So you fell prey to a scam: 5 steps to take when your personal information is compromised
This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.
Editor’s note: This article has been updated with additional information.
These days, most of us know a thing or two about avoiding scams. We scoff at emails from foreign princes soliciting Western Union money transfers — if the messages even make it through our spam filters, of course — and even our phones can detect if an incoming call from an unknown number is probably spam, telemarketing or, more specifically, a likely scam.
Yet scams and schemes have also become more sophisticated — and are on the rise as travelers begin to return to the skies. A few years ago, it took me several minutes to realize the Chinese-speaking caller on the other end wasn’t actually calling from FedEx with a package from my mother in Taiwan. And when I Google “pay car registration online,” the first few links don’t go to my county tax office website; they all go to third-party agencies eager to “help” me pay my dues for a generous fee.
If you’ve fallen prey to a scam lately, don’t be embarrassed: You’re not alone. “Identity theft is not one of those things that ‘happens to someone else,'” Michael Bruemmer, Experian’s VP of consumer protection, told TPG.
The Federal Trade Commission (FTC) received more than 3.2 million scam reports submitted to the Customer Sentinel Network in 2019 alone. Imposter scams are at the top of the fraud report list, according to the FTC, accounting for more than $667 million stolen from consumers.
One scheme targeting travelers, in particular, is the Global Entry enrollment scam. In April 2019, the Better Business Bureau (BBB) reported the agency’s ScamTracker website had received multiple accounts of “misleading websites that fool people into handing over money and sensitive personal information.”
How the Global Entry scam works
You search for the Global Entry application online, according to the BBB, and the official U.S. Customs and Border Protection (CBP) website appears — as does another website that’s built specifically to imitate the official page.
If you follow that imposter link, you’re brought to a third-party company that offers to complete all the requisite paperwork on your behalf — just provide your personal information, such as your full name, passport number and home address. You’ll be prompted to pay the standard $100 government fee, plus an additional fee for the service.
What’s just happened? According to the BBB, “scammers have tricked you into paying extra money to complete the form on the official government website. Also, they now have access to your personal information and credit card details.”
Curious, I tested this Google search for myself. Here are my results for “renew Global Entry“:
You’ll see that the Google search box shows me a preview of the steps I need to take, straight from the official CBP website. The very first link at the top, however, goes to an ad for a third-party site with all the right buzzwords.
In incognito mode, which doesn’t take into account the hundreds of travel sites I search every day, the official CPB page under “Global Entry enroll” appears even lower down the page beneath two ads with very legitimate-sounding URLs:
But none of these companies are CBP-approved.
In April of 2019, C Boarding Group did a bit of sleuthing and discovered that the listed address for one of these so-called “expediting agencies” actually went to a shady-looking warehouse in Houston, according to Google Maps.
“There is only one Trusted Traveler Programs website,” a CBP spokesperson told TPG. “Third-party companies that charge fees to process Trusted Traveler Program applications are not endorsed by, associated with or affiliated in any way with U.S. Customs and Border Protection or the U.S. government.”
What to do if you’ve been scammed
A reader reached out to TPG for guidance after falling prey to one such site, wondering what next steps they should take to avoid having their personal and financial information further compromised.
“How bad is this, really?” the reader asked, explaining how they’d applied for Global Entry through a third-party site.
Unfortunately, it’s always bad news when your credit card details, home address and personal information such as full name, date of birth, driver’s license number and passport information have all been compromised.
“You have just opened up the gateway to becoming a victim of identity crime,” said Eva Velasquez, president and CEO of Identity Theft Resource Center, who suggests people such as this TPG reader act quickly if they accidentally give out personal information on a suspicious website.
Even if nothing happens to your data immediately, it’s no fun finding out the hard way that unscrupulous strangers have so much access to your private information. “A passport in the wrong hands could lead to various forms of fraud,” security awareness expert and Safr.Me CEO Robert Siciliano told TPG.
And just because data breaches are widely prevalent doesn’t mean the risks are mitigated in any way. “Recovering from identity theft can be a long and frustrating struggle,” said Michael Bruemmer, Experian’s VP of consumer protection. “Many people think it can only happen once, or that risks fluctuate. To the contrary, identity theft often carries with it lifelong consequences.”
