Medicare receives 4.4 million claims a day and approximately 1 out of 10 of those are fraudulent. All of the fraudulent claims add up to a large sum of wasted time and money and the government is trying to put a stop to it. The Department of Justice (DOJ) and the Health and Human Services (HHS) Office of the Inspector General have been working together to reduce fraudulent activity.
In 2008, the DOJ and HHS and the Centers for Medicare and Medicaid Services worked together through the criminal and civil systems to secure 588 criminal convictions, obtain 337 civil administrative actions against individuals and organizations who were committing Medicare Fraud, and recovered more than a billion dollars in health care fraud monies . . . To date in fiscal year 2009, the Department of Justice has already recovered nearly a billion dollars in health care fraud monies and recorded 300 convictions.
In addition to catching Medicare thieves the DOJ and HHS want to enable seniors to participate in the fight. They want to raise awareness about the kinds of fraud that are happening and give seniors the tools they need to deter, detect and defend!
Here are a few examples of how Medicare is scammed out of billions of dollars a year.
Medicare recipients need to keep themselves safe.
Learn to recognize common schemes. A few common fraud schemes are:
It's critical that Medicare recipients check their statement summary sheets and look for:
If you see any of these problems make a phone call to your provider or Medicare to get it resolved. It could just be a clerical error or it could be a fraudulent act that needs to be reported.
To some the task above may seem very overwhelming. The DOJ and HHS understand that seniors want to protect themselves but may not have the knowledge to do so. For this reason Senior Medicare Patrols (SMP's) were created. SMP's are groups or seniors, formed in communities, that help other senior citizens learn how to combat Medicare Fraud. They bring awareness to seniors in the community, teach seniors how to read and understand their Medicare summary statements and offer support.
Medical identity theft and Medicare fraud are a huge problem that the government cannot tackle on its own. While they do their part it's important for senior citizens to do their part to protect themselves from medical identity theft and be on the watch for Medicare fraud.
More detailed information is available in the Fight Back! Medical Identity Theft and Medicare Fraud brochure [3] put out by the HHS.
More information is available at Stop Medicare Fraud's website [4].
Facebook won a huge judgment from the spammer who already owes MySpace $234 million from an earlier suit.
Sanford Wallace [7] has been a known spammer since the 1990's and is one of the first to be crowned "Spam King". His most recent spamming scheme was sending phishing messages to Facebook users that contained links to phishing websites asking for login information. The information submitted was used by Wallace to spam the phishing victims' friends with the aim to pull in even more potential phishing victims. It's also believed that Wallace was paid to redirect Facebook users to money generating web sites.
"The record demonstrates that Wallace willfully violated the statutes in question with blatant disregard for the rights of Facebook and the thousands of Facebook users whose accounts were compromised by his conduct," Fogel said in his ruling.
Facebook sought $7 billion in damages, as allowed by the CAN-SPAM act and California business code. However, California federal judge Jeremy Fogel felt that was disproportionate to the actual damage caused by Wallace and awarded Facebook only $710,737,650 instead. Judge Fogel also turned Wallace over to the U.S. Attorney's Office to be prosecuted for criminal contempt and for willful violation of a temporary restraining order and injunction.
With Wallace possibly facing jail time and owing MySpace $234, it won't be easy for Facebook to collect its money. But at least the "Spam King" as been caught and may be taken off the grid for a time.
More information on Information Week [8]. Photo courtesy of Canadian Broadcasting Centre.
26% of Twitter messages contain links, half of which are from spammers and lead to malicious websites.
With only 140 characters per Twitter message, it makes sense to shorten URLs and leave characters to say what you have to say. But with shortened URLs you have no idea what your final web destination will be. A spreader of malware and malicious websites couldn't be happier!
Researchers at Kaspersky Labs have found that as many as one in every 500 links on Twitter lead to sites hosting malware. They have also discovered that about 26% of Twitter messages - tweets - contain links and about half of those are created by spammers and people with bad intentions.
The two most popular URLs that the Krawler found posted to Twitter so far passed through the system in September. Both directed users to online dating sites. One of the sites, getion.com, is known to have hosted malware in the past, Raiu said.
