Privacy and Data Protection Awareness Campaign | Sorenson Communications
Recent Searches
Quick Links
Signing Hands Icon

Sorenson Uses Cookies

Cookies are small text files websites send to your browser to remember information about your visit. They make our site work properly and help with security. When you allow cookies, you will have the best experience on our site — you can use tools such as chatbot for support and access other relevant products and services.

Click one of these options to change your cookie settings:
Best Experience. This option provides the best user experience with brand-enriched content and services to help you with Sorenson products.
Customized Experience. This option provides an experience based on your needs and interests, but some functionality may not work.
Working website. This option enables a working website, but you may encounter certain features that do not work or do not work as you expect.
If you want to learn more about how Sorenson uses cookies visit our Privacy Notice here »

Privacy and Data Protection Awareness Campaign

Contents

Privacy Awareness Blog Posts

Privacy Awareness Public Service Announcement Videos

Privacy Awareness Blog Posts

Financial Fraud Awareness Via Telecommunications Relay Services

The nature of Telecommunications Relay Services (TRS) can sometimes make it difficult for users of the service to spot when a caller may be engaged in fraud. Because information is being relayed through others, identifying the true intent of communications from another person may not be easy, especially if that person is not already known to the user of TRS services. If the person on the other end of a TRS call is a scammer intent on theft of funds or personal information from a TRS user, awareness of scammer techniques becomes imperative. Frequently, scammers and fraudsters disguise their intentions by offering a “prize” to lure their victims.  For example, you may receive a call alerting you that you have won a lot of money in a “lottery.”  The scamming caller tells you that to claim your winnings, all you have to do is provide your bank account information and the prize money will immediately be transferred to your account.  Sounds too good to be true, right? Chances are, that it is too good to be true.  Many malicious attempts to swindle individuals through financial fraud or identity theft can start with this type of call. Becoming familiar with these techniques used by scammers is important so that you can identify them and protect yourself. Fortunately, there are signs that can help you identify a potential scam and protect yourself from becoming the victim of financial fraud this can include, but is not limited to:
  • Too good to be true – as previously mentioned, scammers may use the promise of a prize or award to lure you into their scam. If you did not enter a sweepstakes or something similar, the communication may likely be fraudulent.
  • Urgency - scammers often will use a sense of urgency to try to pressure you to act quickly.  For example, a scammer may tell you that unless you immediately provide your banking information and validate your identity, you will lose out on the prize.
  • Advanced payment - scammers will ask you to pay an advance fee or processing fee to secure the prize money.
  • Scare tactics - other times, a scammer may employ threats to scare you into complying. Regardless of the tactic, the goal is the same: to gain money and personal information quickly.
It is especially important to be vigilant for fraud via TRS. TRS communication assistants allow individuals with hearing or speech disabilities to place and receive telephone calls, but communication assistants are required to relay all TRS calls verbatim, making it difficult to interpret a caller’s intent. Thus, it is critically important for individuals using TRS to be aware of the possibility of financial fraud and be proactive in their approach to protecting their information. There are several privacy best practices that you can use when you receive this type of call.
  • Only give out personal information to verified sources——especially banking information, credit card information, social security numbers, or passwords.
  • Second, you should never give an unknown party cash or transfer money into an unknown account.  Always be suspicious if the caller extends an offer that seems too good to be true.  You should never have to pay a fee to collect a prize.
  • Third, be wary if the caller creates a sense of urgency or pressures you to act right away.  If you don’t have time to stop and think, don’t take any action.
  • Finally, try to independently verify the identity of the caller to the greatest extent possible.  Ask questions about the organization awarding the “prize” to identify details you can validate later.
Knowing what to look for and how to respond can help keep your personal information safe and protect you against financial fraud.