The good news? A few simple safety steps can reduce the risk of identity theft, and help current victims monitor for possible fraud. Victims can do damage control by reporting financial and identification documents stolen; keeping a close eye on physical security at their homes; and subscribing to online data reports.
Security experts suggest taking certain following steps when your personal information is compromised:
1. Report your credit card as stolen
Block any subsequent transactions and request a new card with different numbers. (If you have a credit card with a “pause button“, this is a good time to use that feature.)
2. Lock down your credit file
Secure your credit file with all three major consumer credit bureaus until your card has been reissued. (Note that a credit lock is not the same thing as a credit freeze, which takes longer to lift than a temporary lock.)
3. Sign up for online notifications
Subscribe to text or email alerts so you’re warned each time your credit card is used for a transaction. Monitor your credit reports for suspicious activity, and immediately report anything out of the ordinary. And if your home address has been compromised, a good security system will help give you peace of mind, especially if you go with a system that syncs with your phone or sends digital alerts.
4. Monitor your email
If your email address was compromised, stay alert for various forms of phishing emails, and avoid clicking any suspicious links.
5. Report the scam
If you feel uncertain about managing the process yourself, you can call on the experts for help. Advisors at the Identity Theft Resource Center offer free guidance over the phone, Velasquez said, “including who you need to call [and] what you need to say. [They] will help you create an action plan that is best for you.”
Ultimately, the best protection against future scams is a strong, proactive approach.
“Consumers should be aware of the true risk, especially as the risk increases, and do what they can to reduce their vulnerability,” Bruemmer told TPG. “Taking steps to safeguard personal, sensitive information can protect against identity theft and keeping an eye on one’s financial accounts can mitigate or even stop fraud.”
The one thing you don’t want to do, according to Bruemmer? Get overwhelmed and pretend nothing has happened. “Doing nothing only makes it easier for thieves to claim even more victims.”
Featured image by PeopleImages / Getty Images.
Welcome to The Points Guy!
Earn 90,000 bonus miles after you spend $3,000 in purchases on your new Card in your first 3 months. Offer ends 8/3/2022.
With Status Boost™, earn 10,000 Medallion Qualification Miles (MQMs) after you spend $25,000 in purchases on your Card in a calendar year, up to two times per year getting you closer to Medallion Status. Earn 3X Miles on Delta purchases and purchases made directly with hotels, 2X Miles at restaurants and at U.S. supermarkets and earn 1X Mile on all other eligible purchases. Terms Apply.
- Limited Time Offer: Earn 90,000 bonus miles after you spend $3,000 in purchases on your new Card in your first 3 months. Offer ends 8/3/2022.
- Earn up to 20,000 Medallion® Qualification Miles (MQMs) with Status Boost® per year. After you spend $25,000 in purchases on your Card in a calendar year, you can earn 10,000 MQMs up to two times per year, getting you closer to Medallion® Status. MQMs are used to determine Medallion® Status and are different than miles you earn toward flights.
- Earn 3X Miles on Delta purchases and purchases made directly with hotels.
- Earn 2X Miles at restaurants worldwide including takeout and delivery in the U.S., and at U.S. supermarkets.
- Earn 1X Miles on all other eligible purchases.
- Receive a Domestic Main Cabin round-trip companion certificate each year upon renewal of your Card. Payment of the government imposed taxes and fees of no more than $80 for roundtrip domestic flights (for itineraries with up to four flight segments) is required. Baggage charges and other restrictions apply. See terms and conditions for details.
- Enjoy your first checked bag free on Delta flights.
- Fee Credit for Global Entry or TSA PreCheck® after you apply through any Authorized Enrollment Provider. If approved for Global Entry, at no additional charge, you will receive access to TSA PreCheck.
- Enjoy an exclusive rate of $39 per person per visit to enter the Delta Sky Club® for you and up to two guests when traveling on a Delta flight.
- No Foreign Transaction Fees.
- $250 Annual Fee.
- Terms Apply.
- See Rates & Fees