Category: Identity Theft

  • More of your information might be online than you think

    “If you are worried about a thief stealing your identity, it's not your wallet that needs guarding — it's your state and local governments.”

    The “Virginia Watchdog” has raised security/privacy consciousness 10 fold.  Her name is BJ Ostergren she runs www.TheVirginiaWatchdog.com

    She is a heroine for modern privacy concerns.  The Virginia Watchdog is attempting to save what is left of our privacy by getting in the face local politicians. 

    Check out her interview with CNN and the Washington Post.

    While there are some reactive and proactive measure that you can take to guard against ID theft, it is a bit disconcerting to think that no matter how many bank statements and bill invoices you shred all your data can be stolen from an office like the DMV or VA that has all of your personal information. 

    It is bad when government employees lose a database of personal records but in my opinion it is much worse if they make your social security number public on purpose.

    “Public records laws were designed to shed the light on government activities, not our personal information,” said Kerry Smith, an attorney with Public Interest Research Groups, a coalition of state consumer advocacy organizations. States are “clearly not striking the right balance when they release our Social Security numbers — the key to our financial identity — to commercial data brokers and anyone with access to the Internet.”

    The major move of hard copes to softcopies came from a string of laws that were set forth in the 90's:

    Government Paperwork Elimination Act in 1998

    Clinger-Cohen Act of 1996

    Paperwork Reduction Act

    Federal, state and local government agencies have complied the paperless government laws.  Now those electronic documents are finding their way on Internet.  These documents include mortgage, tax and property anything you might find as the County Clerks office.  The data (a portion of your digital signature: name, DOB, SSN) is (in some cases) being bought and sold to the highest bidder.

     

    http://www.opcva.com/WATCHDOG/index.html

    read more | digg story

  • Strategies To Protect Yourself Against Identity Theft

    Identity theft is a serious crime that is growing each year. If you're
    a victim of identity theft you may spend months, even years, trying to
    repair a ruined credit history. A seriously damaged credit report can
    compromise your chances of getting a new job, a bank loan, insurance or
    even rental housing. It's even possible to be arrested for a crime you
    didn't commit if someone else has used your identity to break the law.

    Unfortunately, many of the methods that thieves use to steal
    identities are beyond your control to guard against. Although it's
    rare, even store clerks have been known to use their position to pass
    along information to identity thieves. There are some measures you can
    take, however, that will make it harder for a thief to steal your
    identity.

    Protect Your Credit Card Number When Making Purchases

    After you make a purchase and your credit or debit card has been
    swiped through a credit card terminal, check to make sure that the
    printed receipt hides all but the last 4 digits of your credit card
    account number (usually there will be Xs in place of the first 12
    digits). Some terminals still print receipts that show all 16 digits of
    an account number, and may even include the expiration date as well.
    After your card is swiped, you're permitted by law to hide the first 12
    digits of your account number on the copy of the receipt that the
    vendor keeps. Use any marking pen that will do the job.

    When you go to a restaurant, it's especially important to make sure
    that the first 12 digits of your credit card number are hidden on your
    receipt. You might be in the habit of signing it and then leaving the
    restaurant's copy on the table after your meal. An identity thief can
    easily steal the signed receipt before the waitperson comes back around
    to pick it up from the table. Don't take any chances.

    Do You Really Need To Give Your Social Security Number?

    Another important way that you can guard against identity theft is
    to avoid giving out your social security number unless it's absolutely
    required. Although you need to share your social security number when
    you apply for credit or for a bank account, sometimes a store or an
    organization will want to use it as an ID number, simply to identify
    you within their system. This is a common practice even though the law
    says that social security numbers aren't to be used as ID numbers. In
    these situations, use your judgment. There's usually an alternative if
    you ask.

    Destroy Documents That Contain Sensitive Personal Information

    Buy a paper shredder and use it to destroy documents you're
    throwing away which contain personal information such as credit card
    numbers, social security numbers, phone numbers and dates of birth.
    This is important to do both at home and at work. Identity thieves
    aren't above going through someone's trash to find valuable personal
    information that can help them obtain credit in your name.

    If The Worst Happens

    If you do become a victim of identity theft, take the following steps immediately:

    • Contact your credit card companies, close your accounts and ask to have new cards issued to you.
    • Place a fraud alert on your file with any one of the three major credit bureaus. The other two will be notified automatically.
    • File a police report. You may need it to show to creditors as proof of the crime.
    • File a complaint with the FTC, which maintains a database of
      identity theft cases used by law enforcement agencies for their
      investigations.
  • Debit card crime ring BUSTED!

