You may have read numerous articles about how to protect yourself
against Identity Theft and financial fraud by very practical and
important methods such as shredding all mail with account information,
but currently one of the greatest threats to your Identity is out of
your hands.

As stated in a July 2005 Newsweek
article by Steven Levy and Brad Stone, “sometimes being careful is not
enough when it comes to Identity Theft.”

Many of the incidents of Financial Fraud and Identity Theft stem from
security breaches and criminal activity at the corporations and
financial institutions which we entrust our personal information too.
Whi e it is important to be proactive by shredding billing mail or
guarding your social security number, it is also important to be aware
of what companies have “dropped the ball” and know how to react if your
Identity is stolen.

ID Theft & Finacial Fraud statistics:
According the Federal Trade Commission, “Identity theft affects
approximately 10 million Americans each year.”

Identity theft takes many forms. The Federal Trade Commission (FTC)
reports that in 2004 the most common type of identity theft was credit
card fraud (28% of total complaints) followed by phone or utilities
fraud (19%), bank fraud (18%), and employment fraud (13%).

The Department of Justice calls ID theft the nation's fastest-growing financial crime.

ID Theft at the Corporate level:

DSW: 1.4 Million credit cards + 96,000 Check transactions

Between November 2004 and February 2005, the DSW Show Warehouse
database was accessed by thieves who stole 1.4 million credit card
numbers plus 96,000 check transactions and the names on each of those
accounts from 108 stores in 25 states.  DSW announced the incident
in March 2005.
/7550562/
http://news.zdnet.com/2100-1009_22-5676211.html

CardSystem: 40 Million

On 17 June 2005, a payment processing center called CardSystem
Solutions was robbed of data on 40 Million Credit Card.
Now It\'s 40 Million Credit Cards

http://elamb.blogharbor.com/blog/_archives/2005/9/28/1265301.html

BJ: 40,000 accounts.
BJ\'s Wholesale Club Inc operates 150 warehouse stores and 78 gas
stations in 16 states.  The company went public in March 2004 with
information on approximately 40 thousand credit card being possibly
compromised.
The FTC charged that BJ\'s engaged in a number of practices which,
taken together, did not provide reasonable security for sensitive
customer information. Specifically, the agency alleges that BJ\'s:
Failed to encrypt consumer information when it was transmitted or
stored on computers in BJ\'s stores;
Created unnecessary risks to the information by storing it for up to
30 days, in
violation of bank security rules, even when it no longer needed the
information;
Stored the information in files that could be accessed using commonly
known default user IDs and passwords;
Failed to use readily available security measures to prevent
unauthorized wireless connections to its networks; and
Failed to use measures sufficient to detect unauthorized access to the
networks or to conduct security investigations.
http://www.ftc.gov/opa/2005/06/bjswholesale.htm

“,1]
);
//–>http://msnbc.msn.com/id/7550562/
http://news.zdnet.com/2100-1009_22-5676211.html

CardSystem: 40 Million

On 17 June 2005, a payment processing center called CardSystem
Solutions was robbed of data on 40 Million Credit Card. Now It's 40
Million Credit Cards

http://elamb.blogharbor.com/blog/_archives/2005/9/28/1265301.html

BJ: 40,000 accounts.

BJ's Wholesale Club Inc operates 150 warehouse stores and 78 gas
stations in 16 states.  The company went public in March 2004 with
information on approximately 40 thousand credit card being possibly
compromised.

The FTC charged that BJ's
engaged in a number of practices which, taken together, did not provide
reasonable security for sensitive customer information. Specifically,
the agency alleges that BJ's:

–
D([“mb”,”http://www.google.com/search?hl=en&lr=&c2coff=1&q=Bj%27s+Wholesale+club+credit+card

Tips on being proactive and reactive to ID Theft and Financial Fraud:
Pay attention to All your accounts.  Know the Who, What, When, Where
and How of every transaction you make.  This means bank, and credit
card account frequently and keeping a ledger or check book and
receipts.
Points of contact for watching your credit cards:
Equifax, 800-997-2493, Disclosure Dept., P.O. Box 740241, Atlanta, GA
30374; TransUnion, 800-888-4213, P.O. Box 1000, Chester, PA 19022; and
Experian, 888-397-3742, P.O. Box 2104, Allen, TX 75013. Report errors
promptly and in writing.
freecreditreport.com

Give as little information as possible.  Your digital fingerprint
consists of your DOB, SSN, Phone Number, Address, Mothers Maiden name.
 All are usually asked of credit card companies when money is pulled
out or address is changed.

