Published: August 20, 2024 on our newsletter Security Fraud News & Alerts Newsletter.
Recently, the Social Security Administration (SSA) sent emails to their account holders with news about a big change. That is, there’s a new way to login to SSA accounts that will be mandatory in the future. Concerned recipients suspected the email was a scam, but the SSA says the email is legitimate. Here’s what you need to know about this not-a-scam email.
It's Not A Scam
The email informs SS recipients with a “My Social Security” account they’ll have to move to a new website called “Login.gov” and create an account there. It may not sound like a big deal but for many recipients, it’s a big deal about trust. With email scams everywhere about everything, being skeptical about an email, especially one having to do with a change to an account, is cyber-smart.
When Change Is Good
The SSA’s change to the new website is for customers who signed up for “my Social Security” before September 18, 2021. In a press release, the SSA says the goal of their new site is “…making the changes to simplify the sign-in experience and align with federal authentication standards while providing safe and secure access to online services.” In other words, Login.gov is more secure and easier to use—and that’s a very good change.
Unlike the IRS which initiates communication solely by mail, the SSA reminds account holders about their own methods. For business purposes, they correspond by email, telephone, and mail, and that’s a good thing to keep in mind.
Website Precautions
Suspicion is a necessary precaution with emails, especially with those you’re not expecting. Being absolutely sure the sender is whom they claim to be is fundamental when navigating through a jam-packed inbox. So, those skeptics were 100% correct to be skeptical!
Always beware of unfamiliar senders, especially when the email pushes you to act quickly—exactly what the hacker wants. Carefully check the URL/website address to make sure the URL is spelled correctly. Hackers will change a letter in an organization’s name (Amazon vs Amazom), and that small change can take you to a duplicate website setup to steal your information.
And if you do suspect a letter or message is not on the up-and-up, contact the sender using independent means. In other words, don’t hit that reply button or call using a number provided in the communication you received.
Navigating the real from the fake can be challenging for sure, so don’t hesitate to trust your instincts. If you have a second of hesitation about an email, remember, it’s better deleted than trusted.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com
Comments