Tuesday, September 25, 2007

Credit Freeze to Help Prevent Identity Theft

The credit freeze is one of the best tools you can use to help prevent identity theft. A credit freeze allows you to lock the data in your credit report at the credit reporting agency until you give them permission to release it. Without access to your credit report, an identity thief will have a lot of trouble gaining credit in your name.

Until recently, a credit freeze could only be made possible by state law, and you could not block your credit report if you did not live in a state that allowed it. However, starting in October, two of the big three credit reporting agencies will allow you to freeze your credit report no matter what state you live in. TransUnion and Equifax will let you obtain a credit freeze, and you don't have to be an identity theft victim to do so. But you will have to pay for it.

This is definitely a great way to help prevent identity theft, but it will only be effective if Experian offers a similar credit freeze service. In the mean time, if you live in one of the states that allows a credit freeze, you can have a credit freeze if you are a victim of identity theft or if your information has been compromised. This will give you control over who can access your credit report at all three agencies and will help you prevent identity theft if it hasn't already happened.

Saturday, September 15, 2007

Ameritrade Data Breach: Identity Theft Possible

Online brokerage TD Ameritrade Holding Corporation announced Friday that one of its databases containing customer contact information was hacked. The company has since discovered how the information was stolen and changed their computer code.

Ameritrade insists only contact information was stolen and that even though information such as Social Security numbers, account numbers, and dates of birth were in this database, they found no evidence of it being accessed or taken. Ameritrade says there is no evidence that identity theft has resulted from this data breach.

While the fact that only contact information appears to have been taken from this Ameritrade database doesn't seem to be such a big deal. Identity theft is still possible. Ameritrade customers should be aware of scams that could result from this including callers claiming to be a credit card or bank representative or phishing scams they can receive through email.

Thursday, September 13, 2007

Murderer Also Guilty of Identity Theft

This blog normally focuses on the financial issues identity theft causes because those are the most common. However, identity theft is by no means limited to financial issues like credit card fraud. An identity thief can also affect your criminal record as you'll see in this news report.

Toussaint Davis, who faces three hundred years in prison for killing a police officer after a jewelry store robbery, was convicted of illegally using a Pennsylvania man's identity when he was being prosecuted for the killing. He was convicted of second degree murder under John Healey's name, and it wasn't until just before the sentencing that his true identity was discovered.

You can read more about the story here. It's good for John Healey that this was discovered. It wouldn't have been a serious problem for him to have the murder of a police officer on his record.

Saturday, August 25, 2007

Identity Theft At Memphis Restaurant

I've mentioned before that credit card skimmers have been used for identity theft at restaurants. However, that's not the only way a restaurant employee can steal your credit card number.

A recent news report says that Brad Taylor, a cook at Paulette's Restaurant in Midtown Memphis, copied customer credit card records found in the restaurant and sold them for $10 a page. Roderick Webb and Marlon Cox used the information to buy products online and then sell the merchandise to people in the community. Taylor, Webb, and Cox are charged with identity theft trafficking and conspiracy to commit identity theft trafficking. Taylor and Webb also face an identity theft charge. Customers who have used their credit cards at Paulette's since January 2007 are encouraged to carefully review their credit card statements.

So even if you carefully watch a waiter ring up your bill, there is still a chance that your credit card number can be stolen if a dishonest employee has access to the records. Wonderful!


Thursday, August 16, 2007

IT Company Closes After Data Breach

Here is another illustration of why we are never completely immune to identity theft no matter how careful we are with our personal information.

Verus Inc., an IT company that built and maintained Websites and other services for forty to sixty hospitals in the United States, was implicated for the security breaches for at least five hospitals and has gone out of business after investors pulled the plug after a blunder that caused a great deal of client data to be exposed to the outside world.

All breaches have been attributed to one incident when Verus employees left the firewall down after transferring from one server to another. Find out more about the incident here.

