ID Theft Protection for Your Clients

ID Theft Protection for Your Clients

Are you taking advantage of the opportunity by offering ID Theft Protection for your Clients and their employees?

Your clients are relying on you to provide the most comprehensive, relevant, value-adding benefits that their employees want and need.  With the addition of identity theft protection to your portfolio, you will be stepping out in front of your competition with this high-demand benefit.

Strengthen Your Client Relationship

You are the advisor and your clients trust you to offer the best employee benefit programs.  Offering defend-id will demonstrate your professionalism and your thoughtfulness regarding current market trends and demands.  As their agent, you will be offering a timely, valuable and relevant benefit.

Don’t Blend in with the Rest

Differentiate yourself from your competition, the ones you are fighting with to get that new account, and the ones you are fighting off to keep your current ones.  Offering defend-id differentiates you!  Employers need increasingly robust benefits options and employees are looking for it.  Chances are if you are not including id theft in your proposals, your competition is.

Tax Benefit for Employers

Employer-paid Identity Theft Protection is a non-taxable, and non-reportable benefit.  Not only is employer-paid the most cost-effective but it also has tax benefits as well as overhead advantages.

GROW and Maintain

Grow your business with a new offering, re-engage with your clients and target new prospects.  Strengthen your book of business by adding another line of business, identity theft is a sticky product with a long life cycle!

Simplicity

The market continuously floods with new and trendy benefits.  The challenge of working with increases and tight budgets makes your job hard!  It is difficult to find a benefit that you can add that provides high value at a low cost.

We understand!  It can be overwhelming and frustrating.  The good news is that defend-id defend-id is designed with the broker in mind! We have worked hard to minimize the sales cycle and simplify an overly complex process. defend-id puts the power in your hands, giving you a co-branded website, a portal to conduct and keep track of your business, marketing material, and communications, and a dedicated training team to help you at all times.  We are here to make ID Theft Protection for your Clients an easy solution.

Become a Partner Today!https://www.defend-id.com/forpartners/

Service Level Standards and Testimonials

Service Level Standards and Testimonials

Fully Managed Recovery is the most important pillar of what we do here at defend-id.  We take Service Level Standards and Client testimonials very seriously.  It is important to ensure that everyone we cover has peace of mind, knowing they have someone who will take care of any identity issue they encounter.  All the credit goes to our team of recovery experts who are getting amazing results.

Service Level Standards

 

2022 Q1 Fully Managed Recovery Testimonials
  • “I am so pleased as to how my call was handled, the knowledge the representative had and all that was done while I was on the initial phone call. As a victim of unemployment insurance fraud. I would not have known where to start with putting a stop to someone using my social security number and other info to commit identity theft. The Dark Web report is nothing less than Amazing as it let me know each of the dates and types of information was placed on the Dark Web. The report informed me what steps I should take with changing passwords on accounts etc. Thankfully no damage was done to my credit. I share my personal story so that other members are aware of a situation that occurred and how they (recovery advocates) are working on my behalf. Members need to hear that identity theft is real and could happen to anyone. This benefit is something I never thought I would have needed in the past but now I know how very valuable such a service is and I am grateful and proud to say that Partners offers this valuable type of protection to our membership”. Lois M. FCU 

  • “I would like to acknowledge my fraud specialist and her professional help with my identity theft case. She is trusted, experienced, knowledgeable, helpful, patient, follows up in a timely way, calm, and well-spoken. I am a senior, fixed income, and have had ongoing issues with months of unrequested credit and debit cards, and continue to have fraud. As a result of my initial contact with my financial institution, I was directed to your services. My case was assigned to my advocate and she is OUTSTANDING and our communication continues. She has e-mailed, made phone calls helped with adding me to necessary account freezes, helped me, (a not-so-knowledgeable senior), speak with an agent for assistance help, with my latest financial stress! Always leaving me with the confidence and messages, “Do you have any other questions for me? Call me, when anything else occurs. Do not hesitate to call or contact, if I can be of any help.” My advocate continues to help. Please acknowledge this valued employee, in some way for me. I am grateful for her continued trusted help. I am so very grateful!” Penny Y. CU 

  • “Our Advocate was superb. I can’t thank her enough. The process was extremely helpful and our advocate made it so easy to navigate. One of the best investments I have made – opting in to this service…” Steven G. CU 

  • “My advocate was very helpful and made sure I understood everything about my account. She followed up the next day via email and personal phone call and is a very easy person to deal with. I appreciate all your help and it put me at ease to know my accounts are being watched out for me thank you very much!.” Terry S.

