Mar 12, 2018

Quite Rare?

     From the Cleveland Plain Dealer:
Q: Last month I received a letter from Social Security telling me how to access the online account I had just established. The letter also told me to dial an 800 number or visit a Social Security office if I had not opened such an account. Two days later I received a second letter about my change of address request.
I had done neither of these, so I went to the Akron Social Security office. The people there were friendly and professional. They deleted the online account and disallowed the change to a San Diego address. They also told me that my direct-deposit bank information had not been compromised.
I asked whether it would be a good idea to open a legitimate online account and they helped me do so.
Two things they were vague about: How did the scammer get my information and what could he or she accomplish with the bogus account. They also were unsure as to whether Social Security Administration would pursue this matter further.
The 800 number in the letter is answered by a robot receptionist and it could not respond to my statement, "I did not open an online account." This motivated me to drive to Akron.
D.S., Hudson
A: It's a good thing --  a really good thing -- you didn't ignore that letter. I talked to the Social Security Administration about your problem. They said that, fortunately, near disasters like what you encountered don't happen often.
"Our anti-fraud activities identify attempts and make the type of activity you are asking about very rare," said Doug Nguyen, regional spokesman for the Social Security Administration. "The agency employs a multi-faceted approach towards fraud prevention and regularly performs data analytics against (legitimate) transactions to identify anomalous activity and take action." ...

6 comments:

Anonymous said...

Equifax breach maybe???

Anonymous said...

I had the same exact situation happen to a family member, so it obviously is more than just a "rare" situation. I later tried to open my own online account and couldn't because it said answers to my questions were wrong. Ironically, the person who opened the fraudulent account for my family member, did not encounter the problem I had opening a legitimate account for myself.

Anonymous said...

In the past, SSA has encouraged people to open an online account even if they are not going to use it. Having someone steal your identity and establish an account, as was done in the story, is the most common fraud that occurs; which can be prevented by opening an account which then cannot be accessed by someone unless they compromise your identity and password.

Anonymous said...

Your identity can be stolen any number of ways and that has nothing to do with SSA.

@2:35 - you may want to dig a little deeper concerning your identity to be sure there aren't accounts floating around that you don't know about. If they were able to open a My SSA account they can open other accounts. The SSA office was vague because they truly had no idea how a hacker got your PII, it has nothing to do with SSA. Target and Wells Fargo are two examples that instantly come to mind but how many data breaches have occurred that we don’t even know about is anyone’s guess. What they would attempt to accomplish with your account is to redirect all of your funds to their bank account, that would be the ultimate goal.

@3:05 - Originally I was holding off on opening an account. I figured I would let them take a big hit with a breach before I created an account. Let them shore things up a bit before jumping on the bandwagon. Some time later I was convinced to open an account before someone decided to open one for me.

I've been involved in 5 breaches of PII data that I know of and had to fight identity theft once so far. If you haven't had to fight identity theft yet, expect to have quite a fight on your hands, it's all about guilty until proven innocent.

The bottom line: if you haven't already done so, I would recommend opening a My SSA account before someone does so for you.

Anonymous said...

Enable Two Factor Authentication. They currently have a primitive version but still very good to have. You know, don’t be the low hanging fruit.

Anonymous said...

Or, block access - there is an option to do that.

To close one additional back door, people receiving benefits can ask that an auto enrollment fraud block be placed on their record once your direct deposit is set to prevent unauthorized changes.

It is not widely known by many, but you can walk into just about any bank and they can change your direct deposit for you by submitting the request directly through the Treasury Department, bypassing SSA. An auto enrollment block prevents this from happening.