South Carolina consumers should look out for a new email scam that is trying to take advantage of last year’s Department of Revenue security hacking scandal.
The scammers are targeting people who signed up for the free credit report monitoring service provided by DOR in the wake of the 2012 security breach. The e-mails purport to be an “Identity Theft Alert” or “Credit Report Update..
But the real goal is to coax recipients to open the e-mail and click on an embedded link. Once this is done, confidential information might be compromised – leading to consumer injury and loss.
Following is from a news release by the South Carolina Department of Consumer Affairs:
[The SCDCA] is urging consumers to beware of phishing e-mails that appear to be coming from the credit bureaus.
This latest phishing trend has fraudsters trying to capitalize on consumer fears following the Department of Revenue (DOR) security breach.
It is well known that many consumers have signed up for the free credit report monitoring service offered by DOR through Experian. In an attempt to separate consumers from their personal information, scammers are now sending fake e-mails, posing as Equifax. The e-mails attempt to grab the consumer’s attention by using words like “Identity Theft Alert,” or “Your score has dropped,” in the subject line. Once opened, the consumer is urged to check their declining credit score through an embedded link.
SCDCA wants to take this opportunity to remind consumers that scammers will also pose as government agencies. The most recent example of this involves correspondence supposedly from the Office of the Comptroller of the Currency (OCC). These scam attempts can come via letter, e-mail and fax and typically say that funds are being held by Bank of America and can only be released if a mandatory service charge is paid.
Following are some steps to avoid cyber-theft:
* Verify all e-mail messages. When a business contacts you, especially by e-mail, verify the validity of the message by following up with the business directly. Use contact information you know is correct.
* Do not click on any links in the message or cut and paste links into your browser. Phishing e-mails may contain software that can harm your computer or track your activity online.
* Check the legitimacy of the domain or sender’s address. Be suspicious if there are many letters and numbers in the web address or e-mail address (e.g., firstname.lastname@example.org). This does not resemble gmail.com or yahoo.com, etc.
* Note the grammar. “You might be having Identity Theft issue,” is broken English. Reputable companies will never e-mail consumers with such verbiage.
* Pay attention to the website link given in the e-mail. Please visit HERE does not show the actual link you will be visiting.
* Use antivirus software and a firewall. Make sure to update them regularly.
Source: SC Department of Consumer Affairs http://www.consumer.sc.gov/consumer/PressRelease/Documents/2013/13003.pdf