While it seems a little harsh, those handling sensitive data can not afford to be so careless. Even if the investors hadn't refused funding, the company would have probably closed anyway. Once the information was released, I doubt that any client would have trusted them. Patient data from some of these hospitals has been compromised. Although no one has reported identity theft as a result of this breach, the damage is still done and the possibility for identity theft is there.

Saturday, August 04, 2007

Identity Thieves Target Celebrities

Police busted a major identity theft ring operating out of a home in Northeast Philadelphia. Andre Holmes and an accomplice used change of address forms to have victims' mail delivered to their home and used personal victim information to create checking accounts and obtain credit cards. Investigators believe this information was obtained by one of the suspects during her previous job with the IRS.

There are seventeen confirmed victims, but the number could rise into the hundreds. Some of the targeted victims include Paris Hilton, Whitney Houston, and Jennifer Lopez.

I've heard of setting the bar high, but I'm not sure how they expected to get away with this. Sure, Paris Hilton is wealthy enough that she probably doesn't worry too much about checking her credit report often, but any company who has done business with her in the past may find it suspicious that she's suddenly receiving all of her credit cards and bills at a home in Northeast Philadelphia.



Friday, July 27, 2007

Fraud Alert: Does it help?

So, have any of you Ohio tax payers received your letter from the state of Ohio saying your name and Social Security number were on that stolen laptop? The state has offered those concerned about identity theft one year of protection services with Debix with no charge to the potential victim. Or maybe you don't live in Ohio but suspect you might be a victim (or potential victim) of identity theft. There is something else you can do to protect your credit.

One thing the Federal Trade Commission recommends is placing a fraud alert on your credit reports.

But what is a fraud alert? The major credit reporting bureaus attach to your credit report (at your request) to let potential creditors know that your data has been compromised, and before opening any kind of credit account (credit cards, loans, cell phone accounts, etc.), they should contact you by phone to confirm that it is actually you requesting this credit. It also entitles you to a free copy of your credit report. The initial fraud alert can be placed if you suspect you are a victim (or a potential victim) of identity theft and is effective for ninety days. You can request an extended fraud alert, but you must provide a copy of your identity theft report.

So does it help? Yes and no. It depends on whether or not creditors are willing to call you. Some will contact you as they should, and others will not. With companies that don't, some will automatically deny credit, which is only a problem if you are trying to obtain a loan or credit card. Others may ignore it and approve the account anyway. That's when you have to worry.



Thursday, July 19, 2007

More Proposed Identity Theft Legislation

According to a recent news report, the Bush administration has sent proposed legislation to Congress regarding the improvement of federal identity theft laws as recommended by the Identity Theft Task Force.

The Identity Theft Enforcement and Restitution Act of 2007 aims to increase penalties for certain types of identity theft and allow victims to recover more than just direct financial losses. Provisions in this legislation increase penalties for those using keystroke loggers and spyware to commit their crimes. This act would also allow victims to recover the time lost to attempting to repair whatever damage identity theft has caused. You can read more about it here.

While this is a step in the right direction, more also needs to be done to educate the public about how to protect themselves against identity thieves. No amount of money or legislation can recover the peace of mind that one loses as an identity theft victim.



Friday, July 13, 2007

Possible Social Security Identity Theft Scam

I've mentioned some specific scams identity thieves use in other posts, and I try to pass more along as I run across them. This one may just be a regional one at the moment, but I'm going to post information about it just in case. A number of citizens in Jonesboro, Arkansas, have reported receiving phone calls that they believe to be a possible identity theft scam.

The caller claims to be from the Social Security Administration and says that they can offer the client more Social Security benefits if the client lets the caller come to his house. So far, it looks like it's not fairing too well for the scammer. Most who reported the call said they told the caller no, and one person offered to call and check up on this first. The caller hung up. If this were legitimate, there would have been no problem with the client calling the administration to verify the offer.

The local Social Security Administration says they do not often make house calls. When they do go to someone's home, they send a letter letting the person know. They don't call and ask for permission in exchange for more benefits. Be careful who you allow in your home and what information you give to strangers.

