INDIANAPOLIS— The Federal Trade Commission issued a warning this week regarding emails claiming your information is being sold on the dark web.
The emails may list the “stolen” information, like your Social Security number, date of birth, and driver’s license number.
The FTC says if you receive one of these emails, you need to take steps to help protect yourself against financial loss from identity theft.
“The agency is concerned because we’ve received reports of consumers receiving emails saying their personal information has been exposed on the dark web,” said Kelle Slaughter, the FTC’s Identity Theft Program Manager.
Slaughter said the emails could be legitimate.
“There are a lot of people who have signed up for monitoring services, and some services can detect things on the dark web and will send alerts to people,” said Slaughter.
However, the emails could also be a scam or contain phishing links that could compromise your personal information.
“These emails may contain links and people may be subject to click them which could download malware, and compromise personal information on their computers,” said Slaughter.
If you receive one of these dark web emails, do not click any of the links in the email.
“In fact, what you want to do is take steps as if this were a real warning to you,” said Slaughter. “You want to change your passwords to your emails and check your credit reports that nothing is on there that you didn’t already know about.”
If you receive one of these emails, please report it at ReportFraud.ftc.gov.
TIPS FROM THE FEDERAL TRADE COMMISSION:
Don’t click a link or use a phone number in the message. It could be a “phishing” email, designed to trick you into disclosing sensitive information to scammers. If you think the message is legit — for example, if you have a credit monitoring service or a credit card with a company that monitors the dark web — contact the company using a website or phone number that you know is real.
Change your passwords to secure your accounts. Start by changing the passwords on your email accounts. Email accounts often are the weak link in online security because password resets for other accounts go to your email. If your email account password has become known, then an identity thief can log into your account and intercept your password reset emails.
- Pro tip: When setting up new passwords, consider using a password manager. Free ones are built into most browsers and will automatically create passwords that are hard to guess. Be sure to use different passwords for each account and, if the account offers multifactor authentication, use it for added security.
Check your credit reports. After securing your accounts, make sure nobody has opened new accounts using your information. Visit AnnualCreditReport.com to get an annual free credit report from each of the three nationwide credit bureaus, Equifax, Experian, and TransUnion. Through December 2023, you can get a free credit report every week from each of them on the website. If you find an account or transaction you don’t recognize, visit IdentityTheft.gov to report the identity theft and get a personal recovery plan.
Consider freezing your credit. A credit freeze, also known as a security freeze, is free to place and remove and is the best way to protect against an identity thief opening new accounts in your name. Alternatively, place a free fraud alert on your credit to make it more difficult for an identity thief to get new credit in your name.