Stop a SIM Swap in its Tracks

Internet Protocol Captioned Telephone Service (IP CTS) assists people who can speak but have hearing loss necessitating the use of captioning to make and receive phone calls.  IP CTS uses automatic speech recognition technology to turn words voiced by a communication assistant (and, in some instances, directly from the speaker) into text for the IP CTS user.  IP CTS users experience accurate, near real-time captioning and great flexibility because they are able to use IP CTS via an app on a mobile device and take advantage of internet connections to communicate more effectively and efficiently.  Privacy and data protection risks may accompany the benefits that IP CTS enabled through mobile devices provides.  Subscriber Identity Module (“SIM”) swap fraud is one of those risks. SIM swap fraud is a type of criminal activity that has increased with the growth in use of mobile phones.  A SIM card is the small chip inside mobile phones that contains data (such as your personal data and that of any of your contacts) and controls the call and text features - a SIM card can essentially be thought of as a key to your cellular network. SIM swapping can often begin with a phishing attempt, which is when a scammer attempts to convince you to provide personal information.   Gathering personal information helps them get the necessary information to impersonate you at a later date and execute the SIM swap,so it is important for IP CTS users not to disclose personal information to unknown individuals when using IP CTS. The scammer may use the information you provide to impersonate you and direct your phone company to transfer your mobile phone number to a new SIM card or even request a new SIM card.  Once your mobile phone number is moved to a new SIM card, all phone calls and text messages that would have gone to the IP CTS user will go to the scammer.  This is important, because many sensitive accounts, like bank accounts, utilize texts or calls to a phone number to validate proper account access.  Once the SIM card has been swapped, these criminals may be able to take over any account you have that is connected to your phone number. A few key identifiers that you may have fallen victim to a SIM swapping attack:
  • You are suddenly unable to send or receive phone calls or texts.  When you lose service unexpectedly it is important to contact your mobile service provider immediately to determine whether the service provider is having a connectivity problem or the connection issue is specific to your mobile phone.  The service provider will have a record of any transfer requests made related to the phone.
  • You may receive communications from your phone service provider about requested changes.  To avoid potential phishing attempts, do not use any links in an e-mail or a text message you receive about changes to your phone service.  Contact your provider using an independently verified phone number or email address to ask about the communication, and if valid, tell the provider that you did not authorize the change.
  • You experience unusual financial activity when your phone stops working.  SIM swapping usually happens because criminals want access to financial accounts.  The scammers may be using your phone to control or sell access to your financial accounts.  Contact your financial institutions to report unauthorized transactions.

Don’t Get Caught in the Line! Protect Yourself Against Phishing, Vishing, and Smishing

As technology develops and enhances our everyday lives, scammers are also getting more creative in their attempts to abuse those technologies to defraud the public.  Unfortunately, criminal actors utilize the various forms of Telecommunications Relay Service (TRS) technologies designed to serve the deaf and hard of hearing population to facilitate their crimes. Phishing is a type of cybercrime where attackers pose as legitimate companies, agencies, service providers, or individuals and send emails, text messages, or make phone calls in attempts to deceive a victim and steal personal information or extract money.  The emails and text messages can contain links with malware and direct the victim to click on the link to resolve an issue or make a payment. Links may lead to unsafe websites that scammers use to steal valuable information like log-in credentials, credit card numbers, bank account numbers, Social Security numbers, and other personal information. In most cases, the sites where these malicious links redirect to look legitimate or appear to be very similar to the site a user thinks they are going to. When a user attempts to enter their information into the fraudulent website, their information is gathered to be used or sold. Personal information gathered from these sites is later used to make purchases through your existing accounts, establish additional credit accounts, or take out loans in your name. Phishing can be broken into multiple categories:
  • Spear phishing – phishing that targets you specifically based on known information;
  • Vishing – voice phishing, which also can be accomplished using TRS services such as internet protocol captioned telephone services (IP CTS) and video relay services (VRS); and
  • Smishing – SMS text phishing, usually taking the form of text messages form of attackers impersonating package carriers, banks, or credit card providers.
When vishing using a IP CTS or VRS, the attacker will usually create a sense of urgency.  Some common vishing scams include bank account compromise scams, where the caller tells you that your account has been compromised and they need you to provide additional account information to stop the fraud, or the IT support scam, where a caller convinces you to provide your log-in credentials or allow remote access to your computer to resolve a system problem.  Another common vishing scam involves the caller impersonating a government official, usually requiring confirmation of your personal information and immediate payment of a fee to avoid additional fines, losing property, or even imprisonment. Smishing attempts via text message employ the same tactics as vishing attempts by also creating a sense of urgency or fear about an issue with an immediate consequence.  The messages may include a malicious link that directs you to disclose your personal information.  Text messages with grammar, punctuation, capitalization, and spelling mistakes are usually a sign of a smishing attempt, but more sophisticated criminals utilize very realistic messaging. This is why you should never provide your personal inform uation to annknown caller, an unfamiliar email address, or unknown phone number via text.  Follow these tips to avoid falling victim to phishing attempts:
  • Validate the source: Criminals engaged in phishing want you to act quickly so that you do not have an opportunity to notice that something is not right.  When you receive an unexpected email or text message from a seemingly legitimate source that directs you to a link, you can hover your mouse over the link without clicking it to see the true destination of the link.  You can also call the company at a known phone number to verify the message.
  • Do not provide personal information: Sometimes scammers will use information they already have about you to convince you to provide more information.  They may tell you that they need you to prove your identity before they can help you.  Do not provide your birthdate and Social Security number to any unexpected unknown caller.  When in doubt, do not engage.  Instead, follow up through an independently established method of communication.
  • Do not make payments: Most businesses and government agencies will not attempt to collect payment through an unplanned phone call and will never require the use of gift cards for payment.  Always use official and secure websites that you locate independently.  Secure websites use the “https” secure protocols as opposed to websites with “http” in the address bar.
Falling victim to phishing attempts, whether it be through email, text, or call, can be unnerving and unsettling.  Taking the time to look out for the deceptive tactics discussed here will minimize risk and help keep your personal information safe. For TRS users, validating the origin of calls or messages is even more important considering how TRS services function. When there is an intermediary relaying information to a TRS user, context can be lost and users should utilize the previously mentioned tips to avoid falling prey to scams.

