We all know that identity theft is on the rise. According to CBS News, the Bureau of Justice Statistics says that over 34 million Americans have experienced identity theft of some sort. That’s more than 1 in 10 of us!
We noticed an increase in tax-related identity theft this year, so we asked our IT guru, Dan Fadayomi, Tech Consultant & Owner at Anywhere Computer Repair, to pen a blog on the topic for you.
Here’s Part 1 of our 3-Part blog series on identity theft. Leave comments or questions for Dan at the end!
Identity Theft: The Fight to Keep Your Stuff… YOUR STUFF!
A few days ago, I was with a customer whose identity had been stolen. The cyber-thieves had opened a new bank account in her name and were in the process of moving thousands of dollars from her account to theirs. They had even requested a debit card to be mailed to Canada so they could access their loot.
Here’s how the cyber-thieves did it:
1. One of the first things they probably did was watch my client on her Mac. (Yes, Macs do get hacked!) Now, they couldn’t have done this without her (unknowing) help. I’m guessing she received an email or clicked a phony link to give them the initial access.
2. Through the use of what I think was a Key Logging software (a program that captures everything typed on a computer), they were able to determine her cell phone number, cell phone carrier, email address, email password, her bank account and credit card information.
3. They then added their email address to her Gmail account, and in essence, became the owners of the account.
4. They ported (moved) her cell phone number from her cell phone carrier to a different carrier. They probably did this so verification codes would come to them, and not to her cell phone. All of a sudden her phone stopped working, she calls her carrier and is informed that she had requested the number be ported to the new carrier. Once her communication channels had been taken over, the crooks could do whatever they wanted.
5. Google knew her Gmail account had been compromised, so they locked it down. It took a while to recover the account, though, and it involved using the infected Mac. Not ideal.
6. She worked with the phone company to recover her cell phone number prior to my involvement and they put a PIN on her account. Going forward, no changes can be made without the PIN.
The really amazing part is that once we recovered her email and changed her password, the fight for her stuff was on AGAIN. She received numerous calls and phony emails trying to get her to help them hack her again. One email she received seemed legit and appeared to divulge the security PIN she had just created to protect against unauthorized transfer of her phone number. But a quick call to her cell phone provider revealed the email was phony.
Fortunately, no monetary damage was done. This isn’t always the case… Still think it can’t happen to you? Well the good news is that you CAN be proactive and lower the risk that your own identity will be stolen. In the Part 2 of this blog series, I’ll tell you how.
Email me, Dan Fadayomi, if you have questions, or leave a comment below. Stay safe!