[FRIAM] Advice sought: data compromise

Roger Critchlow rec at elf.org
Sun Aug 14 17:04:07 EDT 2022 

I got a "data security incident notification" in the mail from the
"Professional Finance Company, Inc." of Livonia, Michigan that offered
me an account with "Cyberscout" to monitor my online credit.  That sounded
so sketchy, that I ignored it.  It turns out to be entirely true, one of
the largest data incidents of the year.  Still doesn't validate the
url's that the mail encourages me to use, but that is the real name of a
real medical debt collection agency that really lost millions of client
records.

-- rec --


On Sat, Aug 13, 2022 at 8:49 PM Gillian Densmore <gil.densmore at gmail.com>
wrote:

> Nick, scan Call your Doctor in the morning to double check. Alas Ma'man.
> Scammers tend to target people about your  uh mmpf. Uh 'stage of life'.
> "local health care provider" or any other generic name is instant redflag
> for scam. Just to be sure ping your doctor.
> A data leak wouldn't hit just you. And you'd be reading on the news how
> poodlesec, or Anonymous goatsed some a database. A vague email or call is a
> scam.
> I get a a lot of scam and spam calls, if something sounds like
> Bull(removed at someones request) smells like, etc probably is. Don't over
> thing it and trust your gut.
> I get sus af emails and calls, sometimes claiming to be from tmobile. I
> just check the web or my account or w/e from time to time.
>
> On Fri, Aug 12, 2022 at 8:01 AM glen <gepropella at gmail.com> wrote:
>
>> And consider putting a temporary lock on your credit. It should be free
>> with any of the 3 big credit reporting agencies. I used equifax <
>> https://www.equifax.com/personal/products/credit/credit-lock-alert/>
>> when my info was leaked. The lock simply means you (or anyone impersonating
>> you) has to jump through a few more hoops to get a loan or whatever.
>>
>> On 8/12/22 06:53, Steve Smith wrote:
>> > Nick -
>> >
>> > If I understand your story correctly, I would start by verifying the
>> "local health care company".  If they are someone you do business with,
>> then you can contact them otherwise through "normal" channels (not
>> website/e-mail) that you already trust (you do business with them
>> already?)   It is not good practice for *them* to be directing you to a
>> third-party "monitoring" site in they way they seem to be.   If you do NOT
>> do business with them already then it is almost assuredly a phishing
>> attempt.  Or maybe more appropriately a "phlushing" attempt... what
>> predators do to try to get prey to panic and expose themselves so they can
>> pounce and/or run you to ground.
>> >
>> > Hope your summer is going well otherwise!
>> >
>> > - Steve
>> >
>> >
>> > On 8/12/22 4:12 AM, David Eric Smith wrote:
>> >> Yes, Nick,
>> >>
>> >> Stay in your cage of distrust.  I will be very surprised if you
>> ultimately determine that this _wasn’t_ a scam.  Maybe even add a bar or
>> two to your cage walls: I would generally not log into a link received in
>> an email, if there weren’t some way I could initiate the contact with a
>> known company through some website that the various certifiers think is
>> theirs.
>> >>
>> >> Eric
>> >>
>> >>
>> >>
>> >>> On Aug 12, 2022, at 10:24 AM, <thompnickson2 at gmail.com> <
>> thompnickson2 at gmail.com> wrote:
>> >>>
>> >>> Hi, everybody,
>> >>> Sorry for  the bother.
>> >>> A local health care company writes me to say they have compromised
>> all my identity data, and offers to pay for “Kroll Monitoring Services”,
>> giving me an ID number with which to log into their site.  When I do this,
>> the site fills in my correct address and last name but an incorrect first
>> name, and asks me to enter all my identity data.  At this point, I begin to
>> contemplate that the notice itself may be a fraud.  I eventually find Kroll
>> on the web, but it wasn’t all that easy.  None of the sites that evaluate
>> credit monitoring services has it.  How do I extricate myself from my cage
>> of distrust?
>> >>> Nick
>> >>> Nick Thompson
>> >>> ThompNickSon2 at gmail.com
>>
>> --
>> ꙮ Mɥǝu ǝlǝdɥɐuʇs ɟᴉƃɥʇ' ʇɥǝ ƃɹɐss snɟɟǝɹs˙ ꙮ
>>
>> -. --- - / ...- .- .-.. .. -.. / -- --- .-. ... . / -.-. --- -.. .
>> FRIAM Applied Complexity Group listserv
>> Fridays 9a-12p Friday St. Johns Cafe   /   Thursdays 9a-12p Zoom
>> https://bit.ly/virtualfriam
>> to (un)subscribe http://redfish.com/mailman/listinfo/friam_redfish.com
>> FRIAM-COMIC http://friam-comic.blogspot.com/
>> archives:  5/2017 thru present
>> https://redfish.com/pipermail/friam_redfish.com/
>>   1/2003 thru 6/2021  http://friam.383.s1.nabble.com/
>>
> -. --- - / ...- .- .-.. .. -.. / -- --- .-. ... . / -.-. --- -.. .
> FRIAM Applied Complexity Group listserv
> Fridays 9a-12p Friday St. Johns Cafe   /   Thursdays 9a-12p Zoom
> https://bit.ly/virtualfriam
> to (un)subscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/
> archives:  5/2017 thru present
> https://redfish.com/pipermail/friam_redfish.com/
>   1/2003 thru 6/2021  http://friam.383.s1.nabble.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20220814/b0228324/attachment.html>

More information about the Friam mailing list