More on your digital fingerprint:
Credit Card
CW2
Credit Report
SSN
Driver\'s License
ATM cards
Telephone carlling
Mortgage
DOB
Password/PINS
Home Address
Phone Number

Do NOT share your information with "other financial institutions."
Often the financial institutions we bank with get credit from or the
like will ask us if they can share your information with their
"partners."  The answer is NO.
Also opt out of pre-approved credit offers by calling the Credit
Reporting Industry Pre-Screening Opt-Out Number at 888-567-8688.

Cary as little ID as necessary when traveling.  Do you really need
your Social Security card, and Birth Certificate where every your go?

Shred ALL information with to many parts of your digital fingerprint
“,1]
);
//–>
Tips on being proactive and reactive to ID Theft and Financial Fraud:

Pay attention to All your accounts.
 Know the Who, What, When, Where and How of every transaction you
make.  This means bank, and credit card account frequently and
keeping a ledger or check book and receipts.
Points of contact for watching your credit cards:
Equifax, 800-997-2493, Disclosure Dept., P.O. Box 740241, Atlanta, GA
30374; TransUnion, 800-888-4213, P.O. Box 1000, Chester, PA 19022; and
Experian, 888-397-3742, P.O. Box 2104, Allen, TX 75013. Report errors
promptly and in writing. freecreditreport.com

Give as little information as possible.  Your digital fingerprint
consists of your DOB, SSN, Phone Number, Address, Mothers Maiden
name.  All are usually asked of credit card companies when money
is pulled out or address is changed.

More on your digital fingerprint:
Credit Card
CW2
Credit Report
SSN
Driver's License
ATM cards
Telephone carlling
Mortgage
DOB
Password/PINS
Home Address
Phone Number

Do NOT share your information with “other financial institutions.”
Often the financial institutions we bank with get credit from or the
like will ask us if they can share your information with their
“partners.”  The answer is NO. Also opt out of pre-approved credit
offers by calling the Credit Reporting Industry Pre-Screening Opt-Out
Number at 888-567-8688.

Cary as little ID as necessary when traveling.  Do you really need your Social Security card, and Birth Certificate where every your go?

“,”
Take mail with lots of your digital fingerprint (such as bill
payments) to the post office.

Allow waiters, and clerks to see your credit card and/or debit
information as little as possible.
Crooks can use a handheld card reader to copy the information from
your card\'s magnetic strip.

Beware strange ATMs. Avoid using private or strange-looking automated
teller machines, because they may be rigged to skim data off your
card\'s magnetic strip. Six- or seven-character PINs (personal
identification numbers) are harder to crack than shorter ones, but you
may not be able to use them at machines abroad.

No surfing allowed. Watch out for "shoulder surfers" when using pay
phones or public Internet access; use your free hand to shield the
keypad. Don\'t use cordless phones to conduct sensitive financial or
medical business, because eavesdroppers on other phones and those
using eavesdropping equipment may be able to overhear your
conversations.

Build a wall. Install firewalls and virus-detection software on your
home computers to discourage hackers.

Log off. Quit your browser and log off after using public
Internet-access computers in libraries, Internet cafes, and the like.
Don\'t pay bills, bank, or conduct other financial transactions on
public computers. If you have a high-speed Internet connection at
home, unplug the computer\'s cable or phone line when you are not using
it to discourage hackers.

Deal only with reputable Web sites. Check privacy and security
policies of Web sites before making purchases, trading stocks, or
banking online. A professional-looking Web site is no guarantee of
security. Don\'t respond to unsolicited e-mail requests for personal
information.