    Law enforcement officials in New Jersey have arrested 14 people in connection with a crime spree that has forced banks across the nation to replace hundreds of thousands of debit cards.

    read more | digg story

  • Fingerprint Payment System Becoming a Reality.. privacy issues

    O.k.  Imagine walking into WalMart, gathering $10 in groceries and then instead of swipping your card, you press your finger in to a finger sized scanner. 

    German grocery chain Edeka introduced a new method of pay system, the so-called 'digiProof' late in 2004 and into 2005.  And now an American company called Pay By Touch is doing the exact samething.   

    A San Francisco start-up, Pay By Touch Solutions, is expected to announce today $130 million in fresh financing for a novel way of paying for groceries and other goods and services: a machine that reads your fingerprint.

    This is very Cyberpunk.  Depending on the implementation, this may even be more difficult for ID Theft criminals to take advantage of.  If everything goes in that direction, house hold phones could actually get the devices and you could make authenticated bill payments from your house and get rid of all your credit cards.     

    Then again since the fingerprint is translated into a number, I imagine criminals could still get ahold of the information the traditional way (unless the number can only be accessed with the original persons print):

    Here's how it works: Customers sign up once, by registering a checking account or a credit card, and showing government identification such as a driver's license. The Pay by Touch technology records the lines and ridges of their fingerprints, and translates the data into a numerical algorithm that is stored in a secure database. The customers thereafter never have to carry a wallet or purse back to the store, and can use their finger to pay for goods across the Pay By Touch network, which now includes stores in 10 states.

    The capital raised — $55 million of it in convertible notes and $75 million in loans — will help the company build out its finger-reading payment systems at several nationwide retailers, including in California in the first quarter of next year.

    This may also be a much better way to track people by there fingerprints and accounts.  Could this raise privacy issues?!  After all, fingerprints could link criminal records if you have any.  And wasn't there something in the bible about this…?  Oh, no.. that was 666.

    It may be harder to hack but it will eventually be broken.  But that doesn't mean its no good.

    read more | digg story

  • Anatomy of A PayPal Identity Theft Scam – The 7 Warning Signs

    Paypal is becoming the online payment processor of choice for many users. Paypal allows virtually anyone to except credit card payments. Paypal is also a great way to send and receive electronic payments. Unfortunate fame has it's price and in the case of Paypal that means scam artists preying on the Paypal members

    The Most common Paypal Scam Involves E-Mail, You will receive an E-mail from Someone claiming to be Paypal requesting you Verify your Information. That is Warning Sign 1 Paypal will never send you an E-Mail Requesting Your Personal Information

    Often this E_mail will be sent to an E-Mail Address that is not the same one that Paypal has on File. That is Warning Sign 2

    The Third Warning Sign is forged Headers (From Address). This is often hard to detect without knowledge of the Internet. Many Spam filters are now setup to block E-mail that has forged headers. Ask your E-mail provider how you can block Forged Headers.

    The Fourth Warning Sign is the Greeting says something like Dear Paypal user or Paypal Member. Paypal knows who you are they will use the name you registered with.

    The Fifth Warning Sign is the threat. The E_mail will threaten to suspend your account if you don't take immediate action.

    The Sixth Warning Sign is a Non Secure Page. If you do click on the link in the E-Mail you will not be on a secure Page, No Https in the URL and no little Padlock in the lower left hand corner of your browser.

    Bad Grammar or Misspelled words in the

    If you receive an E-mail from Paypal with even 1 of these warning signs more likely then not it is a scam. Forward the E-Mail to Paypal and ask for assistance if you have any doubts.

    Don't let these modern day thieves keep you from go about your every day life. Life is a risk the key of course is to do all you can to protect yourself and still enjoy life.

    About The Author:
    Mike Makler has been Marketing Online Since 2001 When he Built an Organization of over 100,000 Members

    Get Mike's Newsletter:
    http://ewguru.com/newsletter

    More Articles by Mike:
    http://ewguru.com/tips

    Permission Based E_Mail Marketing Methods
    http://ewguru.com/hbiz/amazingoffer.html

  • 40 Million credit card accounts practically given away.. not problem

    OLD NEWs:
    CardSystem lost 40 million credit cards and what is the result.

    Credit card companies don't have to notify customers their personal
    information has been stolen, a California Judge ruled today…

    …In June, CardSystems admitted intruders had compromised the
    confidentiality of 40 million credit card holders, and 200,000 records
    had left the network. CardSystems had refused to notify the card
    holders. The Rothken suit also requested that chargeback fees or
    penalties on hapless card holders who were the victims of ID theft
    should be waived.