So why isn't Twitter doing something to keep its users safe? Well, it is to an extent. In August Twitter started using a filtering system by Google to detect malicious URLs. The system checks the URLs against a blacklist and then either blocks the malicious URL from being posted or warns users to think before clicking on the link. However, the system only scans URLs that are shortened using the Bit.ly shortening service - the most commonly used on Twitter. Any links shortened using any of the over 200 other formats are not picked up by Twitter's filter.
Malicious URLs were discovered over a year ago before Twitter gained it's current level of popularity. Now, malware links regularly appear in "trending topics" where people are often checking to see what is the latest and greatest.
Read more at the Threat Level blog [16]. Graph courtesy of Kaspersky Labs [11]
So you received a data breach notification in the mail… no big deal, right? Not according to Javelin Strategy & Research’s latest report [19]. In fact, Javelin’s latest research reveals you are four times more likely to suffer identity fraud if you’ve received a data breach notification within the past year.
The average fraud victim will spend 30 hours and $496 out-of-pocket costs to restore their affairs, merchants and financial providers will spend billions to protect systems and brands, and law enforcement will work hard to chase the bad guys.
Many states around the country are enacting laws requiring entities that have experienced data security breaches to notify affected individuals whose personal information may be at risk. However, there seems to be a disconnect between breach notifications and consumer awareness of the risk they bring.
It might be a good idea considering the Identity Theft Resource Center [20] has already tracked 356 data breaches so far this year. Forty-six of those breaches have involved financial institutions, and when they or their third-party service providers are breached, it’s nasty.
Take for example the Heartland Payment Systems [21] breach earlier this year. The result of this breach was a staggering compromise of 130 million credit and debit cards. Now that’s a lot of Visa cards…yikes!
There is very little we can do to avoid data breaches, however there are steps that we can take to better prepare ourselves for the next time that breach notification shows up in the mailbox:
Lastly, remember the words of the orator, Robert Green Ingersoll when he said:
“It is a thousand times better to have common sense without education than to have education without common sense.”
Halloween is all about tricks, treats and pretending to be something your not. Scareware must think every day is Halloween.
Computer experts are reporting that scareware is on the rise. Scareware - a sneaky hacker technique used to steal personal information and spread viruses - is being found in more and more places online and even on trusted sites, like the New York Times.
"The recent scareware attacks are cropping up everywhere and can be found on even the most trusted Web sites online," said Alison Southwick, BBB spokesperson. "The threat of scareware undermines consumer trust in compromised Web sites, and on the Internet in general, but there are steps computer users can take to protect themselves."
Scareware usually presents itself as a pop up window on your computer that looks like it is from your computer. It gives some message that your computer has been infected with a virus that needs to be removed. Often the message tells you to go to the link provided to purchase and download anti-virus software. Once the software is purchased the download begins. Unfortunately, it is not anti-virus software that is being downloaded, but more viruses and malware.
If that weren't bad enough, now the hackers have your credit card information too.
This senario is playing out all over the internet. It was in mid-September that visitors to the New York Times web site started getting the infected pop up window. The New York Times traced the infected window back to an unauthorized ad. They later found out that the ad space was sold to hackers posing as Vonage.
But The New York Times is not the only site being affected and pop up windows are only half the story with scareware. According to Computer World Magazine, hackers are also "poisoning Google search results." Hackers monitor popular search topics and then create infected web pages with related content. They work to get those to the top of Google search results and when someone clicks a link in the search results - the infamous pop up window appears.
Fortunately there are steps that you can take to protect your computer from scareware:
(includes backup and other features), Norton Internet Security 2010 [28] (good all around option), 
or avast! [29] (free and good), and keep it up to date. Also make sure that all security patches and updates are installed for your webrowser and programs like Adobe Flash Player.If you clicked on the link and have downloaded the software all is not lost, but things aren't good. The Washington Post offers advice on their Security Fix blog [30] of how to rid your computer of the viruses and malware. But if you aren't computer savvy, you may think about calling a professional to clean up the mess.
UPDATE: An article from Wired magazine's Threat Level blog [31] sheds more light on how web sites are being targeted for malware distribution:
Web ads have become much more advanced over the years and many now include scripts that provide data tracking and other functions. Because of this, crooks are working to have their "ads" run on popular websites. Their ads also contain scripts, but the code displays scareware instead of tracking clicks or views.
