Subscribe
Printer Friendly
Share this PageIdentity Theft
So you received a data breach notification in the mail… no big deal, right? Not according to Javelin Strategy & Research’s latest report. In fact, Javelin’s latest research reveals you are four times more likely to suffer identity fraud if you’ve received a data breach notification within the past year.
The average fraud victim will spend 30 hours and $496 out-of-pocket costs to restore their affairs, merchants and financial providers will spend billions to protect systems and brands, and law enforcement will work hard to chase the bad guys.
Many states around the country are enacting laws requiring entities that have experienced data security breaches to notify affected individuals whose personal information may be at risk. However, there seems to be a disconnect between breach notifications and consumer awareness of the risk they bring.
Why You Should Take Notice
- During each of the past three years, an average of 11% of consumers received a breach notification.
- Of these consumer breach victims, more than 33% experienced exposure of their Social Security numbers and 15% had their ATM PINs compromised.
- Despite 19.5% of breach victims suffering some kind of fraud in the past year, only 2% attribute their fraud to the breach.
Come On, Do I Really Need To Worry About This?
It might be a good idea considering the Identity Theft Resource Center has already tracked 356 data breaches so far this year. Forty-six of those breaches have involved financial institutions, and when they or their third-party service providers are breached, it’s nasty.
Take for example the Heartland Payment Systems breach earlier this year. The result of this breach was a staggering compromise of 130 million credit and debit cards. Now that’s a lot of Visa cards…yikes!
What You Can Do?
There is very little we can do to avoid data breaches, however there are steps that we can take to better prepare ourselves for the next time that breach notification shows up in the mailbox:
- If you get a data breach notification, don’t dismiss it. "Data breach notifications are intended to help consumers take protective action," said Mary Monahan, Javelin Managing Partner & Research Director.
- Obtain credit monitoring services. Most companies will provide this free of charge in the event of a security breach, so take them up on it. You may also consider employing a more complete credit monitoring service or even initiating a credit freeze.
- Limit the amount of sensitive data you give out online or over the telephone. If the requested information has nothing to do with the transaction you’re making, don’t provide it. For more on this, read our article about becoming a "privacy grouch."
- Avoid or be cautious using wireless devices, “convenience cards”, credit cards or unfamiliar online transaction sites.
Lastly, remember the words of the orator, Robert Green Ingersoll when he said:
“It is a thousand times better to have common sense without education than to have education without common sense.”
Zone Alarm has made their excellent Zone Alarm Pro 2010 software available for download today - October 13, 2009 - free of charge. It will be available until 6am PST on October 14, 2009.
The free download has the following stipulations:
- License valid for one year (10/13/09 to 10/14/10)
- License valid for up to 3 PCs
- This offer is valid for new customers only
- Limit one per customer
The software is available for download here - http://download.zonealarm.com/bin/free/sum/index.html?cid=W100020
Ben Bernanke is a victim of identity theft. This is proof positive that it can happen to anyone.
Ben Bernanke - the Federal Reserve Board chairman - was one of hundreds of victims of an elaborate identity-fraud ring, headed by a convicted scam artist known as "Big Head," that stole more than $2.1 million from unsuspecting consumers and at least 10 financial institutions around the country.
How Did It Happen?
On August 7, 2008, Anna Bernanke - Ben Bernanke's wife - was at a Starbucks when her purse was stolen off the back of her chair.
What Was in Her Purse?
It's not good...
- Driver's License (no problem)
- Four credit cards (not so great - the fewer the better)
- Checkbook (no problem)
- Social Security card (OUCH!!!)
So the thieves had Mrs. Bernanke's SSN, Date of Birth (from the Driver's License), home address, and home phone (from the checks). This is the perfect combination of personal data.
It goes without saying that you should never carry your Social Security card in your purse or wallet. It should be tucked away in a very safe place at home or in a bank lock box. You should also limit the number of credit cards you carry. Just think of how many banks you'd like to call and/or fraudulent transactions you want to deal with and limit your cards accordingly.
Who Were the Thieves?