This may be a local scam in Arkansas, but similar scams exist. Remember, be suspicious of anyone calling and asking for this information. The Social Security Administration or the IRS will not ask for information they should already have.



Wednesday, July 11, 2007

State Laptop Stolen in Ohio

On June 10, a laptop with sensitive information regarding thousands of Ohio taxpayers was stolen from an intern's unlocked car. Ohio Governor Ted Strickland has announced today that about 786,000 Ohio taxpayers are at risk of identity theft because their names and Social Security numbers were stored on this laptop. That's three times more potential victims than they originally thought. According to Strickland, there is no evidence that any of this personal information has been accessed.

Well, that's comforting.

Being a citizen of Ohio, I find this particularly disturbing. What bothers me most is that this information was left in the hands of someone careless enough to leave an unlocked car, particularly one with sensitive taxpayer information.

Tuesday, July 03, 2007

Data Theft at Fidelity National

This recent data breach is a perfect example of the dishonest insider. According to a recent news report, a database administrator of Certegy Check Services, a subsidiary of Fidelity National Information Services, stole the information of about 2.3 million customers and sold it to data broker. The data broker then resold the information to direct marketers who used the information to solicit these Fidelity customers for product offers. The employee has since been fired and the situation is still under investigation.

At this point, there doesn't appear to be any identity fraud committed as a result of this, but it is still possible since the junk mail from these direct marketing agencies, if stolen, can be used to commit identity theft. This is an clear example of what can happen when a dishonest employee has access to sensitive information and misuses it for profit. Whether or not this results in identity theft remains to be seen.


Tuesday, June 12, 2007

Security Breach For Faculty of the University of Virginia

According to a recent press release, the University of Virginia has suffered a massive security breach. Investigators believe hackers accessed a database with sensitive faculty information on 54 different occasions between May of 2005 and April of 2007. The information for more than 5 thousand current and former faculty members has been compromised, and the information included Social Security numbers and dates of birth. No student or non-faculty employee records were exposed.

This issue is under investigation, and currently no suspects have been identified. For more information, check out the link above to the University's press release. If you are a current or former faculty member of the University of Virginia, check out this informational link and contact the University at the phone number or email address listed on that page with questions.

Monday, June 11, 2007

Military Spouses Targeted For Identity Theft

Just when you think scammers can't stoop any lower, some new scam surfaces to prove that nothing is sacred. Like this more recent one.

According to a recent news report, the American Red Cross is warning military spouses about a recent scam that targets spouses of deployed troops. The scammer calls the military spouse, claiming to be calling on behalf of the Red Cross, and tells the spouse that his/her husband/wife has been injured in Iraq. The caller then proceeds to ask for the military member's Social Security number and date of birth to complete the necessary paperwork so the injured spouse can receive proper treatment.

First of all, the Red Cross does not contact families to report injuries. The Defense Department does that.

It should surprise me that identity thieves could be so cold. This is another scam that truly sickens me. If you are a military member's spouse and receive one of these calls, please report it.

Friday, June 08, 2007

NETELLER linked to Identity theft

According to a recent news report, Neteller is allegedly linked to an identity fraud scam. Recently, 200 Vancouver residents received letters from a Vancouver collection agency demanding the payment of a $822.75 debt they never incurred with Neteller's Calgary office.

According to the collection agency, CBV Collection Services, numerous residents who received these letters said they didn't owe this money, and after investigating, this proved to be the case. These identity theft victims, fortunately, will not have their credit reports flagged for this debt.

For those of you who are not familiar with this company, Neteller is a British company used for online money transfers believed to be popular with online gambling firms.

Wednesday, June 06, 2007

Identity Theft and Deleting Stored Data

What does your bank do with their computers when they upgrade their equipment? What about your doctor or dentist? Why is this important? The computers used by your bank, your doctor, and other places where you do regular business have important information stored in databases on their computers. When they upgrade and move this data to another machine, are the proper precautions taken to completely format these hard drives so that this information can not be retrieved by a tech savvy computer user who might purchase this now used computer. If files are not permanently deleted, these companies could be exposing their customers to identity theft.

