By Yuka Hayashi
WASHINGTON -- Scams aiming to steal people's Social Security numbers have proliferated this year, adding to worries about identity theft created by this week's hack at Capital One Financial Corp. and other high-profile data breaches.
Federal data show scams targeting Social Security numbers have become one of the most common scams so far this year, overtaking attempted data thefts involving fake Internal Revenue Service claims. In many instances, perpetrators impersonating employees of the Social Security Administration try to get people to reveal Social Security numbers by telling them their information was compromised or used in suspicious or criminal activities.
The Federal Trade Commission said such scams were virtually nonexistent until a few years ago. The commission has so far this year received nearly 73,000 consumer complaints involving Social Security Administration impostors, with reported consumer losses of $16.94 million. That compares with 39,119 complaints for all of 2018 year and 3,065 for 2017. So far this year, complaints over IRS impostor scams totaled 4,901 for a total financial loss of $1.21 million.
While the data breach at Capital One and a 2017 breach at Equifax Inc. resulted in the theft of the Social Security numbers for many consumers, experts say people impersonating government employees don't usually have their targets' personal information. Rather, they try to trick people into revealing their Social Security numbers to create fake identities and apply for credit cards or other financial transactions.
The scammers often get people to withdraw money from the bank and to store it on gift cards to "keep it safe," and then try to steal the money, the FTC said. Many of the calls come from overseas, with scammers often using caller ID from what appears to be the Social Security Administration and phone numbers that are similar to the agency's.
"The Social Security Administration does not seize your accounts," said Monica Vaca, associate director of the FTC's consumer response and operations division. "They do not deactivate your Social Security numbers. They certainly don't charge a fee for reactivating them."
Experts say the identity of the scammers isn't known but point to similarities with telephone fraud schemes based overseas. Last year, U.S. authorities took action against an India-based fraud operation that allegedly bilked "hundreds of millions of dollars" from consumers by impersonating tax and immigration officials.
Capital One said Monday that information of roughly 106 million card customers and applicants was exposed in one of the largest data breaches at a U.S. bank. The breach compromised about 140,000 Social Security numbers and 80,000 bank account numbers, as well as some customers' credit scores, payment histories and credit limits. The hack follows a recent settlement of up to $700 million for investigations into Equifax's 2017 data breach, which resulted in the exposure of Social Security numbers and other personal data of nearly 150 million Americans.
Government officials and financial experts say consumers should never give Social Security numbers or other personal information to unknown individuals who contact them. To ensure Social Security numbers aren't used for criminal purposes, consumers should consider freezing credit files, regardless of whether their numbers have been compromised. Thanks to a law enacted last year, consumers may freeze and unfreeze their credit files without charge by filing requests with three credit-reporting companies: Equifax, Experian Information Solutions Inc. and TransUnion LLC.
"The Social Security number is your financial DNA," said Adam Garber of U.S. PIRG, a consumer group. "That's how we track you to approve mortgages, auto loans and credit cards. Freeze your credit immediately to help protect your finances."
Write to Yuka Hayashi at email@example.com