306
top 50 comments
sorted by: hot top controversial new old
[-] AFKBRBChocolate@lemmy.world 142 points 6 months ago

Your morning will be going worse if you click that link.

[-] Coldgoron@lemmy.world 60 points 6 months ago

Haven’t clicked any link yet but it could be possible phishing. Maybe log into my legit discover account first.

[-] AFKBRBChocolate@lemmy.world 61 points 6 months ago* (last edited 6 months ago)

It is for sure phishing. Discover isn't going to send you an email like that. Even loading the graphics was a bad idea.

Edit: apparently I stand corrected. I've gotten security alerts from my credit card companies before, but never with a link like that, and never saying something like "dark web." Sorry to hear it

[-] mipadaitu@lemmy.world 89 points 6 months ago

It's not "for sure phishing" Discover does send emails like that. They have a service where they scan the internet for your personal information, and they sell you credit monitoring, and other stuff to reduce the impact.

Here's a screenshot of part of their website for this monitoring.

Of course it's ALWAYS a good idea to go to the website, and never click a link on an email from your financial institution, but I'm like 80% sure that this is a legit email.

Also, your SSN and other financial details have likely been compromised dozens of times, so just having your SSN floating around out there isn't surprising. It's a fault in the system for using an unsecured SSN as an identify instead of what it was initially used for.

[-] snooggums@midwest.social 33 points 6 months ago

It’s a fault in the system for using an unsecured SSN as an identify instead of what it was initially used for.

It is alao the fault of the government for not putting a halt to and punishing those corporations who decided to hijack SSNs and treat them as some kind of secret code.

[-] teft@lemmy.world 13 points 6 months ago

They'd have to start with the army. We used our social on everything as an identifier while I was in. I'd honestly be more surprised if my SSN wasn't compromised.

[-] snooggums@midwest.social 8 points 6 months ago

When i was in college in the 90s they used socials when they posted test scores.

One thing I noticed was that since it was a state college 90% of them started with the same 3 numbers because of how they issued SSNs.

[-] franzfurdinand@lemmy.world 3 points 6 months ago

I cannot imagine the shit fit that people would throw if we tried to implement a secure national identity number. Even the SSN got a lot of backlash for being "the mark of the beast", and that was introduced a little under a hundred years ago.

load more comments (1 replies)
[-] mipadaitu@lemmy.world 7 points 6 months ago

Oh great, I clicked too many of their links on their website and now I'm getting targeted ads for their "super special identity protection"

[-] Ginger666@lemmy.world 8 points 6 months ago

Imaging getting ads

[-] 18_24_61_b_17_17_4@lemmy.world 4 points 6 months ago

What is ads

load more comments (3 replies)
[-] AFKBRBChocolate@lemmy.world 3 points 6 months ago

Okay, I made an edit. Like I said there, the alerts I've gotten have never had links for the reasons you mentioned - they say things like "call the number on the back of your card."

[-] XeroxCool@lemmy.world 39 points 6 months ago

Discover offers monitoring. How are you so sure it's phishing? An abundance of caution and logging in directly is certainly a safe route to verify, but convincing OP this is phishing and that the graphics are risky is unnecessarily alarming

load more comments (1 replies)
[-] Coldgoron@lemmy.world 39 points 6 months ago* (last edited 6 months ago)

Sadly its legit...

Edit: It was the at&t data breach

[-] AFKBRBChocolate@lemmy.world 3 points 6 months ago

That sucks. I made an edit.

[-] TonyTonyChopper@mander.xyz 2 points 6 months ago

why does a phone company need your social security?

[-] Coldgoron@lemmy.world 3 points 6 months ago

I think I was with their service once a long time ago and I did an application to see if I could get a phone plus service package. This probably got my social in the process for credit score reasons.

[-] Artyom@lemm.ee 2 points 6 months ago
  1. They'll give you a $1000 phone under the guarantee of a 2-year contract. That can be considered a type of loan and they can repo the phone if you stop paying.
  2. If you stop paying monthly bills, they can only really force you to pay the balance if they have your SSN and can affect your credit score.

I'm not endorsing the practice of ruining people's chances of buying a home over unpaid phone bills, but it's a pretty good deal from AT&T's perspective.

load more comments (1 replies)
[-] AlphaAutist@lemmy.world 19 points 6 months ago

Are you sure? Discover does have free identity monitoring and I get emails every month saying whether they found anything or not. I have never gotten an email saying they found my ssn though so can’t say for sure if this is legit. Either way I would still check through the app or their website without opening the link.