The thieves were part of a crime ring called "The Cannon to the Wiz." Here is the entry from the Urban Dictionary for "cannon":
Cannon - Old school term for a skilled pickpocket. "
These thieves were after personal information as well as checks and credit cards. They worked in government or medical offices or were simple pickpockets or mail thieves. They attended major sporting events in order to target victims with wallets and purses full of loot. One such victim was Donna Pendergast - an assistant Michigan Attorney General. Her experience went like this:
The robber was so adroit he managed to lift the wallet from her purse without her even knowing it. "They took it right out of my purse while it was on my shoulder," she said. "I didn't feel a thing."
Have They Been Caught?
Yes and no.
Federal agents busted the identity theft ring this summer, but George Lee Reid - the one who fraudulently used the Bernanke's checks to steal $9,000 - had the charges dropped against him, but the Feds are now searching for him again on related charges.
More information on this story from Newsweek.
A recent article by Kevin Poulsen on Wired.com made a sobering observation: software hackers are becoming as sophisticated in their programming as the software they're trying to attack. Where hacking used to be something of a harmless, if annoying prank by bright, restless kids before they went off and got regular jobs, hackers are increasingly well-funded and making use of state-of-the art technology to design the trojans, viruses and spyware that attempt to get into your computer.
Today, the best hackers have the skill and discipline of the best legitimate programmers and security gurus. They're using mind-bending obfuscation techniques to deliver malicious code from hacked websites undetected. They're writing malware for mobile phones and PDAs.
The Case of the Clever Conficker
Poulsen cited the the worst case of computer infection in recent years, the Downadup worm , also known as the Conficker worm (see “Latest Worm Infect 9 Million PCs”). One reason the Conficker worm spread so quickly was that it was the first widely-released program—good or bad—to incorporate M6, a state-of-the-art cryptographic algorithm developed at MIT. When crypto expert Phillip Porras first dug into Conficker's code, M6 was available only from the websites of MIT and the U.S. National Institute of Standards and Technologies—and no one even recognized M6 at first. When it came to implementing M6 the bad guys had beat the good guys to the punch!
Other portions of Conficker were equally impressive: the way it doggedly hunts for anti-virus software on a victim's machine, and disables it; or the peer-to-peer mechanism. "There were points where it was pretty clear that certain major threads inside Conficker C seemed to be written by different people," Porras says. "It left us feeling that we had a more organized team that brought different skills to bear.... They aren't people who have day jobs.
Another reason the Conficker worm wriggled its way into so many computers was the flexibility and responsiveness of its software engineers. Just like legitimate software engineering teams, when the authors of Conficker discovered a security hole in the first release of their program they stayed up nights and patched their code within just a few weeks. Experts are observing new malware coming out as quickly as a couple of days after a new vulnerability is announced.
What You Can Do?
- Be proactive. Now. Believe that you're computers connected to the Internet are at risk and it's up to you to fortify them.
- If your anti-malware software doesn't run automatically get in the habit of running it daily. If you haven't updated your anti-malware software lately, do it today.
- Make sure your operating software is updated regularly. The best method is to let it download and update automatically. Software vendors will update their software as quickly as possible after a serious weakness is discovered.
More Info
Read the article - Future of Cyber Security: Hackers Have Grown Up.
The Better Business Bureau (BBB) has announced that April 18th is Secure Your ID Day and is offering free document shredding at various locations across the U.S.
You can bring up to three boxes/bags of paper documents and they will shred them on the spot. Even if you have your own shredder I imagine they'll have a bigger one that will be much faster, so it's worth checking out.
What Should You Shred?
If you're wondering what to bring, check out our shredding page and get a few tips. The short answer is you should shred any documents that has a signature, account number, social security number, or medical or legal information (plus credit offers).
Enjoy!
Remember when the McCain campaign had that garage sale a few months back and sold two BlackBerries with hundreds of GOP contacts still saved on them? It may have seemed like a silly blunder to those who heard about it at the time, but it turns out that most of us are just as careless with our mobile phones and handheld devices as the McCain staffers were with theirs.
99% of Cell Phone Recyclers Neglect to Erase Data
According to a study by Regenersis, one of the leading electronics recycling firms in the world, 99 percent of recycled cellular phones are handed over with their owners personal information and contact lists completely intact. The company did a random sampling of 2000 devices in the month of December, and found that only a handful of consumers had bothered to delete information like emails, banking data, or addresses.
