Identity Theft

We know everyone is looking for that best deal online, especially during the Black Friday shopping blitz. Here are some quality online shopping tips from Intersections, Inc. (provider of the Identity Guard identity theft protection service).

We also recommend a post from the always excellent Privacy Rights Clearinghouse - "Holiday Shopping? Ten Timely Tips"

Don’t Let Would-Be “Grinches” Steal Your Financial Health and Identity During the Busiest Shopping Season of the Year!

As the biggest holiday shopping days of the year quickly approach, consumers everywhere will be lining up at stores on "Black Friday" for pre-dawn sales that will hopefully net great bargains and savings on holiday gifts. For those that don't want to fight the massive crowds at the malls and local shopping centers, they'll surf the Web on "Cyber Monday" - the Monday right after Thanksgiving - to catch even better sales, conveniently ordering their gifts online to have them shipped all over the world.

Finding the right deal on the perfect gift is going to be a priority this holiday shopping season as consumers everywhere are penny pinching during tougher economic times. The National Retail Federation expects average holiday spending this year will be around $682.74, down 3 percent from $705.01 last year, so getting the best value for your money is key, whether the gift is found on the Internet or at a retail store. With major online price breaks offered on Cyber Monday, online shopping sales are expected to increase 18 percent over last year, according to Information Resources, Inc.

To kick off the 2009 holiday shopping season, Intersections Inc. (Nasdaq: INTX), a leading global provider of consumer and corporate identity risk management services, and provider of IDENTITY GUARD® Total Protection, the award winning identity theft protection service, advises holiday shoppers to take extra caution to avoid damaging their credit or becoming a victim of identity theft. Identity theft peaks this time of year -- wallets are stolen, credit cards are accidentally left behind and scammers everywhere are looking to prey on their next victims -- but there are simple steps consumers can take to avoid making careless decisions that can have a long-term effect on their financial well-being.

Intersections recommends the following safety tips for holiday shoppers:

1. Protect your computer from online threats including money-stealing Trojans. Fraudsters are eagerly waiting to take advantage of the millions of credit card transactions that will be made online this holiday season. They are lurking to find any weak links in your network to gain access to your personal and credit information. More recently, they are using sophisticated Trojans to grab your bank account and credit card login information, disable your security software, and sneak into your bank account by pretending to be you. Trojans are even smart enough to quietly drain your bank account over the holiday period based on the assumption that you'll be too busy to check exactly how much you're spending until the New Year. The best way to avoid Trojans is to (a) not open attachments or click on email links; (b) be careful where you surf and stick to online "neighborhoods" where you really feel safe; and (c) regularly patch your computer and update your anti-virus, anti-spyware and firewall software.
2. Take a tip from online merchants and "trust but verify." Whether it's online shopping searches, incredible gift offers, or holiday wishes from your Twitter "Tweeps" or Facebook friends, the best way to avoid gift-wrapping yourself for scammers this year is to turn your cynicism on to the highest level. If you think before you click, you might just play Grinch to an identity thief.
3. Be careful buying gift cards. Make sure that you purchase gift cards that are legitimate and secure, and avoid buying gift cards secondhand from an unverified source. UK-based security firm Corsaire recently found that the vulnerable magnetic-stripe technology used for gift cards and customer loyalty cards make these attractive targets for hackers. Additionally, the research revealed that gift cards can easily be "sniffed" off the shelf in the checkout line with a scanner and cloned, card numbers can be stolen, and retailers' gift card Web sites can be hacked.
4. Avoid Tweet Traps! Scammers fully understand the power and reach of social networks, and gathering places like Facebook and Twitter are a feeding ground for all kinds of thieves this holiday season. According to the eHoliday Study by Shop.org (a division of the National Retail Federation), 47.1 percent of retailers said they will be increasing their use of social media during the holidays. The biggest threat to be wary of this year is the "Tweet Trap" - a message that appears to be from a trusted friend or follower passing on some great news, a real bargain, or a worthy cause, but instead hides spam, phishing fraud, or a malicious download. Consumers should be cautious about Tweets or Facebook messages about great holiday deals, must-have gifts, or hard luck stories, even if they are coming from "friends." If they sound interesting, do your own research to see if they're genuine. But don't click or download.
5. If a deal sounds too good to be true, it probably is. This scam has focused on promising shoppers the hard-to-find gift at an irresistible price and in most cases, the gift doesn't exist, doesn't arrive, the seller demands far more for it, or simply steals the shopper's credit card information. But this year, hackers are upping the stakes by hacking into the search ranking systems of the major search engines like Yahoo! and Google so that their fraudulent or malware-infected web sites appear at the top of shopper searches. And most shoppers still believe that if a Web site is at the top of a search engine's list, it has to be legitimate.
6. Do NOT give out your financial information over the phone or email. If your bank or credit card company sends you an email or even calls you warning you of insufficient funds or other problems with your account, contact them directly using the customer service numbers posted on their web sites. Don't respond to their emails or to any number they provide in an email or phone message.
7. Keep travel plans private. Don't give a gift to digital burglars by Tweeting or posting updates to Facebook about your holiday plans like when you're going to be away from home or all the cool stuff you bought. Otherwise your new purchases may end up under someone else's tree.
8. Do a post-holiday credit health check-up. After the holidays are over, be sure to check your credit reports, credit card statements and bank statements to verify all transactions. Each transaction you made, either in retail stores or online, could have been compromised, adversely affecting your credit and your credit score. Notify your bank or credit card company immediately if you see anything suspicious.

"With a soft economy and higher unemployment rates, consumers are under increased pressure to cut holiday spending, and this may lead to an increased willingness to take on greater risks," said Steven Schwartz, Intersections' Executive Vice President of Consumer Solutions. "While retailers will respond with timely offers and special discounts, it's important for customers to protect themselves from scammers and cyber scrooges who may try to prey on their emotions with targeted offline and online schemes."