[-] AFKBRBChocolate@lemmy.world 2 points 6 months ago

I made an edit - weird that their alert has a link.

[-] wander1236@sh.itjust.works 10 points 6 months ago

They absolutely do send emails like this. They've got a monitoring service if you have a credit card with them to check for data breaches, and most credit cards and even banks I've seen do the same. I just got my monthly monitoring update email this morning from Discover, thankfully telling me they didn't find anything.

[-] n1ck_n4m3@lemmy.world 69 points 6 months ago

I mean, let's be real -- 50% of the USA's SSN is on a dark web site due to the Equifax breach.

Freeze your credit, it's the only way to protect yourself. All of the ID protection services are just overpriced insurance and don't actually prevent ID theft.

[-] vanontom@lemmy.world 23 points 6 months ago

Yes. Just FYI: All three have free "freeze" option, hidden somewhere (probably thanks to federal law). They also have very similar paid option, which they heavily advertise; That's not the one. They do all require free accounts, but probably worth it to be able to freeze/unfreeze instantly online.

I just received "dark web" alert about SSN, phone, name, and email... that I only used at AT&T many years ago. So AT&T has definitely leaked our data as well. Add 'em to the list...

[-] possiblylinux127@lemmy.zip 6 points 6 months ago

Its probably closer to 80% or higher if you add in other breaches

[-] vk6flab@lemmy.radio 47 points 6 months ago* (last edited 6 months ago)

Ah, the Shared Security Number...

[-] Assman@sh.itjust.works 43 points 6 months ago

Equifax leak. Half of Americans' SSNs are on the dark web.

[-] doctordevice@lemmy.ca 6 points 6 months ago

Yep, I'm in the unlucky half. It's good practice anyway, but now I keep my credit frozen at all three credit bureaus unless I'm submitting an application. Doesn't stop all fraud, but stops most of the kind that can fuck up my credit.

[-] DrWeevilJammer@lemmy.ml 3 points 6 months ago

You may also want to freeze Lexis Nexis and Innovis as well - they buy and sell your data as well

[-] doctordevice@lemmy.ca 4 points 6 months ago

Fuck, I've never even heard of those. This whole system is garbage, how am I supposed to know how to protect myself from fraud when these companies just somehow automatically have authority to let thieves steal my identity? At the very least we should have a centralized government agency that you can issue a blanket freeze with. Better would be an actual proper ID system.

[-] lagomorphlecture@lemm.ee 4 points 6 months ago

That's only from one breach. I'd wager that at least 75% of our SSNs are out there since this is constantly happening.

[-] FiniteLooper@lemm.ee 3 points 6 months ago

I mean, it’s not like an SSN is secure at all. Add 1 to your SSN and that’s most likely a completely valid number for someone else

load more comments (2 replies)
load more comments (1 replies)
[-] ChaoticNeutralCzech@feddit.de 38 points 6 months ago* (last edited 6 months ago)

The dark web site that has your SSN: first.100,000,000.digits.of.pi.txt - Torrent Download

[-] SendMePhotos@lemmy.world 21 points 6 months ago

I found that my ssn was leaked because I got multiple attempts to take put credit loans. Incidentally, my middle initial is not I, but l. Joke's on them. Every time I see the incorrect middle initial, it's an easy way to tell.

Needless to say, my stuff has been locked for years and only unlocked when I need to take out a loan or open a new account which is extremely rare.

[-] XeroxCool@lemmy.world 21 points 6 months ago

Your info was probably already out there, somewhere. It's most likely in a massive list with thousands of others. It's still not great, but you're not being targeted. This is why it's important to freeze your credit with each bureau.

Just another reminder that using your SSN for ID verification purposes and acting like it's a secret code only you could ever know is a dumb fucking system. Even the "verify with your last 4 digits" is a dumb fucking system. If you have a date of birth and a decent idea of birthplace, you can take a pretty good guess about the first 5 digits because they're sequential from known blocks. It wasn't until about 20 years ago that the government randomized the first 5 to stop that.

[-] key@lemmy.keychat.org 18 points 6 months ago

Well get a lamp then, discover. Sheesh.

