A Dark Place

Sonja Haggert

WHERE WOULD WE BE without the internet, social media, and our smartphones and smartwatches? Can you remember a time when you couldn’t look up the answer to a trivia question at a cocktail party? I love answering the phone on my watch. It takes me back to Dick Tracy.

There I was, going along happily in my online universe—until I got an email from McAfee’s identity theft protection service alerting me that my phone number had been found on the dark web. I got the McAfee service courtesy of T-Mobile, my wireless provider, after its data breach. What ensued was an onslaught of spam. Some of the texts were ridiculous, others almost believable.

As if that wasn’t disturbing enough, not long afterward, McAfee alerted me that my Social Security and driver’s license numbers were also purportedly found on the dark web. My initial reaction was panic.

I went to McAfee’s website and did everything it told me to do. Because my phone number had been found on the dark web, it said to be on the lookout for suspicious calls and to contact my phone carrier if they got out of hand. Changing my phone number was recommended only as a last resort. The website also suggested that I:

  • Put my name on the National Do Not Call Registry. I was already on it.
  • Check my credit reports. Done. I do this continuously.
  • Check all financial accounts. I also do this continuously.

I knew that last year the Federal Communications Commission had started requiring large telecom companies to adopt a technical protocol known as STIR/SHAKEN. This requires that calls must originate from the phone number that appears on your phone. I’ve seen the robocalls I receive fall sharply because of this requirement, so I felt this would also happen with the unwanted texts I was getting. Sure enough, after the initial flurry of spam texts, they seem to have leveled off. I’ve taken to making a copy of unwanted texts, sending them to 7726 (SPAM) and blocking their numbers.

Meanwhile, because my driver’s license number had been found on the dark web, the security site suggested contacting the Department of Motor Vehicles, and also checking my credit reports and financial accounts. Regarding my Social Security number, the site suggested I call the Social Security Administration directly.

Before doing so, I decided to go to McAfee’s website for more information. Surprise: The information in its scary report about the dark web wasn’t mine. The data, driver’s license number and Social Security number all belonged to someone else—a person in a different state.

The report contained that person’s name, address and phone number. Thank goodness only the last digits of the person’s driver’s license and Social Security numbers were displayed, or McAfee would have created a data breach of its own.

I finally decided to call McAfee. The first person I spoke to was baffled by what had happened and transferred me to a specialist. During the transfer, the phone hung up. I called back and, after repeating my predicament, was told that it would be taken care of, everything was fine and not to worry. I sensed that the individual wanted to get me off the phone quickly.

McAfee subsequently asked me to fill out an evaluation of my experience. I explained what had happened and hoped to find out what had been done to rectify the error. Several follow-up emails told me the issue had been resolved. Feedback was requested, including about the person so anxious to get me off the phone.

What have I learned from all this? No matter what security service you use, ultimately you have to look out for yourself.

Notify of
Oldest Most Voted
Inline Feedbacks
View all comments

Free Newsletter