How to Remove Data Before Handing Over An Old Cell Phone
Very few recyclers offer the service of wiping devices before they pass them along, but even if they did, you'd still be handing over an extensive catalog of personal information to a perfect stranger and trusting them to do the right thing.
To take matters into your own hands:
- Remove the SIM card from your phone. It's a little plastic memory card usually located behind the back cover underneath the battery.
- Call your service provider and ask them to disconnect the phone from your account.
That's it! That wasn't hard, was it?
Unfortunately, if you own an iPhone or BlackBerry, it can be a little more complicated but these videos should help:
Erasing a BlackBerry
Erasing an iPhone
An Important Disclaimer
If you've got national security secrets on your phone or maybe mission briefings and data from U.S. soldiers in Iraq and Afghanistan, it's important to remember that there's no way to completely erase a handheld device. Sophisticated forensic recovery methods are capable of reversing pretty much any data-destroying trick that doesn't involve a hammer or a blowtorch, so for highly sensitive data, you should probably contact a specialist. For the rest of us though, the above methods should do the trick.
To read more about phone recycling, head on over to Earth911 blog.
Did that get your attention? Scammers are hoping it will.
Breaking News Malware Emails
An ongoing strategy of scammers is to send out spam emails with shocking or titillating subject lines. They've decided the recent nomination of Barack Obama is a perfect topic and Symantec has reported that emails are showing up that read something like this:
Sample Emails
Subject: Breaking news
Barack Obama refused to be the president of the United States of America
Yours Sincerely,
Cecily Lynn
Subject: What is going on with our country?
Yours faithfully,
Rodney Lynch
The link in the actual emails (we're not linking to anything in the examples above) point to the following site:
What is the Threat?
The site instantly attempts to bypass any browser security and install malware on your computer. If that fails, any link on the site will download and install malware software. The software is called W32.Waledac. Here's what it does, as described from the Symantec web site:
Rest assured that we detect this piece of malicious software under the name W32.Waledac. This particular piece of malware is capable, among other things, of:
- harvesting sensitive information on your computer
- turning your machine into a spam zombie
- establishing a back door on your computer that will allow it to be remotely accessed
How Can I Protect Myself?
Resist the Impulse to Click - scammers will try to provoke an emotional response in order to keep us from thinking about what we're doing. When you see an email like this, think for a moment if it's even reasonable. Ask why someone would send an email like this. What's the point?
Keep Your Software Up to Date - we've recently talked about keeping your Windows systems updated. The same goes for browsers, email clients, or anti-virus software. If you're software is up-to-date, you're more likely to avoid being hurt by scams like this.
By the way, Obama certainly didn't refuse to be president. I watched the inauguration myself and my thoughts and prayers are with him. Whatever your political affiliation or citizenship, we should all hope and work for his success.
Of all the worries that parents of young children face, few would rank the prospect of their 7-year-old opening up six credit cards and running up $35,000 in debt as one of the most pressing. But increasingly, parents and young adults are struggling with a very similar reality these days — only the children themselves aren't to blame, identity thieves are.
Last week, two stories of childhood identity theft hit the headlines...
- In Florida, a woman was accused of opening up a Capital One credit card under her daughter's name, and then using the card until the girl's father began to notice collection notices being sent to their home.
- In California, a man was discovered to be using the identity of a 4-year old who died in 1984. He was caught after using the deceased child's name to buy a home, a car, and to obtain several credit cards.
A Growing Problem
According to the Federal Trade Commission, there were more than 34,000 incidents of childhood identity theft reported between 2005 and 2007. The figure makes up about 5 percent of all identity thefts.
Chiefly to blame is a credit check system that at no time makes an effort to verify the age of individuals. With nothing but a Social Security number, thieves are often able to gain a credit history by finding creditors who don't require a photo ID or birth certificate. The first age that goes into a system like Trans Union, Experian, or Equifax, becomes permanently associated with the applicant's name and Social Security number.
Here's how John Moira, the father of the girl who had her identity stolen by her mother, describes it:
"My heart dropped, I couldn't believe it," said John Moisa, who became suspicious when he received correspondence from the credit card company addressed to his daughter. "At first I didn't think about it until my mom said she was getting collection calls at her house."
Moisa called the credit card company, which wouldn't initially talk to him until he faxed proof of his daughter's age. Moisa said he's spent the past several months trying to repair the girl's credit.
