Last night my sister called me in a panic. She got a call from a “usbank” claiming that they managed security for her credit union on weekends (first 🚩). They listed off her SSN and other credit information to prove to her they were real. I wasn’t there so I couldn’t tell her that this was another major red flag. She gave them her banks account number. My other family members were there and called her credit union to check. The real bank walked her through what to do.

She didn’t lose any money but came scary close to it. I’ve had her freeze her credit. Put up a alert on her credit. Changed all her passwords (saved in 1password). Set up token based authentication and I’m trying to convince her to use Google voice for sms 2fa.

Should she even bother with dark web monitoring or anything like that?

Edit: phone number used by scammers: 12104170000 I don’t believe this is their actual number. It was likely spoofed. Be cautious before trying to scambait it

  • Broom2101@feddit.ch
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Thx for stating your opinion. Sorry for being unclear. reuse = use same passwords in different accounts; schemes = password patterns with some reused portions.

    • Evoke3626@lemmy.fmhy.ml
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I understand entirely now what you meant, the phrase I haven’t heard before!

      In that case though, I’d say, with schemes yes definitely, as you’re more at a disadvantage because you follow a pattern, vs not doing so and having a unique password ( and ideally a unique username/ email for every account! Use a email forwarding service like simple login!)