Personal data is frequently being exposed because files with personal data are not fully deleted from business computers. What about your own computer using habits? Do you make sure files with your own personal or financial information are securely deleted from your hard drive when you buy new equipment? And what happens to that old computer? Do you sell it on Ebay or pass it on to a friend or relative? Don't tempt fate. Anyone can be an identity thief with the proper information and motivation.

Friday, March 16, 2007

Some Copy Machines Remember You

So what do you use your office copy machine for? Obviously, you would say, it’s used for work documents such as company brochures or internal memos. But what else? Occasionally, you and/or your office mates may use it for personal documents, such as income tax returns, photo identification or Social Security documents. Surely, the boss wouldn’t mind that too much. In most offices, this is true, but that’s not the point. Here is some information that may make you change your mind or at least think twice before doing so.

If your office copy machine was manufactured in the past five years, a hard drive is included with the copier that stores a digital copy of every document copied. That way if the original is lost, you can call up the digital version to make another copy. This is a great idea for your office documents, but what about any documents with personal tax or identifying information? Ouch! Let’s hope everyone in the office is trustworthy. Worse yet, what if the company decides to sell the photocopier and get a new one. Ouch again! You don’t know who will have access to this information.

However, Sharp is promoting its new copy machines with options to encrypt these stored copies or virtually shred them so they can’t be recovered. Find out if your company copier offers these features, and if they do, be sure to use them. If not, you may want to think twice about what you copy.

Thursday, February 15, 2007

Where in the U.S. are Identity Thieves Most Active?

Does where you live make you at higher or lower risk of identity theft? If so, which U.S. Cities and states are at highest risk of identity theft? A recent study provides the answers to those questions. According to ID Analytics Inc., New Yorkers, especially those living in New York City, are major targets for identity theft. Californians were the runners up, especially those living in Los Angeles.

So who else made the list? The states with the highest rates of identity theft include: New York, California, Nevada, Arizona, Illinois, Hawaii, Oregon, Michigan, Washington and Texas. The study goes on to say that the cities at the highest risk include: New York, NY; Detroit, MI; Los Angeles, CA; Little Rock, AR; Greenville, MS; Atlanta, GA; Phoenix, AR; Portland, OR; Dallas, TX, and Springfield, IL.

The lowest rates of identity theft are in the following states: Wyoming, Vermont, Montana, North Dakota, New Hampshire, Ohio, Maine, Iowa, West Virginia and South Dakota. Keep in mind that lower risk doesn't mean no risk. I live in one of these “low risk” states, but I was still hit.

Friday, February 09, 2007

Is ID Theft Still a Problem? Yes!!!

The financial services industry has been promoting that identity theft is on the decline and that it is no longer the serious problem it once was. They'd like to think so, wouldn't they? According to the Federal Trade Commission, that's not necessarily the case. For the seventh year in a row, the crime identity theft has topped the FTC's complaint list.

So what does the statistics from the 2006 FTC complaint list tell us? First of all, identity theft accounts for 36% of the 674,354, or 246,035 consumers reported being victims of ID theft. That doesn't even account for all the cases. There will always be a percentage that don't report the crime because either it was a close friend or relative and they don't want to press charges or they are embarrassed about being a victim and getting scammed. On the decline they say?

While there were no close runners-up, some distant ones include shop-at-home/catalog sales (7%); prizes, sweepstakes and lotteries (7%); Internet services and computer complaints (6%); Internet auction fraud (5%), and the list goes on from there.

I hope that this report is enough to convince you that identity theft is still very much with us. Keep that information safe.

Monday, February 05, 2007

Increased Penalties for Some Identity Thieves

Most people would agree that more needs to be done to not only catch identity thieves, but also that they should be punished to robbing people of their identity and financial stability. It looks like the punishments for at least some identity thieves may become stiffer. Friday the U.S. House of Representatives approved a bill that will increase penalties for those convicted of committing financial identity theft against a disabled or elderly person. The proposal will now be decided by the Senate.