In the article, Gawker Media - a major blog network of sites like Gizmodo, LifeHacker, Jalopnik and others - was targeted for ad placement, but fortunately Gawker has a team of geeks that digs into the code of any ad and confirms that it contains no malicious code. I'm guessing the NY Times now is enforcing a similar policy (yep, it is now [32]).
Heaven help us when we visit sites that have no such team of geeks to protect us from malicious ads...
July 2009 not only brought the hopes of fun summer activities, but it also brought the new vicious Trojan virus called Clampi. Clampi is a newly sophisticated virus designed to attack online banking systems. And unlike most Trojan viruses this virus can be picked up from trusted sites like blogs, online magazines, search engines and mainstream news websites, not just gambling and pornography sites. It also is only designed to attack computers running the Microsoft Windows operating system. So Mac users are safe from Clampi, for now.
Currently, Clampi is tracking over 4,500 financial websites. Most Trojan viruses usually track 30-40 sites at a time. Clampi is designed to watch: banks, credit card companies, e-mails, retail sites, utilities, online casinos, wire transfer services, share brokerages, government sites and mortgage lenders. Clampi is also not just limited to the United States. It has been found attacking in the United States, Britain and other English speaking countries.
Once Clampi has been picked up it settles into your computer and waits. What does it wait for? It waits for the user to log on to a bank account, credit card or some other financial website. Once the login information is entered, Clampi grabs it and shoots it to the cyber criminal's computer. From there the criminal uses the information to fulfill their desires. Whether it is taking money from a bank account, using a credit card to make purchases or reek whatever havoc they may.
Maybe you're thinking that this can't happen to you and maybe it won't. But it has been reported that through the use of Clampi criminals have stolen $75k from a car parts company in Georgia, $30k from a non-profit childcare organization [35] in Seattle, $480k from an online city bank account [36], $150k from a public school district in Oklahoma, $350k from a Chicago-are school district [37] and $700k from the Western Beaver School District [38] in Pennsylvania. There have also been reports of companies losing anywhere from $10k to $500k because of this one virus. There is really no telling how many people have been victims of the Clampi virus.
The most important thing you can do is to be proactive about protecting yourself from getting Clampi. Here are some ways to be proactive:
Zone Alarm has made their excellent Zone Alarm Pro 2010 software available for download today - October 13, 2009 - free of charge. It will be available until 6am PST on October 14, 2009.
The free download has the following stipulations:
The software is available for download here - http://download.zonealarm.com/bin/free/sum/index.html?cid=W100020 [43]
Have you ever taken one of those ridiculous and inane quizzes on Facebook that tell you which color you are ("I'm Orange! Now what do I do?"), which Harry Potter character you are (see above), or which superhero your dog resembles?
Maybe you hate these quizzes and avoid them completely, but do your friends on Facebook take them? If so, all your private info is likely being shared with the quiz developers - whoever they may be. This access to your personal information has alarmed many groups, including the ACLU. Here is a warning from the ACLU of Northern California:
Even if your Facebook profile is “private,” when you take a quiz, an unknown quiz developer could be accessing almost everything in your profile: your religion, sexual orientation, political affiliation, pictures, and groups. Facebook quizzes also have access to most of the info on your friends’ profiles. This means that if your friend takes a quiz, they could be giving away your personal information too.
The ACLU of Northern California has heard from thousands of concerned internet consumers using the popular social networking software, Facebook, about privacy issues. The ACLU went digging and found there is good reason for concern: as it stands, quiz developers have access to just about everything in your profile and postings and those of your Facebook Friends.
Here are a series of screenshots where we show exactly what happens when you take a quiz or run other applications on Facebook:
As you can see, Facebook tells you specifically that it will let the application developer "... pull your profile information, photos, your friends' info, and other content that it requires to work.
This is the privacy problem. Your friends are agreeing to share your information without your knowledge or consent. Not good.
These, I believe, are the default privacy settings for applications. As you can see, you or your friend are agreeing to share a lot of personal information with a completely unknown party.
Even if you are careful about your privacy settings in Facebook, quiz developers probably will be able to access your profile and your postings through the accounts of your Facebook Friends. To drive the point home the ACLU created their own short, instructional Facebook quiz [46]. (And no, according to their privacy policy, the ACLU will not collect or sell your information from their Facebook quiz.) Even though I was expecting some kind of revelation it was a bit creepy to suddenly see my Facebook profile information and photos start scrolling on the screen.