    But a San Francisco Superior Court Judge, Richard Kramer, disagreed.
    “I don't see the emergency,” he said. “I don't think there is an
    immediate threat of irreparable injury” to consumers… [*]

    This company did not encrypt the credit card data! A gross violation of the Payment Card Industry Security Standard.

    My comment and Voice of the evil doers:

    It is amazing the kind of protection companies have.   
    From the begining that was the purpose of a corporate entity
    “indemnity.”  This allows the part owners ,shareholders, Legal
    protection from loss.  

    40 million credit cards is a lot of loss.  

    I think is half-haves should all form our own companies so we can have
    that kind of protection from loss, including the loss of our
    identities.  If fact, on paper we should not exist, but instead be
    employee Identification numbers subject to our own companies, owning
    nothing but controling every thing!  

    Nothing new about that idea.. this is one of the tactics of the wealthy.

  • ID Theft and Finacial Fraud on companies and YOU

    You may have read numerous articles about how to protect yourself
    against Identity Theft and financial fraud by very practical and
    important methods such as shredding all mail with account information,
    but currently one of the greatest threats to your Identity is out of
    your hands.

    As stated in a July 2005 Newsweek
    article by Steven Levy and Brad Stone, “sometimes being careful is not
    enough when it comes to Identity Theft.”

    Many of the incidents of Financial Fraud and Identity Theft stem from
    security breaches and criminal activity at the corporations and
    financial institutions which we entrust our personal information too.
    Whi e it is important to be proactive by shredding billing mail or
    guarding your social security number, it is also important to be aware
    of what companies have “dropped the ball” and know how to react if your
    Identity is stolen.

    ID Theft & Finacial Fraud statistics:
    According the Federal Trade Commission, “Identity theft affects
    approximately 10 million Americans each year.”

    Identity theft takes many forms. The Federal Trade Commission (FTC)
    reports that in 2004 the most common type of identity theft was credit
    card fraud (28% of total complaints) followed by phone or utilities
    fraud (19%), bank fraud (18%), and employment fraud (13%).

    The Department of Justice calls ID theft the nation's fastest-growing financial crime.

    ID Theft at the Corporate level:

    DSW: 1.4 Million credit cards + 96,000 Check transactions

    Between November 2004 and February 2005, the DSW Show Warehouse
    database was accessed by thieves who stole 1.4 million credit card
    numbers plus 96,000 check transactions and the names on each of those
    accounts from 108 stores in 25 states.  DSW announced the incident
    in March 2005.
    /7550562/
    http://news.zdnet.com/2100-1009_22-5676211.html

    CardSystem: 40 Million

    On 17 June 2005, a payment processing center called CardSystem
    Solutions was robbed of data on 40 Million Credit Card.
    Now It\'s 40 Million Credit Cards

    http://elamb.blogharbor.com/blog/_archives/2005/9/28/1265301.html

    BJ: 40,000 accounts.
    BJ\'s Wholesale Club Inc operates 150 warehouse stores and 78 gas
    stations in 16 states.  The company went public in March 2004 with
    information on approximately 40 thousand credit card being possibly
    compromised.
    The FTC charged that BJ\'s engaged in a number of practices which,
    taken together, did not provide reasonable security for sensitive
    customer information. Specifically, the agency alleges that BJ\'s:
    Failed to encrypt consumer information when it was transmitted or
    stored on computers in BJ\'s stores;
    Created unnecessary risks to the information by storing it for up to
    30 days, in
    violation of bank security rules, even when it no longer needed the
    information;
    Stored the information in files that could be accessed using commonly
    known default user IDs and passwords;
    Failed to use readily available security measures to prevent
    unauthorized wireless connections to its networks; and
    Failed to use measures sufficient to detect unauthorized access to the
    networks or to conduct security investigations.
    http://www.ftc.gov/opa/2005/06/bjswholesale.htm

    “,1]
    );
    //–>http://msnbc.msn.com/id/7550562/

    http://news.zdnet.com/2100-1009_22-5676211.html

    CardSystem: 40 Million

    On 17 June 2005, a payment processing center called CardSystem
    Solutions was robbed of data on 40 Million Credit Card. Now It's 40
    Million Credit Cards

    http://elamb.blogharbor.com/blog/_archives/2005/9/28/1265301.html

    BJ: 40,000 accounts.

    BJ's Wholesale Club Inc operates 150 warehouse stores and 78 gas
    stations in 16 states.  The company went public in March 2004 with
    information on approximately 40 thousand credit card being possibly
    compromised.

