What to do if you fall victim to an Equifax-related scam
Authored by a Symantec employee
It can seem inevitable: Whenever a catastrophe happens — whether a natural disaster or a financial one like a major data breach — scammers jump at the opportunity to take advantage of people’s fears and emotions to commit fraud and identity theft. On September 14, 2017, the Federal Trade Commission published a blog warning that scammers posing as Equifax employees are calling people asking them to verify account information.1
Yes, phone scams are still around, but email scams can gather just as much sensitive information — and potentially give a cybercriminal access to your computer.
Also known as a phishing scam, an email scam involves a scammer sending a seemingly legitimate email with a link to a fraudulent lookalike website built to steal information. Trusting victims who believe the email comes from their bank or other known business would then click on a link or enter sensitive information when prompted on the spoofed website. Doing so allows cybercriminals to capture passwords, Social Security numbers, credit card numbers, account data, and more.
So what should you do if you find yourself a victim of a scam? Follow these steps to help protect yourself and your identity.
1. Change passwords
If you’ve clicked the wrong link or provided personal information in response to a phishing scam, change your passwords immediately. This goes for email and other accounts, including bank account PINs. Create strong, complicated passwords with a combination of at least 10 numbers, letters, and symbols. Such passwords can be much more difficult for cybercriminals to crack.
2. Notify credit agencies
Contact credit bureaus as soon as possible, and let them know your account might have been compromised. No matter how your information may have been put at risk, it’s still important to go through traditional channels to place a fraud alert on your account until the issue has been resolved.
3. Contact credit card companies
Alert credit card companies and explain the situation. Your credit cards might not have been compromised yet, but if you fear unauthorized charges might be in your future, it’s essential to freeze or cancel your cards. Let your bank know what happened so they can further protect your credit.
4. Monitor financial accounts regularly
Review your bank and credit card accounts regularly to be sure no suspicious activity has taken place. You may also opt to leave the fraud alert and credit freeze in place for a while because stolen information can be held for a long time before being used.
Because monitoring your accounts may not always be enough, you might also consider subscribing to an identity theft protection service. LifeLock is one such service that can help protect your personal information by sending you alerts of suspicious activity, or if new accounts are opened with your Social Security number.†
5. Update your software
Make sure all your computer software is up to date, then run a comprehensive virus scan if you think your system might be infected with a virus or other malware from a fraudulent site.
Reporting and remediation
There are a number of resources available for reporting scams, including the FTC and the National Fraud Information Center. The NFIC reports fraudulent activity to the federal government and maintains detailed records of fraud incidents. They also provide links to contacts within your state that can assist you.
Other helpful resources
Better Business Bureau: The BBB makes it possible to alert others to what happened to you so they don’t fall for the same scams.
Internet Crime Complaint Center: The FBI and the National White Collar Crime Center run a site called the Internet Crime Complaint Center. It features many tips and other helpful information about avoiding email scams and what to do if you fall victim to one. The site also offers a link for filing a claim against a third party that stole your identity or attempted to.
National Consumer’s League: This site can help you file a consumer complaint and provides information about how to avoid fraud.
U.S. Department of Justice: The DOJ website allows you to file scam complaints. The site also features helpful tips and advice.
Stay vigilant by continuing to monitor your accounts and reviewing what to beware of in the future. The more proactive you are about phishing and other scams, the less likely you’ll be to fall victim again.
No one can prevent all identity theft.
† LifeLock does not monitor all transactions at all businesses.
1 Federal Trade Commission, “Equifax isn’t calling,” September 14, 2017.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.