I don’t trust any email I receive — even when it’s coming from someone I know.
In a 2019 complaint, the Federal Trade Commission alleged that Equifax had failed to make a patch in its network after being alerted to the security vulnerability.
Equifax, without admitting guilt, agreed that year to a settlement with the FTC, the Consumer Financial Protection Bureau and 50 states and territories. Part of that settlement was providing credit monitoring.
Because of appeals, the settlement was not finalized until last month. Now millions of people who filed a claim are getting an email from the settlement administrator asking them to sign up for free credit monitoring for four years, which covers their files at all three credit bureaus — Equifax, Experian and TransUnion.
Let me tell you how this breach and so many others have affected my life. I’m sure you can sympathize, because no amount of free credit monitoring is going to make up for the incessant scam and sham telephone calls, text messages and emails.
I regularly get calls to extend the manufacturer’s car warranty I never had, or I receive intimidating voice-mail messages that the IRS is going to have me arrested for an overdue tax bill I don’t owe.
Then there are the aggravating phishing emails — hundreds every week. It’s like playing whack-a-mole at a carnival. You delete them, but more keep popping into your inbox.
I don’t believe for a second some clinical research project is going to pay me up to $1,125. I don’t need a cheap cure for erectile dysfunction. UPS isn’t trying to reach me. Samsung, Lowe’s, Dollar General and Apple are not giving me $90.
And AOL/Verizon is not updating my email account. This last one is a con, and it’s snaring a lot of victims.
Recently, I received an email from a friend. It said, “I hope you’re good, do you order from Amazon?”
I responded by asking how her new job was coming.
Then came this request: “I’ve been trying to purchase a $250 Amazon E-Gift card by email, but it says they are having issues charging my card. I contacted my bank and they told me it would take a couple of days to get it sorted. I intend to buy it for my friend whose birthday is today. Can you purchase it from your end for me, I’ll refund it to you once my bank sorts the issue out, I promise.”
My frugal friend would never make such a request. I knew it was a scam. But here’s the problem, the email address was legit. There were no misspellings to give away the criminal. Turns out, my friend had thought the email from AOL/Verizon was real. In a security slip, she clicked on a link and provided key log-in information, and the crook ultimately took over her email account and sent out dozens of emails asking for money. At least four of her acquaintances jumped to help and, in total, they lost $1,000.
This invasion of your private email inbox and the phone calls that force you to screen everyone are in part due to massive corporate data breaches. Our personal information is so compromised that it’s exasperating trying to play detective and figure out what’s authentic.
It’s ironic that the email offering protection because of the Equifax breach is so suspect that I’m sure many people will ignore it, as I almost did.
And to add insult to our privacy injury, to sign up for the credit monitoring service, being offered by competitor Experian IdentityWorks, you have to provide the very information that was stolen from Equifax.
So, should you sign up?
The answer falls in the category of “whatever.”
Even with credit monitoring, your information can still be used by identity thieves. The notices you get as part of a credit monitoring service are after the fact — after something suspicious or fraudulent might have happened. The only thing we have left is to try to catch an identity thief before too much damage is done.
Still, you have to take whatever precautions you can. With your personal information, identity thieves can do a lot of financial harm. They can trick you into giving them access to your bank account, or persuade you to send them money via gift cards to avoid the suspension of your Social Security number. (It’s a lie.) They can even get medical treatment using your health insurance information, leaving you with the bill.
Here’s something else that is likely to happen. The scammers follow the news, too. You will probably get fake emails and phone calls about the Equifax breach and the identity protection being offered. So, read the following carefully:
— The email should have the following address: email@example.com. Triple-check this before responding or clicking any links.
— The website to claim the free daily credit monitoring is at experianidworks.com/equifaxsettlement. To get the service, you will have to enter the activation code in the email you received from the settlement administrator. You can also call Experian at 1-877-251-5822. You must use the activation code by June 27.
— If any call or correspondence via text or email says you have to pay anything, it’s 100 percent a scam. This service is free for you. You do not need to provide any payment information to enroll, and you do not need to cancel the service when it ends.
— You will not get a call about the settlement, the FTC points out. However, you can reach the Equifax settlement administrator at 1-833-759-2982.
— If you want to know more about the breach, go to equifaxbreachsettlement.com.
Think of this identity protection being offered as you would a sturdy umbrella you might use doing a heavy rainstorm. It gives you some coverage, but you can still get wet.