    The FTC charged that BJ's
    engaged in a number of practices which, taken together, did not provide
    reasonable security for sensitive customer information. Specifically,
    the agency alleges that BJ's:

    Failed to encrypt consumer information when it was transmitted or stored on computers in BJ's stores;
    Created unnecessary risks to the information by storing it for up to 30
    days, in violation of bank security rules, even when it no longer
    needed the information;
    Stored the information in files that could be accessed using commonly known default user IDs and passwords;
    Failed to use readily available security measures to prevent unauthorized wireless connections to its networks;
    Failed to use measures sufficient to detect unauthorized access to the networks or to conduct security investigations.



    D([“mb”,”http://www.google.com/search?hl=en&lr=&c2coff=1&q=Bj%27s+Wholesale+club+credit+card

    Tips on being proactive and reactive to ID Theft and Financial Fraud:
    Pay attention to All your accounts.  Know the Who, What, When, Where
    and How of every transaction you make.  This means bank, and credit
    card account frequently and keeping a ledger or check book and
    receipts.
    Points of contact for watching your credit cards:
    Equifax, 800-997-2493, Disclosure Dept., P.O. Box 740241, Atlanta, GA
    30374; TransUnion, 800-888-4213, P.O. Box 1000, Chester, PA 19022; and
    Experian, 888-397-3742, P.O. Box 2104, Allen, TX 75013. Report errors
    promptly and in writing.
    freecreditreport.com

    Give as little information as possible.  Your digital fingerprint
    consists of your DOB, SSN, Phone Number, Address, Mothers Maiden name.
     All are usually asked of credit card companies when money is pulled
    out or address is changed.

    More on your digital fingerprint:
    Credit Card
    CW2
    Credit Report
    SSN
    Driver\'s License
    ATM cards
    Telephone carlling
    Mortgage
    DOB
    Password/PINS
    Home Address
    Phone Number

    Do NOT share your information with "other financial institutions."
    Often the financial institutions we bank with get credit from or the
    like will ask us if they can share your information with their
    "partners."  The answer is NO.
    Also opt out of pre-approved credit offers by calling the Credit
    Reporting Industry Pre-Screening Opt-Out Number at 888-567-8688.

    Cary as little ID as necessary when traveling.  Do you really need
    your Social Security card, and Birth Certificate where every your go?

    Shred ALL information with to many parts of your digital fingerprint
    “,1]
    );
    //–>
    Tips on being proactive and reactive to ID Theft and Financial Fraud:

    Pay attention to All your accounts.
     Know the Who, What, When, Where and How of every transaction you
    make.  This means bank, and credit card account frequently and
    keeping a ledger or check book and receipts.
    Points of contact for watching your credit cards:
    Equifax, 800-997-2493, Disclosure Dept., P.O. Box 740241, Atlanta, GA
    30374; TransUnion, 800-888-4213, P.O. Box 1000, Chester, PA 19022; and
    Experian, 888-397-3742, P.O. Box 2104, Allen, TX 75013. Report errors
    promptly and in writing. freecreditreport.com

    Give as little information as possible.  Your digital fingerprint
    consists of your DOB, SSN, Phone Number, Address, Mothers Maiden
    name.  All are usually asked of credit card companies when money
    is pulled out or address is changed.

    More on your digital fingerprint:
    Credit Card
    CW2
    Credit Report
    SSN
    Driver's License
    ATM cards
    Telephone carlling
    Mortgage
    DOB
    Password/PINS
    Home Address
    Phone Number

    Do NOT share your information with “other financial institutions.”
    Often the financial institutions we bank with get credit from or the
    like will ask us if they can share your information with their
    “partners.”  The answer is NO. Also opt out of pre-approved credit
    offers by calling the Credit Reporting Industry Pre-Screening Opt-Out
    Number at 888-567-8688.

    Cary as little ID as necessary when traveling.  Do you really need your Social Security card, and Birth Certificate where every your go?

    “,”
    Take mail with lots of your digital fingerprint (such as bill
    payments) to the post office.

    Allow waiters, and clerks to see your credit card and/or debit
    information as little as possible.
    Crooks can use a handheld card reader to copy the information from
    your card\'s magnetic strip.

    Beware strange ATMs. Avoid using private or strange-looking automated
    teller machines, because they may be rigged to skim data off your
    card\'s magnetic strip. Six- or seven-character PINs (personal
    identification numbers) are harder to crack than shorter ones, but you
    may not be able to use them at machines abroad.

    No surfing allowed. Watch out for "shoulder surfers" when using pay
    phones or public Internet access; use your free hand to shield the
    keypad. Don\'t use cordless phones to conduct sensitive financial or
    medical business, because eavesdroppers on other phones and those
    using eavesdropping equipment may be able to overhear your
    conversations.

