So many data breaches have happened in the past 12 months that it’s hard to keep track of them all. Each one had unique effects on their respective industries, and naturally, consumers are the ones paying the price for negligence and poor cybersecurity.
But still, affected parties are hanging on to hope that justice might be served. Developments like the Equifax settlement seemed like an optimistic step in the right direction, but the reality of the class action payments has left many victims feeling cynical. Tap or click here to see how small the Equifax cash payout will be.
But if that was enough to make data breach victims curl up in balls, then the latest Russian shenanigans are sure to leave them reeling. A group of scammers set up a fake government website and if you fall for it, there goes your data. Here are the details of the scam and how to avoid falling for it.
Russian scammers add insult to injury
A new bulletin posted by researchers at Kaspersky Labs is outlining an unusual fraud scheme targeting victims of data breaches. Scammers appear to have set up a website claiming to be run by the “US Trading Commission” that promises financial compensation for the “leakage of personal data.”
For many victims, a program like this would be a major windfall. Legal expenses and credit monitoring fees can rack up quickly, and some victims even lost huge sums of money, thanks to identity theft. There’s just one problem: The “US Trading Commission” doesn’t exist.
Instead, this highly detailed fraudulent website preys upon hapless data breach victims. The website leads to numerous forms where you’re asked to provide personal information like your first and last name, credit card number and SSN to verify your identity — not suspicious at all!
But if you don’t have an SSN or aren’t a U.S. resident, the site conveniently sells you a temporary one. Just make sure to check the box next to the line reading “I’am don’t have SSN.” Yes, that’s exactly how it’s written. No, we don’t suppose the U.S. government cares about spelling or grammar anymore.
Most telling of all is the fact that this presumably American website will conveniently shift from English to Russian and list prices in rubles if a Russian IP address (like the kind possessed by Kaspersky Labs) is used. This points to the illegitimacy of the site; that, and much of the questionable spelling and grammar.
In short, this website is decidedly not what it claims to be. If you enter any of your information, you might as well consider it forfeit.
Further victimizing victims
This scam is particularly heartless compared to other phishing schemes due to the fact that it’s tailored for victims of data breaches. Less tech-savvy users may believe this is a legitimate website, and enter their private information without a second thought. Tap or click to see the top 6 worst scams on the web.
And naturally, people who have already been hit with identity theft are the last people on earth who deserve a second round.
So how do you stay safe in the face of identity theft? One option is exploring services that actively monitor your credentials for abuse, and sends alerts when someone attempts to pose as you. Stay secure with Kim’s choice for identity protection: Identity Guard. Get 2 months free with the purchase of an annual plan at IdentityGuard.com/Kim.
But just like with most modern internet threats, it’s also best to simply not engage. If something doesn’t pass the smell test or seems to be asking too many questions, leave it alone and do not enter any personal information.
More importantly, the U.S. government never requests personal information over the web. If you are owed money, or need to provide info, it will contact you via traditional mail. No exceptions!
But if you did manage to enter personal data on this scam site, or a similar one, your best course of action is to contact a credit reporting bureau and ask them to perform a credit freeze. This will prevent any fraudsters from opening accounts in your name. Tap or click here to learn more about the benefits of a credit freeze.