One way to protect yourself is to be vigilant about where you shop (online or at the mall), what information you provide and to whom, and to protect your computer from spyware, malicious code and Trojans. Intersections' IDENTITY GUARD® Total Protection is the most comprehensive offering on the market today covering personal information, credit reports, public records, computer, Internet and mobile transactions. The service also provides sophisticated software that protects consumers against keylogging attacks, secures their passwords and user IDs as they navigate online, identifies legitimate websites, and protects their computers from advanced malware software. IDENTITY GUARD® Total Protection also provides identity theft recovery services and financial reimbursement insurance in the event identity theft occurs. Find out more at www.identityguard.com.

So you received a data breach notification in the mail… no big deal, right? Not according to Javelin Strategy & Research’s latest report. In fact, Javelin’s latest research reveals you are four times more likely to suffer identity fraud if you’ve received a data breach notification within the past year.

The average fraud victim will spend 30 hours and $496 out-of-pocket costs to restore their affairs, merchants and financial providers will spend billions to protect systems and brands, and law enforcement will work hard to chase the bad guys.

Many states around the country are enacting laws requiring entities that have experienced data security breaches to notify affected individuals whose personal information may be at risk. However, there seems to be a disconnect between breach notifications and consumer awareness of the risk they bring.

Why You Should Take Notice

• During each of the past three years, an average of 11% of consumers received a breach notification.
• Of these consumer breach victims, more than 33% experienced exposure of their Social Security numbers and 15% had their ATM PINs compromised.
• Despite 19.5% of breach victims suffering some kind of fraud in the past year, only 2% attribute their fraud to the breach.

Come On, Do I Really Need To Worry About This?

It might be a good idea considering the Identity Theft Resource Center has already tracked 356 data breaches so far this year. Forty-six of those breaches have involved financial institutions, and when they or their third-party service providers are breached, it’s nasty.

Take for example the Heartland Payment Systems breach earlier this year. The result of this breach was a staggering compromise of 130 million credit and debit cards. Now that’s a lot of Visa cards…yikes!

What You Can Do?

There is very little we can do to avoid data breaches, however there are steps that we can take to better prepare ourselves for the next time that breach notification shows up in the mailbox:

• If you get a data breach notification, don’t dismiss it. "Data breach notifications are intended to help consumers take protective action," said Mary Monahan, Javelin Managing Partner & Research Director.
• Obtain credit monitoring services. Most companies will provide this free of charge in the event of a security breach, so take them up on it. You may also consider employing a more complete credit monitoring service or even initiating a credit freeze.
• Limit the amount of sensitive data you give out online or over the telephone. If the requested information has nothing to do with the transaction you’re making, don’t provide it. For more on this, read our article about becoming a "privacy grouch."
• Avoid or be cautious using wireless devices, “convenience cards”, credit cards or unfamiliar online transaction sites.

Lastly, remember the words of the orator, Robert Green Ingersoll when he said:

“It is a thousand times better to have common sense without education than to have education without common sense.”

Ben Bernanke is a victim of identity theft. This is proof positive that it can happen to anyone.

Ben Bernanke - the Federal Reserve Board chairman - was one of hundreds of victims of an elaborate identity-fraud ring, headed by a convicted scam artist known as "Big Head," that stole more than $2.1 million from unsuspecting consumers and at least 10 financial institutions around the country.

How Did It Happen?

On August 7, 2008, Anna Bernanke - Ben Bernanke's wife - was at a Starbucks when her purse was stolen off the back of her chair.

What Was in Her Purse?

It's not good...

• Driver's License (no problem)
• Four credit cards (not so great - the fewer the better)
• Checkbook (no problem)
• Social Security card (OUCH!!!)

So the thieves had Mrs. Bernanke's SSN, Date of Birth (from the Driver's License), home address, and home phone (from the checks). This is the perfect combination of personal data.

It goes without saying that you should never carry your Social Security card in your purse or wallet. It should be tucked away in a very safe place at home or in a bank lock box. You should also limit the number of credit cards you carry. Just think of how many banks you'd like to call and/or fraudulent transactions you want to deal with and limit your cards accordingly.

Who Were the Thieves?

The thieves were part of a crime ring called "The Cannon to the Wiz." Here is the entry from the Urban Dictionary for "cannon":

Cannon - Old school term for a skilled pickpocket. "Stumpy is a real class cannon - he can clean out a vic's pockets faster than a flatfoot can eat a donut!"

These thieves were after personal information as well as checks and credit cards. They worked in government or medical offices or were simple pickpockets or mail thieves. They attended major sporting events in order to target victims with wallets and purses full of loot. One such victim was Donna Pendergast - an assistant Michigan Attorney General. Her experience went like this:

The robber was so adroit he managed to lift the wallet from her purse without her even knowing it. "They took it right out of my purse while it was on my shoulder," she said. "I didn't feel a thing."

Have They Been Caught?

Yes and no.

Federal agents busted the identity theft ring this summer, but George Lee Reid - the one who fraudulently used the Bernanke's checks to steal $9,000 - had the charges dropped against him, but the Feds are now searching for him again on related charges.

More information on this story from Newsweek.

The Better Business Bureau (BBB) has announced that April 18th is Secure Your ID Day and is offering free document shredding at various locations across the U.S.

You can bring up to three boxes/bags of paper documents and they will shred them on the spot. Even if you have your own shredder I imagine they'll have a bigger one that will be much faster, so it's worth checking out.

What Should You Shred?

If you're wondering what to bring, check out our shredding page and get a few tips. The short answer is you should shred any documents that has a signature, account number, social security number, or medical or legal information (plus credit offers).

Enjoy!