New Year Brings New Scams to Watch Out For

2020 brings a new decade and the potential for a fresh start, but leave it to scammers to try and spoil the party. There was a rash to begin the new year, so—as ever—be on the lookout. All it takes is just a little extra effort to gird against the grifters.

Here are some reported in just the first few weeks of 2020:

• Wrongdoers using hacked email accounts to masquerade as a long-ago acquaintance asking you to buy them a gift card.
• Texts asking you to fill out a customer satisfaction survey for a reward from a big online retailer, but the “survey” requests your Social Security, credit card, bank account and other personal information to steal your identity.
• Emails and texts alerting you to a package delivery and asking you to set your delivery preferences, which eventually directs you to a fake site that takes your credit card number.
• Offers for free or discounted medical devices if you divulge your Medicare information, which perpetrators then use to fraudulently bill Medicare, using your benefits.
• Calls or emails from the “IRS”—perhaps giving the last four digits of your Social Security Number—saying you owe them money and telling you to pay up on a prepaid debit card or wire it to them.

It seems, unfortunately, such ploys are everywhere, taking advantage of our natural inclinations to help out someone in need, win a prize, snag a deal or trust an authority. Most share some common identifiers, making them easy to spot if you know what to look for. Here are a few questions you can run through:

• Does it seem too good to be true?
• Is it panic-inducing?
• Is the communication unexpected and unsolicited?
• Does it compel you to send money (cash, bitcoins or gift card identification and PIN)?
• Does it ask for personal information that could unlock your accounts or enable them to open a credit account in your name?

You can prevent others by taking some simple protective measures—one being a potential check scheme that could take advantage of people who don’t include all four digits of this year when writing checks. For example, you could have an old uncashed check lying around—which technically expires after six months—dated “1/23/20.” Someone could find it, postdate it “1/23/2021” and cash it in. Similarly, say you signed and dated a contract requiring your payment for “1/23/20.” An unscrupulous counterparty might exploit this and add “19” to the end and claim you haven’t paid for a year, leaving you open to a lawsuit. While it is debatable how widespread this could be—there have been no reported incidents—it is a simple fix and good practice anyway.

A good rule of thumb is to ignore unknown callers and emailers, but sometimes perps can pass that basic screen. Some email or social media posts might seem ok on cursory examination. Robocallers can fake numbers, making it look like they’re your neighbor. If you aren’t sure a voicemail, text or email is legit, note the details and search for them online. Likely others have spotted and reported them.

Another way to filter out bad actors is knowing what official entities can ask you for—and how. Government agencies like the IRS, Social Security and Medicare won’t ask you for information they already have, like your ID number, birthday or the like. Nor will they ask you to send them money by debit or gift card. Or threaten to revoke your benefits or accounts with them. Or arrest you if you don’t comply. They also won’t contact you by phone or email. They only use snail mail. If you get a call or email from any of these agencies, hang up, don’t respond and don’t open any links or attachments. Instead, get some revenge and report them. If it involves Medicare, call 1-800-MEDICARE and find more information at Medicare.gov’s fraud site. For Social Security-based schemes, see the Office of the Inspector General’s website. If the “IRS” calls you, contact the Treasury Inspector General here or call them at 1-800-366-4484. For most other things, you can call the Federal Trade Commission (FTC) at 1-877-FTC-HELP or go to ftccomplaintassistant.gov.

With tax filing season opening, folks must also contend with fraudsters trying to file fake returns to steal your refund. They do this by using your personal information to file fake tax returns under your name and Social Security Number. Some obtain information from data breaches, but others use phishing emails and even in-person encounters. Others will try to get sensitive information from employers, business owners and tax preparers, even impersonating payroll organizations to get access to companies’ W-2 records. If you try to e-file your return and get an error saying you can’t because of a duplicate Social Security Number, this may be why, and you will have to file an IRS form notifying them of the theft.

Finally, never ever ever click on an emailed link asking you to confirm or change your password. This happens often with ne’er-do-wells masquerading as your bank or brokerage account custodian. If you follow their instructions, they will have your account password and be able to drain your savings. Increase your protection by changing your email password and enabling multifactor authentication to reduce the risk of someone else gaining access to your email. If your email has been compromised and you reset the password on one of your financial accounts, the perpetrator could beat you to the password change confirmation email, change it themselves and lock you out. If you suspect your account is compromised, contact the institution—through reputable channels—and report the incident. Also go to the FTC’s identitytheft.gov to help you recover your identity.