The United States Department of Homeland Security (DHS) Officer of Inspector General (OIG) issued a fraud alert to warn citizens of reports that the DHS OIG Hotline telephone number has been used recently as part of a telephone scam which has targeted individuals across the country.
Victims have reported phone calls from people claiming to be employees with “U.S. Immigration” who demand personal, private data through various tactics which have included telling individuals they are a victim of identity theft. These perpetrators altered caller ID to make it appear that the call is coming from the DHS OIG Hotline number (1-800-323-8603).
The DHS OIG is currently investigating the situation, but issued a reminder to the public that they never use the Hotline number to make outgoing calls. The phone line itself is used only to receive information from the public and therefore, no individual should answer a call coming from the 1-800 number.
Individuals who have received suspicious calls from this number or other individuals claiming to be employees with “U.S. Immigration” or the USCIS (who do not make phone calls to foreign nationals) are encouraged to file a complaint online via the DHS OIG website. In addition, individuals may also contact the Federal Trade Commission to file a complaint or to report identity theft.
How Can You Stay Secure?
Understanding that the USCIS does not and will not contact a foreign national directly to solicit personal, identifiable information is key; however, in order to keep yourself or your foreign national employee safe, it is important to understand how to protect sensitive employee data.
In addition to understanding the policies and procedures of the USCIS, individuals must also be aware that exchanging sensitive employee data must be done in a secure manner or the risk of that information being obtained by a third party increases dramatically. If you’re uncertain if your immigration provider is using a secure system, here are some questions you should ask – and the responses you should be looking for:
What is the physical security for your office? If you store paper files for all your employees, how secure is the building?
Our buildings are only accessible through a security professional and the filing cabinets are locked.
Do you use removable storage, jump drives, external hard drives?
Removable storage is regulated heavily and are read-only.
Do you have VPN security? If so, what level?
Two-factor authentication is used for all confidential materials.
How do you share information and documents with your provider?
Not only are PDFs password protected, but passwords are secure and not stored where they’re easily accessible.
Do you send or receive email documents from your law firm?
Beware of phishing scams where the email body, sender’s name and partial email may look like your attorney because it may not be from your attorney at all. Review complete email addresses and avoid sending confidential information. If you must, protect the attachments you send with a password.
Do you upload your documents to your law firm’s web portal?
Ask your law firm to enable multi-factor authentication on their portal. Phishing web pages look identical to your law firm’s portal with a similar URL and ask you to enter an ID and password. Once you enter your ID and password, they now have access to all of your confidential information that has been exchanged with the law firm.
To see a full list of all questions you should be asking your immigration services provider, please download our Security Checklist guide here.
The post Department of Homeland Security Warns of Potential Telephone Scam appeared first on Envoy.