"It was unpaid, past-due bills, so it didn't look good," Moisa said.
Parents Are the Best Protectors (and Most Likely Culprits)
Some experts estimate that around half of childhood identity theft is committed by parents and relatives with access to a full range of information and documentation associated with a child. Other reports point to teachers, administrators, coaches, babysitters, and others with easy access to documents and records. (Some teachers have even been known to have pupils write their social security numbers on all homework and tests, exposing students anyone who bothers sifting through the school's wastepaper baskets.)
With a down economy, parents and family members might be more likely to turn to identity theft as a way getting their hands on additional credit.
"The majority of cases involve parents who may be going through a tricky time, going through a divorce and looking for additional credit," said Purl, Chief Operating Officer for Grand ISS, a St. Petersburg-based investigative security firm.
Purl said with more people out of work, identity theft cases involving young children are likely to increase.
"I think we're going to see more crime in general, as money is more tight for people. We've seen that with credit card fraud and white-collar crime. It's an easy way to make money," Purl said.
How Can We Protect Our Kids?
It's becoming increasingly important for parents to help their kids get savvy about giving away personal information on the internet, or over the telephone. Beyond that, responsibility falls on parents to be vigilant about who they send copies of birth certificates to, and to notice things like debt consolidation notices coming in the mail addressed to their children.
For more on how to prevent childhood identity theft and what to do if you think your child has been targeted, check out this fact sheet from the Identity Theft Resource Center - www.idtheftcenter.org.
We're stepping a bit outside our normal comfort zone of covering scams, fraud, identity theft, and whatnot to present an offer that we think will be valuable to our readers.
For a limited time Suze Orman is making her latest book "Suze Orman's 2009 Action Plan | Keeping Your Money Safe and Sound" available for free via the Oprah Winfrey web site.
NOTE: Offer expires at 11:59 p.m. CT on Thursday, January 15
Why Should You Read This Book?
I have to admit that I haven't read the whole book yet. I wanted to get this posted so you would have time to download it before the offer expires.
What I have read, however, speaks directly to these ugly economic times. I see my friends in the U.S. and elsewhere struggle with layoffs, home foreclosures, business failures and every other kind of stressful situation. Unfortunately things don't look like they'll be improving anytime soon and we're all wondering how we're going to survive this downturn.
I think Suze says it best in her Introduction:
I bet you are scared. Angry, too. And confused. These are absolutely rational and appropriate responses to the global credit crisis that erupted in 2008 and continues to send tremors through every household in America. And I do mean every household. No matt er how conscientious you have been with managing your money, the events of 2008 have battered us all.
The one in 10 homeowners who are at risk of facing foreclosure on their homes are obviously scared, but so too are the 9 out of 10 homeowners who can afford their mortgage but are watching plummeting home values jeopardize their financial security.
It’s not just the overreaching Wall Street firms who are paying the price for those risky investments. Every U.S. taxpayer is now on the hook for a massive bailout — bailout engineered by the same players in the federal government that had turned their back on regulating the very practices at the root of today’s financial crisis. Angry? You should be.
In any case, the book is free until January 15th, so it won't cost you more than a minute or two of your time and a few bytes flowing over your internet connection.
I think it will be worth your while. Take care out there...
Go the the download page on the Oprah Winfrey website. Once the offer expires you can buy the book for less than $10 on Amazon
In case you want to learn more about the book, I've provided some Amazon reviewer comments and the table of contents:
Amazon Reviews
Suze hit it big with this book for many people. She wrote a precise book on how to handle 2009 proactively with specific "what to do" situations and how to assess financial challenges into correct decisions. Picking this book on Borders out of curiosity, I learn a lot from security precautions you should take from local banks. That alone pays the trip and the well deserved $10 I paid over a Dolce Latte over the quick read.
This is hands down Suze Orman's best book. Upon reading every word and turning every page I felt confident that I am on the right track. Following Suze's advise over the years has provided me with the education required to be prepared for what lies ahead. The Expenses breakdown chart is a very helpful tool to see where you can cut back. I also loved the format in which this book was written, it can be used as a reference tool and you can read based on your area of concern be it credit, 401k, retirement etc. I think everyone should not only read this, but live by it!