Privacy Best Practices for Telecommunications Relay Services on a Mobile Device

Telecommunications Relay Services (TRS), which allow individuals with hearing or speech disabilities to place and receive telephone calls, often are accessed via an app downloaded and installed on a mobile device.  As with any app, it is important to use privacy and cybersecurity best practices to keep your personal information safe. Mobile apps may request permission to access personal information on your mobile device.  This can include permission to access your contacts, calendar, call logs, and location data.  It can also include information about your device, such as the device name, serial number, and various device identifiers.  Granting permission to a mobile app can result in the app collecting vast amounts of personal information, sometimes without your awareness.  Moreover, your permissions may allow mobile app companies to share this information with additional third parties for other purposes, such as providing targeted advertising.  In those circumstances, your personal information can be shared across multiple entities without you even being aware of it.  Knowing how your information is collected and used is the first step to protecting your personal data.  Here are some privacy best practices to keep in mind when installing and using an app on your mobile device:
  • Read through the app’s privacy policy: Every mobile app is required to have a privacy policy explaining the types of information the app collects, the purposes for which the information is collected, how the information is used, as well as how the information is shared, and how long it is retained.  The privacy policy also provides information on your privacy rights, such as how you can access, amend, manage, or delete your data.
  • Familiarize yourself with the app’s privacy settings: Take the time to understand the privacy settings within the mobile app and take advantage of the privacy settings that you can adjust to protect or limit access to your personal information. These settings can sometimes be found in an account profile section (usually identified by an image of the user or a placeholder image) or in the app’s general settings section (usually identified by a cog icon   or a hamburger menu icon ). Utilizing the privacy settings allows individuals to adopt a proactive approach to data privacy management.
  • Practice good security habits: Make sure you are always securely accessing apps.  This means implementing strong passwords, passcodes, PINs, or two-factor authentication if available.  Never provide someone else with your personal information, such as banking information, credit card information, social security numbers, or passwords.
  • Regularly update your device’s operating system: Keeping your mobile device’s operating system up to date to ensure the latest security updates are installed on your device will make it more difficult for malicious actors to intercept your data. You should also ensure applications are set to automatically update.
  • Delete unused apps: When you no longer need an app, make sure to delete it to prevent any unknown or unnecessary collection of personal information.

Don’t Let Phishers Spear Your Social Media!