  • My Recovery Advocate has been wonderful to work with. Thanks, again for all of the valuable information and services provided.” Kelly V.

  • “Thank you! My Fraud Specialist has been wonderfully helpful! You have all been great! Your knowledge and ability to provide assistance are amazing!” Steve M.

  • “I am writing to you because of the exceptional service I have received over a year period with my assigned Recovery Advocate. She has been extremely patient, skillful, and customer service oriented!. She is amazing. Please give her a raise! She calmed me down and skillfully navigated to what needed to be done. Thank you so much!!” Shane L.
IDENTITY THEFT LOSSES TOTALED $52 BILLION, AFFECTING 42 MILLION U.S. ADULTS

IDENTITY THEFT LOSSES TOTALED $52 BILLION, AFFECTING 42 MILLION U.S. ADULTS

The just-released 2022 Javelin Strategy Annual Identity Fraud Study found that identity theft losses totaled $52 billion and affecting 42 million U.S. adults in 2021.

The Javelin study also reported the following:

  • 1 in 20 Americans were victims of fraud in 2021.
  • The average per-victim loss from traditional identity theft and fraud rose to $1,551.
  • The average per-victim loss from identity fraud scams was $1,029.
  • More than half (54%) of fraud victims want their financial institution to offer a fraud prevention resource center to help them resolve their identity theft and fraud event.
  • Consumers expressed an interest in receiving more fraud prevention education from their financial institutions as well as identity protection services.
  • The 2021 statistics show individuals and businesses are unprepared for the tactics criminals are deploying in our modern, digital-first world.

Since identity theft and fraud is constantly evolving, how does the 2022 Javelin Study reflecting 2021 statistics compare to the last two Javelin Studies in 2020 and 2019?

  • In 2020, identity theft and fraud losses totaled $56 billion and affected 49 million U.S. adults.
  • In 2019, identity theft and fraud losses totaled $16 billion and affected 14.4 million U.S. adults.

According to Javelin, “the trends observed were huge increases to account takeover fraud and new account fraud in which fraud operators deployed multiple tactics to steal victims’ personal information to drain them of billions of dollars” including:

  • New account fraud increased by 109% enabling criminals in possession of consumer information to, at times, open multiple unauthorized accounts ranging from merchant accounts to credit cards.
  • Account takeover losses increased 90% as criminals highjacked victims’ online lives.
  • Fraud affecting existing credit cards rose 69%, while fraud on existing non-card accounts, including checking, savings, insurance or utilities, jumped 73%.

Javelin defines identity fraud as “the unauthorized use of another person’s personal information to achieve illicit financial gain. Identity fraud can range from simply using a stolen payment card account, to making a fraudulent purchase, to taking control of existing accounts or opening new accounts.”

In addition, Javelin defines identity fraud scams as “relatively easy to orchestrate and present an opportunity for criminals to bypass the fraud detection barriers maintained by financial services providers because they directly target the consumer.”

For example, an element of identity fraud scams is that consumers often remember the moment they experienced contact with an ID theft criminal or cyber thief relating to Phishing (fraudulent emails), Vishing (fraudulent phone calls and voice mail messages), and Smishing (fraudulent text messages).

For years, I have written and publicly spoken to consumers and small businesses on how education and awareness will help mitigate a consumer’s exposure to an identity theft event and an organization’s exposure to a data breach incident.

Since identity theft and fraud are constantly evolving, consumers and small businesses need to stay up to date on identity theft and fraud trends, such as the 2022 Javelin study, to make sure their online life and digital identity are safe!