See the rest of the reviews on Amazon
Table of Contents
2009: The New Reality
A Brief History of How We Got Here
Action Plan: Credit
- Falling credit lines
- Rising interest rates
- FICO scores under pressure
- Repayment plan
- Debt consolidation
- Borrowing from 401(k)
- Borrowing from home equity line of credit
- Bankruptcy
- Collection agencies
- The case for stocks
- Allocation strategies
- 401(k) loan/early withdrawal
- IRA rollover
- Retiree income strategy
- Roth IRA conversion
- FDIC insurance
- Money market deposits
- Eight-month emergency fund
- Credit squeeze
- Expense/income worksheet
- Finding ways to save
- Needs vs. wants
- Insurance saving tips
- Car loans
- Dif?cult choices
- A challenge from Suze for 2009
- Mortgage-modi?cation options
- Short sales
- Foreclosure
- Home equity line of credit
- Home values
- First-time-buying tips
- Pre-retirement strategy
- Vacation homes
- 529 allocation strategy
- What you can afford
- Federal loan strategy
- Stafford student loans
- PLUS parent loans
- HELOC loans/401(k) loans
- Private student loans
- Repayment
- Consolidation
- Job-loss strategies
- Hope for the best, prepare for the worst
- Health insurance
- Life insurance
Action Plan: Retirement Investing
Action Plan: Saving
Action Plan: Spending
Action Plan: Real Estate
Action Plan: Paying for College
Action Plan: Protecting Your Family and Yourself
The Road Ahead
For the second year in a row, malware has been discovered in major-brand digital photo frames, carried by some of the nation's biggest retailers.
Software that came pre-installed in frames manufactured by Samsung, Element, and Mercury, was found to enable the "Autorun" function in Windows, allowing it automatically install malicious code to a PC whenever it is connected. The nature of the malware varied with the device, and it isn't even yet clear in some cases whether the malicious code was put there intentionally, or if it simply replicated itself from an infected computer used in the manufacturing process.
This problem isn't just contained to digital frames though. In past years, a variety of electronic gizmos—from flash memory sticks to satellite navigation devices—have all been found to pose security threats.
Peripheral Devices And You
What do most of the popular electronic holiday gifts such as digital cameras, music players, photo printers or even cell phones have in common? They're all "peripheral devices"—meaning that they have to be connected to a personal computer in order to become fully functional. Without these devices, our home computers remain just that—stationary libraries of songs, photos, and other data, inaccessible to us when we're outside of the house.
What many consumers don't know is that anything capable of downloading data given to it by a computer, is also capable of replicating its data onto that PC in the process. So before you plug a new device into your USB port, there are a few steps you should take to keep your computer safe.
Digital Photo Frames Can Contain Malware
What You Can Do
As always, the best way to protect your computer is to have a good, up-to-date anti-virus program installed and running at all times. These programs can identify almost any potential threat and neutralize it immediately upon connection of a device to your computer.
Staying away from cheap brands you've never heard of before (like those $15 drug-store digital cameras or MP3 players,) is also something many experts recommend. But top-notch anti-virus software should be enough to protect you—even from those yPod and Suny products you might find at the flea market.
Special Offers
Connect With Us
We invite you to become a fan of Fight Identity Theft or just join in the discussion.
Subscribe to Breaking News
Subscribe to Fight Identity Theft and receive top stories and breaking news via email.
Recent Blog Entries
Blog Archives
- November, 2009 (1)
- October, 2009 (6)
- September, 2009 (2)
- August, 2009 (3)
- April, 2009 (2)
- February, 2009 (3)
- January, 2009 (8)
- December, 2008 (8)
- March, 2008 (1)
- January, 2008 (1)
- December, 2007 (3)
- November, 2007 (2)
- October, 2007 (3)
- May, 2006 (1)
- March, 2006 (4)
- February, 2006 (4)
- January, 2006 (10)
- December, 2005 (7)
- July, 2005 (3)
- June, 2005 (4)
- May, 2005 (5)
- March, 2005 (1)
- Credit (12)
- Fraud (36)
- Government (20)
- Identity Theft (36)
- Junk Mail (5)
- Phishing (10)
- Privacy (18)
- Scam (29)
- Technology (47)
- Telemarketing (2)
- Viruses (10)
- Visitor Stories (1)
- Worms (10)
