5 of the Biggest Identity Theft Scams of 2017 (and How to Protect Yourself)
It happens more often than you might think -- nearly 3 million times a year.
We’re talking about identity theft. When someone hijacks your name for their own purposes, it’s absolutely chilling -- and potentially damaging.
Armed with the nine digits of your Social Security number, fraudsters can grab up lines of credit and rack up significant debt in your name with shocking ease.
It’s best to catch them as early as possible.
One good way to protect yourself is knowing what to look out for, especially since scammers will try just about anything to steal your info these days.
Keeping that in mind, here are five of the most common identity theft scams of 2017:
1. The W-2 Email Scam
The IRS issued an urgent alert about this growing ID theft scam in February.
Here's how it plays out:
Someone at your employer’s payroll or HR department gets a fake email from a scammer pretending to be a high-level corporate executive.
The email requests copies of employees’ W-2 forms -- basically asking for every employee’s personal information including their addresses, salaries and Social Security numbers.
In January, this happened to Scotty's Brewhouse, a popular Indiana-based restaurant chain with 4,000 employees.
Once the scammers get their hands on this info, they can use it for their own nefarious purposes -- like applying for credit lines or filing fraudulent tax returns to obtain bogus refund checks.
2. Email Subject Line: “A Notice from the Internal Revenue Service”
The IRS is also warning the public about this particular trick in its 2017 “Dirty Dozen” list of common tax-related schemes. Scams like this usually peak during tax season.
If you get an email purporting to be from the Internal Revenue Service, you should know that the IRS doesn’t initiate contact with taxpayers by email to request personal or financial information.
Don’t ever click on or respond to these kinds of emails.
If you receive one, report it by forwarding it to email@example.com.
3. “This is an Update from Norton Anti-Virus”
The authorities call this kind of scheme “Malware Based Phishing.”
It’s what happens when a scammer attaches a harmful computer program -- or malware -- onto emails or websites.
This computer program is made to look helpful, but it’s actually recording all your keyboard strokes and what websites you visit, then using what it learns to steal your identity.
One example is an email that’s disguised as coming from Norton Anti-Virus. It prompts you to install an updated web browser “to improve your computer security.”
When you click on the link, you’re just downloading malware.
To protect yourself, be super careful when downloading any program from the web. Contact the organization that supposedly sent you this email message, either by sending a separate email or making a phone call. Tell the company you got an email urging you to download a specific file, and you want to know if it’s legit.
4. Beware of the Skimmers
In identity theft terms, a “skimmer” is a device fraudsters install on an ATM or at a store’s checkout counter to copy the information from your debit or credit card.
It scans the data from your card’s magnetic strip and keeps it in an electronic storage device. That way, an identity thief can use your card to make unauthorized purchases.
Skimmers are not some bogus, imaginary urban legend. These suckers really exist.
Here’s an example of a bunch of cleverly disguised skimmers being discovered in a U.S. retail store just recently -- much to the surprise of the store’s staff.
They’re also commonly found on gas pumps.
To prevent skimming, make it a habit to periodically check your credit reports.
5. Sneaking in Through Your Google Search Results
You know the old saying, “If it looks too good to be true, it probably is”?
That applies to a scam called “search engine phishing,” according to the Center for Identity Management and Information Protection, a nonprofit research group.
Fraudsters create websites offering “too good to be true” bargains, and dangle them like bait. The website gets legitimately indexed into Google, Yahoo and other search engines.
And that’s where you’ll see the bait -- an amazingly low price for a video game system, or an unusually high salary offer for a particular kind of job.
Once you click through to the scammer’s website, you’re induced to give up personal information in order to take advantage of such a great offer.
How Can You Protect Yourself?
Knowing what to look for helps, but here are some other steps you can take to protect yourself from identity theft:
- Sign up for a free identity protection service like True Identity to keep tabs on your finances. It’ll inform you if someone applies for any kind of credit using your name.
- Shred paper documents that include personal information before throwing them away.
- Install anti-virus software and password-protect your devices.
- Use extreme caution when sharing personal information or account numbers online or over the phone.
- Clear all your personal information off any digital devices before donating or selling them.
- Contact the three credit reporting agencies -- TransUnion, Experian and Equifax -- and place a freeze on your accounts to block any further credit applications made in your name.
If you suspect someone has stolen your identity, go to IdentityTheft.gov, the federal government’s one-stop resource for identity theft victims. It has checklists and sample letters to guide you through the recovery process.
Your turn: Have you been a victim of identity theft?
Disclosure: This post includes affiliate links. Adding these links helps us keep the lights on in The Penny Hoarder HQ, which makes it a lot easier to play shuffleboard after a long day of deal-seeking!
Mike Brassfield (firstname.lastname@example.org) is a senior writer at The Penny Hoarder. He has personally been a victim of identity theft.