By Mark Pribish Vice President and ID Theft Practice Leader

March 2022

Other recent articles:
How WiFi Hacks Occur

How WiFi Hacks Occur

  1. You are on vacation and you open your laptop in your hotel room. You log into the public WiFi network, quickly agree to the Terms and Conditions (without reading them of course), and start your normal Internet activities. For just a second, you have a fleeting thought: “Is my computer at risk?” And then you begin your normal Internet activities and quickly forget all about it.
  2. You are waiting to catch your flight in an airport and, after grabbing a cup of coffee and opening your laptop, you see that there’s a “Free Public WiFi” network available. You log in to your banking account to transfer funds. Then you have a vague sense that you might not be doing something safe, but you figure that you’re only going to be online for fifteen minutes, so you’re probably okay, right?

BY  · March 7, 2022

hacker

How Safe Are WiFi Hotspots?

Many assume that using a WiFi network at a hotel or airport is the same as logging into our network at home or at the office. But the risks of using WiFi networks at a hotel or airport are exponentially greater than at home or work.

For example, while sharing folders, printers, desktops, and other services can be useful at home or in the office, doing so is inappropriate on a public network. Competitors or hackers can access this information in a public setting.

Most private networks use firewalls to defend users against Internet-based attacks. This is not necessarily true in public wireless networks, where security practices vary widely. You may assume you are safe from outside attacks, but you really have no idea what lies between your laptop and the Internet.

Business travelers willing to connect to any network that offers free Internet access are especially vulnerable to such attacks. It is literally impossible to tell the safe networks from the bad ones. Wireless eavesdropping is possible everywhere. Only a small percentage of public networks prevent wireless eavesdropping, and many networks leave wifi users completely responsible for their laptop security, with extensive or complete file and service exposure.

So What Should I Be Worried About?

Okay, so now you are probably aware that using a public WiFi network while on the road exposes you to a lot of security risks. But what risks are we talking about exactly?

The following is a list of different types of hacks that can occur in public WiFi hotspots:

  • Sniffers:

    Software sniffers allow eavesdroppers to passively intercept data sent between your web browser and web servers on the Internet. This is the easiest and most basic kind of attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured network can be captured by hackers.  Sniffing software is readily available for free on the web and there are 184 videos on YouTube to show budding hackers how to use them. The only way to protect yourself against WiFi sniffing in most public WiFi hotspots is to use a VPN, such as PRIVATE WiFi™.

  • Sidejacking:

    Sidejacking is a method where an attacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies often contain usernames and passwords and are generally sent back to you unencrypted, even if the original log-in was protected via HTTPS. Anyone listening can steal this log-in information and then use it to break into your Facebook or Gmail account. This made news in late 2010 because a programmer released a program called Firesheep that allows intruders sitting near you on a public WiFi network to take over your Facebook session, gain access to all of your sensitive data and send viral messages and wall posts to all of your friends.

  • Evil Twin/Honeypot Attack:

    This is a rogue WiFi access point that appears to be a legitimate one, but actually has been set up by a hacker to eavesdrop on wireless communications. An evil twin is the wireless version of the “phishing” scam: an attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. When a victim connects, the hacker can launch man-in-the-middle attacks, listening in on all Internet traffic, or just ask for credit card information in the standard pay-for-access deal. Tools for setting this up are easily available (e.g., Karma and Hotspotter). One recent study found that over 56% of laptops were broadcasting the name of their trusted WiFi networks and that 34% of them were willing to connect to highly insecure WiFi networks.

  • ARP Spoofing:

    Address Resolution Protocol (ARP) spoofing, is a technique used to attack a wireless network. ARP spoofing allows an attacker to sniff traffic on a LAN and modify or stop the traffic altogether. This attack can only occur on networks that make use of ARP and not another method of address resolution. ARP spoofing sends fake, or “spoofed”, ARP messages to a LAN which associates the attacker’s MAC address with the IP address of the victim. Any traffic meant for the victim’s IP address is mistakenly sent to the attacker instead. The attacker could then forward the traffic to the actual default gateway (passive sniffing) or modify the data before forwarding it (man-in-the-middle attack). The attacker could also launch a denial-of-service attack against a victim by associating a nonexistent MAC address to the IP address of the victim. A successful APR attempt is invisible to the user.

