What you need to know about the Equifax data breach and steps you can take

data breach

As you may be aware, Equifax announced last week they had experienced a data breach affecting approximately 143 million Americans. The Canadian exposure is reported to be limited.

This breach was not against any bank or credit union, but against the credit reporting bureau. If you wish to check whether your data may be among those files that were compromised, you can check on the following website:  https://trustedidpremier.com/eligibility/eligibility.html

Alternatively, you can monitor the situation on a special Equifax web page for current information  https://www.equifaxsecurity2017.com/

If you wish, you can contact Equifax to discuss your concerns at  1-877-323-2598 or 1-866-828-5961 . Please note that service may be affected by Hurricane Irma.

What to do if you believe your data has been hacked:

  • Monitor your existing credit card and bank accounts closely for unauthorized charges. Contact relevant financial institutions, such as banks that issued credit cards and stop cheques, as quickly as possible. Call local police along with Service Canada if your Social Insurance Number was used. Report confirmed cases to the Canadian Anti-Fraud Centre  http://www.antifraudcentre-centreantifraude.ca/index-eng.htm  Toll Free  1-888-495-8501;
  • Change all affected passwords with new, strong and unique passwords for each account;
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. It will not prevent a thief from using any of your existing accounts;
  • Consider enrolling in a fraud alert. Equifax says it will offer free identity theft protection and credit file monitoring for one year to all U.S. consumers, but doesn’t say if that will be available to Canadians. The service monitors if your information is used to open credit accounts or appears on suspicious websites. Several identity theft and recovery companies provide similar services.

Be aware of these fraud trends to watch out for in 2017

hand coming out of computer to steal man's wallet

According to the Canadian Competition Bureau (Competition Bureau, 2017), these are the trends in fraud related crimes we can expect to see in  2017:

Subscription Traps: Survey says…be careful

Subscription traps, sometimes also referred to as Continuity Scams, can take various forms. They can appear as an advertisement featured on your favourite social media site, a referral from a friend (on Facebook, for example), a fake “survey” that pops up on your computer while you’re online on another website, or from a telemarketer. No matter the form, they will always offer you a “free” trial or purchase of a product, and all you have to do is simply pay the shipping and handling using your credit card. If consumers agree to this, they will find themselves signed up to a subscription service with ongoing fees and unexpected charges. Contacting the company will result in them pointing you towards their online terms and conditions, routinely buried in fine print. Unfortunately, by not returning the “free” product you ordered, you agreed to a monthly subscription of that product and authorized monthly charges on your credit card. Once, you are stuck in this situation, it is often extremely difficult to put a stop to the charges.

Spoofed websites: Ain’t nothing like the real thing

A spoofed website is a site that uses deceptive means to mislead consumers into thinking that it represents a specific business, financial institution, government or charity. These websites generally imitate the real websites to sell products or services that may or may not be authentic, or to obtain sensitive financial or personal information from users. Often they will provide enough information to appear like the real thing, including the location of stores, phone numbers, terms and conditions, and logos.

Ransomware: When your hard-drive is kidnapped

Ransomeware is a type of malicious software designed to block access to a computer until a sum of money is paid. A computer can be infected by ransomware in a number of ways, but most commonly, victims click on a malicious link or attachment received through a phishing email. Once infected, victims will see a “ransom” note which is often designed to scare or extort the victims into making a payment. For instance, a message could appear saying that your personal files and pictures will be deleted unless the consumer pays $100-$250 via Bitcoin, Ukash or PaySafe Card to have the computer unlocked.

Business Executive Scam: Don’t follow this boss’ orders

Sometimes referred to as the Business Email Compromise scam, this fraud starts when a potential victim receives an email that appears to come from an executive in their company who has the authority to request wire transfers. In some cases, the fraudsters create email addresses that mimic those of the CEO or CFO. In other cases, the fraudsters have compromised and subsequently used the email account belonging to the CEO or CFO. Often, the email will indicate that the “executive” is working off-site and has identified an outstanding payment that needs to be made as soon as possible. The “executive” instructs the payment to be made and provides a name and a bank account where the funds, generally a large dollar amount, are to be sent.

Losses to this scam typically range from tens of thousands of dollars to hundreds of thousands of dollars.

And here are the ones that we keep seeing again and again:

Fake Online Endorsements and Sponsored Content – Followers and likes doesn’t mean it is good advice

Consumers are often enticed to purchase a product or service based on reviews by social media influencers or those with a significant online presence. Unfortunately, there’s a chance that these reviews are not genuine and have in fact been paid for by a company as a marketing tactic. By not revealing their business interests and creating what seem to be authentic experiences or opinions, these influencers are misleading consumers and could be subject to action under the Competition Act.

Astroturfing – It looks real, but it isn’t

Astroturfing has similar characteristics to fake online endorsements. The term “astroturfing”, when used in an online advertising context, refers to the practice of creating content that masquerades as the authentic experiences and opinions of impartial consumers, such as fake consumer reviews and testimonials. This is often part of organized efforts by companies to boost their own ratings or to lower the ratings of their competitors. For example, companies have been known to encourage their employees to post positive reviews on websites and review platforms, or to provide their customers with incentives to leave positive reviews.

Binary Options Scam: Never a good bet

Similar to gambling, binary options work much like a wager. All or nothing “bets” are invested based on how an asset will perform within a certain timeframe. The asset could be a stock, a currency or a commodity. Websites are designed to attract users to trade binary options, by offering high rates of return and by claiming to be risk free. Initially, a virtual gain is seen, but there is no way to access the profits because they are non-existent. Currently in Canada no business is registered or authorized to sell or market binary options.

It is always risky to invest in offshore companies; investors who buy into a binary option run the risk of having their identity stolen, accumulating losses for unauthorized withdrawals on their credit cards and incurring high interest payments on an investment that doesn’t exist.

Employment Scams: No experience needed!

Scammers use online classified websites like Kijiji, Craigslist, Monster, Indeed, and Workopolis to recruit potential victims. The most common scams include Mystery Shopper and HR/Administrative jobs.

Consumers are offered a mystery shopper job after responding to an online ad or a text message. The victims receive a cheque in the mail with instructions to complete local purchases and send unspent funds through a money service business. Victims are told to document all experiences and evaluate customer service. Eventually, the cheque is returned as counterfeit and the “employee” is accountable to pay for the funds that were wired.

Another common job scam involves the victim acting as a financial receiver/agent. Victims are told to accept payment in their personal account (often by eTransfer or cheque), keep a portion and forward the remaining amounts to third party “employees” or “companies”. Victims are eventually advised by their bank that the original payment was fake or fraudulent and any subsequent monies sent are therefore paid out of the victim’s own pocket. Scammers will attempt to process as many payments as possible before the victim’s financial institution advises that the original payment was fake.

 

It’s extremely important to report fraud to the authorities. Complaints are one of the best ways to gather evidence in order to better protect consumers and businesses. If you think you’ve been the victim of fraud, report it to the Canada Anti-Fraud Centre, the Competition Bureau or the RCMP.

 

Source: Competition Bureau. (2017, February 28). Retrieved March 23, 2017, from Government of Canada: http://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/04201.html