More on this story from the San Jose Mercury News [47].
Consumers’ obsession with celebrity news and culture is harmless in theory, but one bad download can cause a lot of damage to a computer.
—Jeff Green, McAfee, Inc.
Internet security company, McAfee, Inc. has just released its yearly update of most dangerous celebrity web sites for online threats such as spyware, adware, spam, phishing, and viruses. In the survey, web searches for actress, Jessica Biel, had a one-in-five chance of ending up on a website that has tested postive for malware—putting Biel’s name at the top of the danger list and beating out last year’s most dangerous name, Brad Pitt. Biel became popular on TV’s “Seventh Heaven” and recently starred in “Easy Virtue”.
Pop star, Beyonce, placed second on the list. Web searches on “Beyonce ringtones” led to a dangerous website linking to a distributor of adware and spyware. Over 40 percent of the survey searches for “Jennifer Aniston screensavers” contained computer viruses. Other celebrities on this year’s list included Miley Cyrus, Ashley Tisdale, Lindsay Lohan, Megan Fox, Angelina Jolie and newlyweds, Tom Brady and Gisele Bundchen.
Every day, cybercriminals use celebrities’ names and images, like Kim Kardashian and Rihanna, to lure surfers searching for the latest stories, screen savers and ringtones to sites offering free downloads laden with malware.
More info from Reuters - http://www.reuters.com/article/internetNews/idUSTRE57O2P520090825 [50]
Ben Bernanke is a victim of identity theft. This is proof positive that it can happen to anyone.
Ben Bernanke - the Federal Reserve Board chairman - was one of hundreds of victims of an elaborate identity-fraud ring, headed by a convicted scam artist known as "Big Head," that stole more than $2.1 million from unsuspecting consumers and at least 10 financial institutions around the country.
On August 7, 2008, Anna Bernanke - Ben Bernanke's wife - was at a Starbucks when her purse was stolen off the back of her chair.
It's not good...
So the thieves had Mrs. Bernanke's SSN, Date of Birth (from the Driver's License), home address, and home phone (from the checks). This is the perfect combination of personal data.
It goes without saying that you should never carry your Social Security card in your purse or wallet. It should be tucked away in a very safe place at home or in a bank lock box. You should also limit the number of credit cards you carry. Just think of how many banks you'd like to call and/or fraudulent transactions you want to deal with and limit your cards accordingly.
The thieves were part of a crime ring called "The Cannon to the Wiz." Here is the entry from the Urban Dictionary [53] for "cannon":
Cannon - Old school term for a skilled pickpocket. "
These thieves were after personal information as well as checks and credit cards. They worked in government or medical offices or were simple pickpockets or mail thieves. They attended major sporting events in order to target victims with wallets and purses full of loot. One such victim was Donna Pendergast - an assistant Michigan Attorney General. Her experience went like this:
The robber was so adroit he managed to lift the wallet from her purse without her even knowing it. "They took it right out of my purse while it was on my shoulder," she said. "I didn't feel a thing."
Yes and no.
Federal agents busted the identity theft ring this summer, but George Lee Reid - the one who fraudulently used the Bernanke's checks to steal $9,000 - had the charges dropped against him, but the Feds are now searching for him again on related charges.
More information on this story from Newsweek [54].