The penalty is now between three and 10 years of prison time and a fine of up to $10,000, but if this bill passes, it would increase to between five and twenty years in prison and a fine of up to $15,000. The bill would also allow the court to order anyone convicted of identity to pay restitution to his/her victims.

While this is a step in the right direction, I don't really think its enough. For one thing, some identity thieves operate from offshore. These thieves are rarely investigated or caught, let alone punished. Besides, what's to stop a local identity thief to leave the country before he is caught? More needs to be done to train local law enforcement to investigate and catch identity thieves and educate the public regarding prevention methods.

Tuesday, January 30, 2007

ID Theft Victims Often Know Their Thief

It's one of those lessons in life we all learn at some point. You can't trust everyone. When and how you learn it isn't necessarily the issue as long as you learn it. Many are reminded of this when a trusted friend or relative steals their identities, and according to a recent survey by the Identity Theft Assistance Center (ITAC). According to this survey, 42% of participants knew the source of the crime, and out of those, the largest percentage, 22.61% are victimized by someone they know.

Being victimized by friends or relatives is tough, especially since they are usually the people you wouldn't expect to do such a thing. Like other forms of identity theft, you may never be completely immune, but there are precautions you can take to avoid make yourself less vulnerable. For instance, it's good to keep the data in your home safe so as not to tempt a friend or relative who may be in desperate need of some cash. Bills and credit card statements should not be left out for all to see, and personal financial records and documents should be filed away in a locked box or safe. Do not lend a check book or credit card to a friend or relative no matter how much you care for them or trust them.

Identity theft is hard to deal with as it is, but even harder if you know the thief. Make the theft a little harder by keeping important information out of the reach of wandering eyes.

Thursday, January 18, 2007

T.J. Maxx Security Breach

We're all aware of the possible dangers of shopping online. If a website doesn't have a secure log in and order for (https), we shouldn't be shopping with them. But what about a local retail outlet? Is a credit card purchase there secure? While there's always the possibility of dishonest employees, we'd like to assume “yes.” However, this story proves that retail stores are also likely to get hacked along with online vendors. Retail company T.J. Maxx had its credit card computer system hacked just before Christmas.

The computer network in question handles credit cards, debit cards and checks. This network was broken into, and some of the customer data was stolen. T.J. Maxx is investigating to find out exactly what information was compromised so they can contact victims.

The store has issued a customer alert on their website as well as providing a customer helpline to handle customer questions and concerns. If you've made any credit or debit card purchases at T.J. Maxx in the past, you may want to check your credit card or bank statements for charges you didn't make.

Sunday, January 14, 2007

More Laws to Prevent ID Theft?

When it comes to laws protecting consumers from identity theft, much of the legislation is at the state level, and some states have better privacy laws than others. However, the federal government has been making moves over the past few years to pass laws attempting to prevent identity theft, including the forming of the Identity Theft Task Force. Now there are a few more laws have been reintroduced to the Senate that will hopefully help protect consumer privacy.

The first one, the Notification of Risk to Personal Data Act would require, as the name implies, would require businesses and government agencies to notify a consumer of a security breach involving the individual's personal data among other things. It would also require a description of the type of data compromised as well as a number for consumers to call for more information. The media should also be notified as well as individual consumers. These and other requirements in this bill hope to give people the information they need if their data is compromised so they can take the necessary precautions to prevent or at least limit identity theft.

The second one, the Social Security Number Misuse Prevention Act, could be highly effective if properly enforced. This bill would prohibit the sale or display of someone's Social Security number without consent. It would also prohibit government agencies from displaying Social Security number on public records in print or electronically. This is a great idea. Too long have companies been sharing this data with affiliates or selling it for profit, and removing Social Security numbers would make an identity thief work a lot harder to obtain this valuable information.