Get complicated. Consider password-protecting all your bank and
brokerage accounts. Create passwords at least eight characters long.

Check your workplace. Ask how your employer safeguards employee
“,1]
);
//–>Shred ALL information with to many parts of your digital fingerprint.

Take mail with lots of your digital fingerprint (such as bill Payments) to the post office.

Beware strange ATMs. Avoid
using private or strange-looking automated teller machines, because
they may be rigged to skim data off your card's magnetic strip. Six- or
seven-character PINs (personal identification numbers) are harder to
crack than shorter ones, but you may not be able to use them at
machines abroad.

Surf safely on the Internet.  Ensure you have set up a firewall to protect your network.  All online banking and medical transactions must have secure means of trasfering information such as SSL or https to encrypt the data. 
Secure transaction will forward you to a secure page “https” and
usually have a symbol of a tiny lock in the corner. 

Trust your digital signature to only reputable Web sites.

Use secure passwords and password management techniques.

Get involved. If you are interested in asking Congress to pass
stronger financial privacy protections, visit
www.financialprivacynow.org.

Resources to battle Identity theft:
http://www.privacyrights.org/
http://www.idtheftcenter.org/index.shtml

This is an interesting article on eWeek penned by Gene Koprowski
adressing the virus portal known as Internet Message chat (AIM, MS
messenger, ICQ etc).  

Great point but the article speaks as if IM is some sort of NEW
target.  IM is one of the biggest holes in home computer
systems.  There are MANY hacker tools that exploit these swiss
cheese, foolishly trusting apps.  Do a scan on your ISP's Network
and you will see scores of ports open on AIM and ICQ and others. 

“We started doing this report about four months ago. What we're
seeing is that there could be a new phase of IM viruses emerging. In
the past, IM viruses were variants of e-mail-borne viruses. That's not
exclusively the case anymore.”

Jaros said that his company's research demonstrates that there
is an average of at least one IM virus attack being conducted every day
now.

One of the most popular techniques that truly dark hackers use is to
connect an “owned” box to an IRC (Internet Relay Chat) room from which
many unholy acts can be done.

read more | digg story

Dan Nystedt's article on PCWorld tells of the good, the bad and the
ugly about connecting mobile systems to home system to the Internet:

And my favorite part:

The article goes on to mention something very interesting, 3G phones
are online all the time.  This feature make them HIGHLY
vulnerable to attacks.  I won't be surprise if one day soon these
phones will have to have little built in mobile firewalls.

Symbian is a very popular mobile phone operating system.  Much
like the Microsoft OSes and apps, Symbians popularity makes it a huge,
juicy target to mobile phone black hats.

read more | digg story

The problem lies in the way Microsoft has implemented a JavaScript
component in its Web browser, security researcher Amit Klein wrote in a
research document. Internet Explorer does not validate some data fields
provided by a PC when the component, called XmlHttpRequest, is used, he
wrote.

This affects IE 6 (even with Window XP SP2).  It can be thwarted by setting the security to “High.” 

This just another example of how bad IE is and how vulnerable our
browser can be.  Once again I recommend switching to Firefox.

Lets hope and pray that IE 7 is not as flawed as all previous versions of Internet Explorer.
read more | digg story

A recent survey suggested that hi-tech jargon is proving tricky for
many people to understand. Find out how technically smart you are with
our quiz that tests how much you really know about the world of the web
and computers.

This is cute little test. 

I scored a 9 out of 10.  I got the DRM one wrong.  
Digital Right Manager?!  I thought it  was Data Resource
Manager!  Oh, well.  Guess I'm not as big a geek as I thought
I was.

On my road to geekdom, I found that the biggest obstacle was the
language just as the article suggests.  Its like a different
langauge to the layman.  After a year or so of being on and off
the help desk I could speak geek.  The great thing about it is how
quickly the geek world evolves.  Geek speak evolves faster than
street slang.

read more | digg story