Links:
[1] http://fightidentitytheft.com/blog/medicare-fraud
[2] http://www.smpresource.org
[3] http://www.stopmedicarefraud.gov/fightback_brochure_rev.pdf
[4] http://www.stopmedicarefraud.gov/index.html
[5] http://fightidentitytheft.com/blog/medicare-fraud#comments
[6] http://fightidentitytheft.com/blog/facebook-awarded-711-million-spam-king
[7] http://en.wikipedia.org/wiki/Sanford_Wallace
[8] http://www.informationweek.com/news/global-cio/security/showArticle.jhtml?articleID=221400140
[9] http://fightidentitytheft.com/blog/facebook-awarded-711-million-spam-king#comments
[10] http://fightidentitytheft.com/blog/do-you-know-what-lurking-twitter-url
[11] http://www.kaspersky.com/
[12] http://linkscanner.avg.com/
[13] http://securebrowsing.finjan.com/
[14] http://blog.bit.ly/post/68979274/expand-urls-and-get-traffic-summaries-before
[15] http://www.tweetdeck.com
[16] http://www.wired.com/threatlevel/2009/10/twitter_malware/
[17] http://fightidentitytheft.com/blog/do-you-know-what-lurking-twitter-url#comments
[18] http://fightidentitytheft.com/blog/data-breach-danger-study-shows-it’s-real
[19] http://www.javelinstrategy.com/2009/10/27/between-paranoia-and-compacency-educating-consumers-on-data-breaches-and-fraud-risk/
[20] http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtml
[21] http://www.bankinfosecurity.com/articles.php?art_id=1200
[22] http://fightidentitytheft.com/credit-monitoring.html
[23] http://fightidentitytheft.com/credit-freeze-laws.html
[24] http://fightidentitytheft.com/blog/identity-theft/protect-your-privacy-by-becoming-a-privacy-grouch
[25] http://fightidentitytheft.com/blog/data-breach-danger-study-shows-it’s-real#comments
[26] http://fightidentitytheft.com/blog/scareware-everyday-halloween
[27] http://www.amazon.com/gp/product/B001U3PYLQ?ie=UTF8&tag=fightidentity-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=B001U3PYLQ
[28] http://www.amazon.com/gp/product/B002L7BR20?ie=UTF8&tag=fightidentity-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=B002L7BR20
[29] http://www.avast.com/eng/avast_4_home.html
[30] http://voices.washingtonpost.com/securityfix/2009/09/what_to_do_when_rogue_anti-vir.html
[31] http://www.wired.com/threatlevel/2009/10/gawker/
[32] http://www.wired.com/threatlevel/2009/09/nyt-revamps-online-ad-sales-after-malware-scam/
[33] http://fightidentitytheft.com/blog/scareware-everyday-halloween#comments
[34] http://fightidentitytheft.com/blog/new-trojan-virus-attacks-world-online-banking
[35] http://voices.washingtonpost.com/securityfix/2009/09/online_bank_robbers_target_hea.html
[36] http://www.theregister.co.uk/2009/10/14/microsoft_windows_bank_thefts/
[37] http://www.eschoolnews.com/news/top-news/news-by-subject/technologies/index.cfm?i=61006
[38] http://www.computerworld.com/s/article/9138636/School_boards_hit_with_cash_stealing_Trojan
[39] http://www.fightidentitytheft.com/blog/airport-wireless-network-not-as-safe-as-you-think
[40] http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
[41] http://fightidentitytheft.com/blog/new-trojan-virus-attacks-world-online-banking#comments
[42] http://fightidentitytheft.com/blog/free-zone-pro-firewall-software-oct-13-only
[43] http://www.fatwallet.com/redirect/bounce.php?afsrc=1&mid=14241339&url=http://download.zonealarm.com/bin/free/sum/index.html?cid=W100020
[44] http://fightidentitytheft.com/blog/free-zone-pro-firewall-software-oct-13-only#comments
[45] http://fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data
[46] http://apps.facebook.com/aclunc_privacy_quiz/?ref=mf
[47] http://www.mercurynews.com/topstories/ci_13210334?nclick_check=1
[48] http://fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data#comments
[49] http://fightidentitytheft.com/blog/celebrity-web-sites-a-source-photos-ringtones-and-malware
[50] http://www.reuters.com/article/internetNews/idUSTRE57O2P520090825
[51] http://fightidentitytheft.com/blog/celebrity-web-sites-a-source-photos-ringtones-and-malware#comments
[52] http://fightidentitytheft.com/blog/ben-bernanke-identity-theft-victim
[53] http://www.urbandictionary.com/
[54] http://www.newsweek.com/id/213696
[55] http://fightidentitytheft.com/blog/ben-bernanke-identity-theft-victim#comments
[56] http://fightidentitytheft.com/blog?page=1
[57] http://fightidentitytheft.com/blog?page=2
[58] http://fightidentitytheft.com/blog?page=3
[59] http://fightidentitytheft.com/blog?page=4
[60] http://fightidentitytheft.com/blog?page=5
[61] http://fightidentitytheft.com/blog?page=6
[62] http://fightidentitytheft.com/blog?page=7
[63] http://fightidentitytheft.com/blog?page=8