Here’s a line from a newscast last week that maybe you heard before. “There’s been a massive data breach that’s compromised sensitive information for millions of people.” This time it was Capital One, a bank holding company specializing in credit cards and auto loans, the 10th-largest bank in the US. They reported 106 million accounts in the US and Canada, mostly credit applications, accessed earlier in 2019. I remember Capital One because they sponsor those entertaining commercials featuring the Viking raiders, and always posing the question, “What’s in your wallet?” Maybe they should change that to, “Who’s in your wallet?”
Who got into Capital One’s system? Russian intelligence? Chinese military hackers? Ukranian criminal syndicate? No…It appears a lone hacker infiltrated their system, and gained access to the credit application files on 106 million people in the US and Canada. The hacker roamed through their records at will for weeks or months without the bank detecting it. The bank only learned of this through a tip from some apparent associate of the hacker. The most current news I read on this tells us the hacker did not sell or offer any of this information to the criminal underworld. Small comfort there.
So Capital One joins a long list of corporations, government agencies, financial companies, and retailers which did not adequately safeguard the personal information of their customers, clients, or employees. This latest revelation only reinforces my observation; your personal information is only as safe as the weakest security system in anyplace storing your information. It’s clear to me; we can’t rely on others to safeguard our personal information.
What’s a person to do? There are a couple of easy things – free things - you can do to shield your identity:
• Read your credit report, often. You can order a free one each year from each of the three major credit reporting agencies, Equifax, Transunion, or Experian. Space them out and you can read one every four months. If you notice something suspicious, check into it. You are looking for credit for which you did not apply
• Freeze your credit. This locks your credit file down, preventing almost anyone from viewing it. No credit provider will open new accounts without reviewing your credit file, so this effectively prevents the issuance of credit in your name. To freeze your credit, you need to contact Equifax, Transunion and Experian individually. When you freeze your credit, you will receive a letter with a PIN recorded on it. Keep this letter safe and secure. You’ll need it when you want to lift the freeze at some future date. If you call or go online to freeze your credit, the credit agencies must do it in one day. If you call or go online to lift the freeze, they must do it in one hour.
Freezing your credit and lifting a freeze are both free. Here’s contact information for the three credit reporting agencies:
• Equifax: equifax.com/personal/credit-report-services (800-685-1111)
• Experian: Experian.com/help — 888-EXPERIAN (888-397-3742)
• Transunion: TransUnion.com/credit-help (888-909-8872)
Paying some attention to your credit should enhance your protection when (not if) your identity is compromised in another data breach.
Linda Lemke, of Camanche, alerted me to another imposter scam last week. She received a phone call which showed on her Caller ID as from “DISH”. The caller said he represented DISH, the satellite cable provider, and wanted to upgrade her service. The caller offered an upgrade to prevent weather-related outages, such as during heavy downpours or snowstorms. And he promised to halve her payment for four years. All this for $185 up front, and her social security number.
Because Linda subscribed to DISH, and what she saw on the Caller ID, Linda was almost swept up here, but the demands for payment raised her suspicions, and she hung up. She contacted the real DISH people, who denied making these offers or calling Linda.
It’s not uncommon to hear about telemarketers or even door to door solicitors posing as a cable provider, or claiming some affiliation with a legitimate cable provider, and offering some great deal. I hear about this in cycles, about two or three times every year.
We can’t trust what Caller ID tells us anymore, so I recommend verifying any such calls by contacting the real provider, from a phone number printed on your bill. If you’re tired of high cable bills, contact your provider yourself, and ask what promotions are available, or if a change in programming can reduce your bill. You won’t know unless you ask.
‘Seniors vs. Crime’
is not pushing braces!
I already noted once in this column, not to trust your Caller ID. And I’ll give you another reason now. Cindy Espe of Clinton reported she received a call August 6th, which her Caller ID recorded as from “Randy Meier”, from a Clinton area code and prefix. Cindy answered the call, as she recognized my name and presumed this was legitimate. The woman caller spoke with a foreign accent, and said she called from “ORA Medical”. Cindy recognized ORA as ORA Orthopedics, an orthopedic and sports medicine practice in the Quad Cities. The caller quizzed Cindy about whether she suffered from back, knee, shoulder or neck pain. Cindy saw some red flags at this point and hung up.
Most likely, this caller’s questioning was a prelude to offering “free” orthotic braces to relieve some of this back, knee, shoulder, or neck pain. And offering these braces comes in exchange for giving up your Medicare number. Medicare, or any real medical provider, doesn’t make telemarketing calls.
Cindy answered the call because she recognized and trusted a name displayed on her Caller ID. That’s exactly the reaction a scammer hopes for, and why they go to the effort of call spoofing, faking their numbers and names. Don’t be tricked. Keep your guard up. And I am not selling back braces.