtained from a non-Intuit source after an undisclosed number of TurboTax accounts were breached in a credential stuffing attack.

Tax returns from the prior year, current tax returns in progress, names, social security numbers, addresses, dates of birth, driver’s license numbers and financial information such as salaries and deductions were compromised, according to the notification.

 

Read the full article here: Undisclosed number of TurboTax accounts breached | SC Media

Under Attack Again

Over the last few weeks my wife and I have been under attack by ID thieves trying to open credit cards in our names. This has happened on and off for several years, we believe due to a breach in the Texas Teacher’s Retirement System many years ago. This new round of attacks started right after the free Equifax credit monitoring period expired.

Fortunately our credit reports are frozen so no damage can be done. I cannot emphasize enough how important it is that you freeze your credit reports if you are not actively seeking credit. It’s easy, it’s free, and you can unfreeze them anytime you need to have a lender access them. It does not hurt your credit report. Here are the links and phone numbers to the major bureaus. Protect yourself today!

Equifax: Freeze Credit Report
https://www.equifax.com/personal/credit-report-services/ 1-800-685-1111 (NY residents 1-800-349-9960)

Experian: Freeze Credit Report
https://www.experian.com/…/preventing-fraud/security-freeze/
1-888-397-3742

TransUnion: Freeze Credit Report
https://www.transunion.com/credit-freeze
1-888-909-8872

Cybercriminals Are Using Airbnb & Uber to Launder Funds from Stolen Credit Cards

Notice some Airbnb or Uber charges on your credit card you don’t recognize?  Someone may have stolen your credentials and using these services to launder money.

“The way the money laundering is done is through the use of stolen credit cards. The scammers will look for Airbnb hosts who are willing to cooperate, and they will book through the host. Оnce the payment is made, the scammer won’t actually live in the place, and the host will send back a percentage of the profit.”

Source: Cybercriminals Are Using Airbnb & Uber to Launder Funds from Stolen Credit Cards | Dark Web News

Hackers wipe US servers of email provider VFEmail

Email is not as secure as you might think – just ask the customers of VFEmail.net

“Hackers have breached the severs of email provider VFEmail.net and wiped the data from all its US servers, destroying all US customers’ data in the process.

The attack took place yesterday, February 11, and was detected after the company’s site and webmail client went down without notice.”

Hackers did not ask for a ransom. VFEmail described the incident as “attack and destroy.”

Source: Hackers wipe US servers of email provider VFEmail | ZDNet