We'll see if these bills pass. You can read more about both of them here.

Monday, January 08, 2007

Identity Theft and the Things We Carry: Employee or Student ID Cards

This is the final segment of my “things we carry” blogs. I know I've mentioned ID cards before, or at least student ID cards, but some things deserve repeating.

Employee and student identification cards are not a problem in and of themselves. Many schools and probably all universities require student IDs in order to register for classes or to use student only facilities, and many companies require employs to carry identification for the company's security. However, the problem is when employers and schools print the owner's Social Security number on the card which becomes a security risk for the employee or student. Many schools and companies that did this have already switched over to provide new ID numbers for the identification cards, instead of the Social Security number. If your school or company has a your Social Security number printed on your ID card, you may want to suggest that they give you a different identification number and may even suggest switching over to a system that does not use Social Security numbers on ID cards at all. It may be an expensive effort, but it will be safer for everyone.

Your Social Security number is the main component needed to open credit cards in your name or take out loans and other services. You can make this all the more difficult by removing any document with your Social Security number from your wallet completely.

Saturday, January 06, 2007

Identity Theft and the Things We Carry: Health Care Card

This is another item that, while important, and even useful to carry with you in case something happens, but your health care or insurance card can also put you in potential danger of identity theft.

Obviously, this is one thing many of us would consider to be important to carry in case of emergency illness or injury and understandably so. However, is your Social Security number displayed on the card? Many insurance companies are switching over to the use of different account and identification numbers for their customers. If your insurance company has not made this change, you may want to contact them and ask them to issue a different number. If they are unwilling to do so, you may want to photocopy your card and black out all but the last four digits of your Social Security number and carry that instead. If you need emergency care, your name and the last four digits of your Social Security number are all they should need to look up your insurance information.

You want to be prepared in case of a medical emergency, but you don't want hand over such valuable information as your Social Security number to the wrong person in the process.

Friday, January 05, 2007

Identity Theft and the Things We Carry: Credit Cards

In my previous post, I started the first of a few posts on what we carry with us everyday can make us more appealing as potential victims of identity theft. While your Social Security card is something you shouldn't carry in your wallet unless you know you will need it, credit cards are a little more complicated because you are more likely to need them on a daily basis.

Of course, most of us carry credit cards for daily purchases when we are short on cash, but how many do you need to carry everyday? You will be less likely to notice if one you don't use often goes missing from your wallet or if the bill is re-routed to a different address. Pull out credit cards you are least likely to use and put them in a safe place at home only to be used when you know you'll need them. If you have any you never use or rarely use, you may even want to consider canceling it. An unused account, once discovered, is a gold mine for an identity thief.

Something else to consider would be to keep a list of all your credit card account numbers and the phone numbers necessary to cancel them. Don't carry this in your wallet, but keep it in a safe place. Then if your wallet is stolen, you can call the credit card companies to report the theft and cancel the card before too much damage is done.

Wednesday, January 03, 2007

Identity Theft and the Things We Carry: Social Security Card

As I've mentioned before, identity theft can be committed in a variety of different ways. While some identity thieves prefer a phishing scam, others may prefer dumpster diving or stealing someone's mail or wallet. Since there are so many ways to get one's identity stolen, consumers need to protect their information on all fronts, and perhaps the place many of us are most vulnerable is follows us around everywhere we go, our wallets. In fact, the items we carry in our wallets daily may provide an identity thief with everything he needs. These next few blog posts will cover some things we may be carrying with us daily that will make us more vulnerable to identity theft.

Do you carry your Social Security card with you in your wallet? After all, you are occasionally asked for it as a form of identification? This is last thing you want to carry in your wallet because if it is stolen, you may very well be handing your identity over on a plate. Only carry it with you if you know for a fact you are going to need it. You know your Social Security number if you need to provide it, and if you don't, memorize it. Keep your Social Security card in a safe place, like a locked box or a safe.

One's Social Security card is the most valuable document to an identity thief. Do your best to keep it out of his/her hands.