Social media spear phishing
We love connecting with our friends on social media, sharing details about our lives, our plans, and the people we care about. Unfortunately, criminals use this very human desire for connection to exploit us. This is the danger of Social Media Spear Phishing—a targeted attack that turns your public posts into a weapon against your finances. Different from phishing, where attackers pose as legitimate individuals or organizations to steal your personal information or extract money, spear phishing is particularly dangerous because it is targeted specifically at you based on personal details the criminal already knows. Criminals can scour your social media accounts for names of friends and family members, birthdays, job promotions, and travel plans. The criminals will use the information gained from your social media to craft a scenario that creates a sense of urgency (e.g. a desperate cry for help or a looming terrible consequence) to pressure you into acting before you can think clearly. Whether the phishing attempt comes via a voice call, a text message, or email, you can protect yourself by following these tips:
  • Be thoughtful about what you share: Be careful about the personal information you share publicly on social media to minimize the risk of this happening to you. Information like travel dates, financial milestones, or key personal relationships can be exploited to craft a believable story.
  • Independently verify the request: If a contact claims to be a friend, family member, business, or agency and demands money or information, you must independently verify the request. Do not trust the contact information the criminal gives you. Instead, use a known, trusted phone number or communication account to contact the person or entity directly to verify the story.
  • Never give financial information to an unsolicited caller: No legitimate company, government agency, or individual helping a distressed friend will demand your credit card number or bank account information over an unplanned, unsolicited phone call. Be wary if the caller tells you they need money right now or a terrible consequence will happen.
  • Do not provide personal information: If a caller or message is unexpected, do not provide sensitive details like your birth date, Social Security number, or login credentials. Criminals may use information they already have to convince you to provide more. When in doubt, do not engage.
Taking a moment to pause, breathe, and verify the details before acting is the single best defense against spear phishing. Don't let a criminal turn your public posts into a way to steal from you.

TRS-URD Is Coming, How Can You Be Prepared?

The TRS-URD - protecting the services you rely on
If you use Telecommunications Relay Services (TRS) like Video Relay Service (VRS) or IP Captioned Telephone Service (IP CTS), you may have heard of the TRS-URD. It might sound like a technical acronym, but it is a crucial component that works behind the scenes to ensure you can continue to access communication services.
Unpacking the acronym: what is the TRS-URD?
“TRS-URD” stands for Telecommunications Relay Services User Registration Database. Think of it as a central, secure hub where essential information about registered users of certain TRS programs is stored. This database is a key tool for making sure the TRS program works smoothly, efficiently, and remains available to the people who need it most.
Why is the TRS-URD so important?
The TRS-URD has two main, critical jobs that serve the greater good of the relay service program:
  1. Ensuring eligibility: The database helps providers and the Federal Communications Commission (FCC) confirm that users are genuinely eligible for the service. This is like having a secure ID card to prove you can access a special program. By checking the database, the system can ensure the program is being used correctly and is available only to eligible individuals.
  2. Effective program management: The FCC uses the aggregated, non-identifying data in the database to manage the entire TRS program effectively. This helps them understand usage trends, which can lead to better policies and improvements in service quality and availability in the future.
What does this mean for those that use TRS services?
For you as a TRS user, the TRS-URD is primarily a background system, but it has a direct impact on your ability to use certain services. Here is what you need to know:
  • Registration is required for certain services: To use Video Relay Service (VRS), and Internet Protocol Captioned Telephone Service (IP CTS)—you are required to be in the TRS-URD. If you are not in the database, you may not be able to make calls, or your services might be put on hold until verification is complete.
  • You must give permission and provide information: When you sign up for these services, the FCC requires your provider to collect and submit specific personal information to the TRS-URD administrator for verification. You will be asked to give explicit permission for your provider to forward your details for verification.
  • The information typically required includes:
    • Your full legal name
    • Your full residential address (must be in the U.S.)
    • Your date of birth
    • The last four digits of your Social Security Number (SSN) or a Tribal Identification Number (TIN)
    • This information is used to verify your identity and confirm you are an eligible user living in the United States.
What if there’s a problem?
If there is an issue verifying your identity in the TRS-URD, your TRS provider will contact you to request supporting documents, such as a State ID, Driver’s License, or other official government documentation.
Privacy and security are priority
Rest assured, your personal information is handled with the utmost care. The FCC, your TRS provider, and the database administrator are all required to maintain the confidentiality and security of your data.
The bottom line: protecting your service
Ultimately, the TRS-URD is a crucial measure put in place to prevent fraud, waste, and abuse of the Telecommunications Relay Services program. By having a secure and centralized system for user verification, the program's funding is protected. This means that the services you depend on—which are provided at no cost to you—remain available and sustainable for all those who legitimately need them. The TRS-URD is simply a way of protecting the integrity of the program for all eligible users.

Privacy Awareness Public Service Announcement Videos

Social Media Phishing

TRS-URD awareness

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.