[-] wreckedcarzz@lemmy.world 17 points 6 months ago* (last edited 6 months ago)

This amuses me that it's talking about a "Dark Web site" while itself is a dark website.

Spiderman pointing at Spiderman meme

[-] RizzRustbolt@lemmy.world 13 points 6 months ago

By "found" they mean, "accidentally sold to".

[-] dohpaz42@lemmy.world 13 points 6 months ago* (last edited 6 months ago)

Eh, it’s probably been on the dark web for a while now given how frequent and massive data leaks have become. Worry more about unauthorized use/access to your credit and/or identity.

  1. Place freezes on your credit for Experian, TransUnion, and Equifax (it’s free)
  2. Lock any credit cards you don’t use regularly
  3. Pull your credit reports from each agency (you get one a year for free) and verify activity
  4. Enable balance notifications for your credit cards and bank accounts (eg, high transaction amount = $0.00 will alert you to every purchase made)
  5. Opt out of Data Brokers like LexusNexus
  6. Don’t use the same password for multiple websites. If you don’t already, use a password manager like KeePass and let it generate new passwords for you

It’s all about the diligence these days. Your morning should be fine. The worst thing you can receive is a high transaction amount alert you didn’t authorize. But card companies and banks have gotten good about dealing with those when they happen.

[-] localme@lemm.ee 2 points 6 months ago

The link you shared says only in specific circumstances can someone opt out of LexusNexus:

Opting out of LexisNexis can be more complex than removing your data from other people-search sites. To have your information taken down, you must meet specific criteria, and LexisNexis may request additional documentation:

  • Victim of identity theft: you need to provide a police report documenting the identity theft or similar documentation.
  • Law enforcement officers or public officials facing threats of severe bodily harm or death:** **you must submit a letter from their supervisor confirming the nature of their position and the threats.
  • At risk of physical harm but not in law enforcement: you'll need to submit a protective order from the court, a police report, or similar documentation.
[-] dohpaz42@lemmy.world 2 points 6 months ago

I believe that the wording is awkward in that you will need additional information if you’re one of the three listed criteria. If you’re just removing it from public view, you only need to provide your name, address, phone and social security number.

load more comments (1 replies)
[-] snooggums@midwest.social 4 points 6 months ago

I would be surprised if anyone's SSN isn't on a dark web site. Being combined with other personal data is a problem, although the biggest problem is that credit companies treat easily found information as secret and let criminals easily impersonate people by knowing those few easily shared pieces of information without some kind of real security or easy way for people to contest fraud.

[-] assassinatedbyCIA@lemmy.world 4 points 6 months ago

But my nuclear attack sub should be hidden in the depths off the gulf of guinea. How did it end up on the dark net?

[-] SkybreakerEngineer@lemmy.world 3 points 6 months ago

Someone published all the hull numbers on Wikipedia

load more comments (1 replies)
[-] Digital_man@lemmy.one 3 points 6 months ago

First time?

[-] pmmeyourtits@ani.social 3 points 6 months ago

First time?

[-] possiblylinux127@lemmy.zip 3 points 6 months ago* (last edited 6 months ago)

Not surprising. I am thinking about creating a foss self hosted scrapper that detects breaches

I probably won't though

[-] _thebrain_@sh.itjust.works 3 points 6 months ago

It's not great but it's not really world ending. About a year ago someone filed for unemployment in bot my wife's name and my name. Which came as a shock to my employer as I was was still happily at work. I work for a small mom-n-pop store, my wife works at a mega corporation. She caries insurance etc and one of her companies providers had a leak of ssn and other personal information. We both locked our credit and signed up for a protection pin for filing taxes. We reported to the local unemployment office that they were fraudulent claims. I look back and realized we probably should have locked our credit long ago and got tax pins as well, just for the security side of things.

The funny thing is my employer brought it to my attention. My wife's employer didn't even notice and was getting ready to pay the claim even tho she was still working there as the system is all automated in her company. Eventually it came out about the leak and they are providing 5 years of credit monitoring for free.

load more comments
view more: next ›
this post was submitted on 16 Apr 2024
306 points (95.0% liked)

Mildly Infuriating

35433 readers
278 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...


8. Reposting of Reddit content is permitted, try to credit the OC.


-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 1 year ago
MODERATORS