  • “Free Public WiFi” Rogue Networks:

    “Free Public WiFi” networks are ad-hoc networks advertising “free” Internet connectivity. Once you connect to a viral network, all of your shared folders are accessible to every other laptop connected to the network. A hacker can then easily access confidential data on your hard drive. These viral networks can be used as bait by an Evil Twin. “Free Public WiFi” networks turn up in many airports. Don’t connect to these networks and you won’t infect your laptop. If you find this kind of network on your laptop, delete it!   Then reconfigure your adapter to avoid auto-connecting to any wireless network.

  • Man-in-the-middle Attacks:

    Any device that lies between you and a server can execute man-in-the-middle attacks, which intercept and modify data exchanged between two systems. To you, the man-in-the-middle appears to be a legitimate server, and to the server, the man-in-the-middle appears to be a legitimate client. These attacks can be launched by an Evil Twin in a wireless LAN.

You Should Know What You Are Agreeing To

Remember those Terms and Conditions that you agreed to and didn’t read? Well, we’ve actually read them, and here is what some of them say:

  • Starbucks: It is the Customer’s responsibility to ensure the security of its network and the machines that connect to and use IP Service(s).
  • Boingo Wireless: There are security, privacy and confidentiality risks inherent in wireless communications and technology and Boingo does not make any assurances or warranties relating to such risks. If you have concerns you should not use the Boingo software or service. We cannot guarantee that your use of the wireless services through Boingo, including the content or communications to or from you, will not be viewed by unauthorized third parties.
  • JetBlue: Wireless internet connections such as that provided through the Service are not secure. Communications may be intercepted by others and your equipment may be subject to surveillance and/or damage. Since the wireless connection providing you with access uses radio signals, you should have no expectation of privacy whatsoever when using the service. Accordingly, in providing this service, JetBlue cannot and does not promise any privacy protection when you use the service. It is your sole responsibility to install and deploy technological tools to protect your communications and equipment that may be compromised by use of a wireless network.”

For additional examples of Terms and Conditions from hotspot providers, visit the ‘read the fine print’ section of our website.

So How Can I Protect My Laptop?

Okay, so now you know how dangerous wireless networks can be, and the various kinds of attacks you may face when using them. So what specifically can you do to protect yourself and your data?

Below are proactive steps to take and services you can use to protect yourself when using such networks.

  • Disable or block file sharing
  • Enable a Windows Firewall or install a third-party personal firewall
  • Use file encryption
  • Most importantly, use a VPN

The one thing that they all have in common is that it is your responsibility to protect yourself. The best way to protect your sensitive information is to use a Virtual Private Network, or VPN. AVPN  encrypts the data moving to and from your laptop. The encryption protects all your Internet communication from being intercepted by others in wifi hotspots. In addition, VPNs can prevent hackers from connecting to your laptop and stealing your data files.

Most large companies have a company-support VPN to protect corporate communications. PRIVATE WiFi provides the same capability for individuals, business travelers, and small and medium-sized enterprises. Please visit our website for details.

Avoid Ukraine Relief Scams

Avoid Ukraine Relief Scams

As we continue to see the Russian invasion of Ukraine, it is natural that we look for ways to help.  Donating money is often one of the best and easiest ways to make an impact.  Unfortunately, we need to ensure that we avoid Ukraine relief scams popping up which is causing more chaos.

Scammers have no shame and will try to lure out money from people like you who are just trying to help.  Below are some tips to consider while looking to help.

Donation Tips
  • Give to Organizations You Trust:

    Do your research before giving. Review the charity’s purpose and find out how the charity spends its donations. How much is spent directly on the charitable cause? How much goes to overhead and employee compensation? You should also confirm the charity’s name, address, and nonprofit status.

  • Be Wary of Social Network Fundraising:

    If you are planning to donate through a social network solicitation, first do some research. Find out what percentage is going to the charity, whether you will be charged a fee, or if a percentage of your donation will be paid to the platform website.

  • Don’t Be Pressured by Telemarketers – Ask Questions Before Donating:

    If you receive a call from a telemarketer, ask for the name of the fundraising organization, whether it is registered with the Attorney General’s Office, the name of the charity benefitting from the solicitation, how much of your donation will go to charity and how much to the telemarketer, and the direct telephone number of the charity.  Don’t fall for pressure tactics or threats. Remember that you have the right to say no and if you feel pressured or threatened, just hang up.

  • Watch Out for Similar-Sounding Names, Web Addresses, and Other Deceptive Tactics:

    Fraudulent organizations may use names that closely resemble those of well-established charitable organizations in order to mislead donors. Look out for fraudulent websites that have a slightly different web address (URL) than that of a legitimate charitable organization. Similar-looking URLs are sometimes purchased by fraudsters to lure in would-be donors. These sites may ask you for personal information or install harmful material onto your device. Be skeptical if someone thanks you for a pledge you never made, and always check your records.

  • Understand the Difference Between “Tax-Exempt” and “Tax-Deductible”:

    Being a nonprofit does not mean the organization is exempt from taxation, or that your donation is tax-deductible. Generally, a tax-exempt organization is exempt from paying tax on its income/gifts, but may or may not be able to offer tax deductions to donors. Just because an organization has a “Tax ID Number” doesn’t mean it is a charity, tax-exempt, or tax-deductible. A few tax-exempt organizations – 501(c)(3) tax-exempt status – are able to offer charitable tax deductions for your donations. If you are not sure whether your donation is tax-deductible, verify the charity’s tax-exempt status by using the tools and information located on the IRS website.

  • Protect Your Identity:

    Never give your Social Security number or other personal information in response to a charitable solicitation. Never give out credit card information to an organization unfamiliar to you. Some organizations sell or rent their donor lists to other organizations, including organizations that are not charities.

Please consider sharing this with others, you may be helping others avoid Ukraine relief scams!

Hackers are coming for you in 2022

Hackers are coming for you in 2022

Two years ago I wrote an article asking the question Is Your Digital Identity Safe? Two days ago I read an Infosecurity Magazine article stating Identity Theft Will Get Worse.  It appears that Hackers are coming after you in 2022!

Specific to your digital identity and today’s threat landscape for consumers and small businesses, cyber thieves and ID theft criminals have evolved to the point where hacking and data breaches will happen at any time and can affect anyone.

As for the statement “identity theft will get worse,” the fact is that 2021 surpassed the all-time record for data breaches exposing the Personally Identifiable Information (PII) of millions of Americans.

As a reminder, examples of PII include:
  • Name: full name, maiden name, mother’s maiden name, or alias
  • Personal identification numbers: social security number (SSN), passport number, driver’s license number, taxpayer identification number, patient identification number, employee or student identification number, financial account, or credit card number
  • Address information: street address, or email address
  • Telephone numbers
  • Personal characteristics: photographic images (particularly of face or other identifying characteristics), fingerprints, or handwriting
  • Biometric data: retina scans, voice signatures, or facial geometry
  • Information identifying personally owned property: VIN number or title number
  • Asset information: Internet Protocol (IP) or Media Access Control (MAC) addresses that consistently link to a particular person

And now our digital world, combined with a two-year pandemic, has consumers and small businesses worried. There is so much uncertainty in our world and cybercriminals, and their new scams are adding to the challenge.

Consumer?

If you are a consumer, recent digital risk examples making today’s headline news include How to avoid buying fake Covid tests online and BBB warns consumers of hackers posing as apps like Paypal and Venmo to steal your money.

Cyber thieves and ID theft criminals depend on human nature and emotion such as an individual’s tendency to trust others (e.g. phishing and vishing) and desperation (e.g. the chaos of supply chain shortages such as Covid-19 tests). These phishing and vishing tactics and fake websites have gained attention in recent weeks over the increasing number of identity theft victims.

Small Business Owner?

If you are a small business owner – trusting others and desperation are common risk factors just like a consumer – but it gets worse as Cyber risks top worldwide business concerns in 2022.

According to the just-released 12th Annual Allianz Risk Barometer Survey, cyber incidents at the top of the list.  This is only the second time cyber has been at the top of the list in the survey’s history.

Cyber incidents, ransomware attacks, data breaches, or major IT outages worry businesses more than anything else.  They worry businesses even more than a business interruption, supply chain disruption, or the COVID-19 pandemic.

To conclude, cyber thieves and ID theft criminals continue to find new and innovative ways to steal your personal information.

Both consumers and small business owners need to keep security education and awareness top of mind.  Protecting our digital identities is crucial because hackers are coming for you in 2022.

Mark Pribish

error

Enjoy this blog? Please spread the word :)