    Build a wall. Install firewalls and virus-detection software on your
    home computers to discourage hackers.

    Log off. Quit your browser and log off after using public
    Internet-access computers in libraries, Internet cafes, and the like.
    Don\'t pay bills, bank, or conduct other financial transactions on
    public computers. If you have a high-speed Internet connection at
    home, unplug the computer\'s cable or phone line when you are not using
    it to discourage hackers.

    Deal only with reputable Web sites. Check privacy and security
    policies of Web sites before making purchases, trading stocks, or
    banking online. A professional-looking Web site is no guarantee of
    security. Don\'t respond to unsolicited e-mail requests for personal
    information.

    Get complicated. Consider password-protecting all your bank and
    brokerage accounts. Create passwords at least eight characters long.

    Check your workplace. Ask how your employer safeguards employee
    “,1]
    );
    //–>Shred ALL information with to many parts of your digital fingerprint.

    Take mail with lots of your digital fingerprint (such as bill Payments) to the post office.

    Beware strange ATMs. Avoid
    using private or strange-looking automated teller machines, because
    they may be rigged to skim data off your card's magnetic strip. Six- or
    seven-character PINs (personal identification numbers) are harder to
    crack than shorter ones, but you may not be able to use them at
    machines abroad.

    Surf safely on the InternetEnsure you have set up a firewall to protect your network.  All online banking and medical transactions must have secure means of trasfering information such as SSL or https to encrypt the data. 
    Secure transaction will forward you to a secure page “https” and
    usually have a symbol of a tiny lock in the corner. 

    Trust your digital signature to only reputable Web sites.

    Use secure passwords and password management techniques.

    Get involved. If you are interested in asking Congress to pass
    stronger financial privacy protections, visit
    www.financialprivacynow.org.

    Resources to battle Identity theft:
    http://www.privacyrights.org/
    http://www.idtheftcenter.org/index.shtml

  • 40 Million Credit Card Numbers Stolen – CardSystem Solutions Incompetence

    CardSystems Solutions moronic security efforts have resulted in the potential theft of information for 40 million credit cards. Hackers were able to install a rogue program, probably a Trojan, in the CardSystems security network. This program captured credit card information including the cardholder’s name, account number and verification code.

    CardSystems Solutions is an Atlanta-based company. Prior to this incident, it processed approximately $15 billion dollars in credit card transactions each year. Small businesses were the primary users of the system.

    The FBI and MasterCard International have launched investigations into the hack. It has become apparent CardSystems Solutions should be charged with gross negligence. The company failed to comply with MasterCard security regulations and failed to destroy the information of cardholders after prescribed time periods.

    In a matter of gross incompetence, CardSystems failed to encrypt any of the credit card data for users. This is the equivalent of your bank sending monthly account statements will all the information printed on the outside of the envelope. It is simply inexcusable and has led to potentially the biggest theft of financial information in history.

    Which Credit Cards?

    The incompetence of CardSystems Solutions will have an impact on every major credit card group. Estimated numbers range from about 20 million Visa cards exposed to 14 million MasterCard credit cards. As many as 4 million American Express and Discover accounts were also put on the sacrificial altar by CardSystems.

    What You Should Do

    You should review all charges on credit card statements over the next 12 months. Contrary to popular belief, hackers typically will not go out and charge up thousands of dollars on the card. Instead, you should look for small charges of $10 to $20 from companies with bland names. Hackers know that many people will not call to reverse a small charge. Don’t be lazy! Closely inspect your statement and contest any charges that aren’t familiar.

    Closing

    How big is this hack? There are approximately 300 million people in the United States. 40 million accounts equates to 1 in every 7.5 people. Yes, people carry multiple credit cards, but it is still a huge number. CardSystems Solutions should pay a heavy price for its incompetence. Frankly, it should be liquidated. There is little doubt the major credit card companies will take action.

    Richard Chapo, Esq., is a business lawyer with http://www.sandiegobusinesslawfirm.com – offering legal advice to San Diego businesses. This article is for general education purposes and does not address every facet of the subject matter. Nothing in this article creates an attorney-client relationship

  • Strategies To Protect Yourself Against Identity Theft

    Identity theft is a serious crime that is growing each year. If you're a victim of identity theft you may spend months, even years, trying to repair a ruined credit history. A seriously damaged credit report can compromise your chances of getting a new job, a bank loan, insurance or even rental housing. It's even possible to be arrested for a crime you didn't commit if someone else has used your identity to break the law.

    Unfortunately, many of the methods that thieves use to steal identities are beyond your control to guard against. Although it's rare, even store clerks have been known to use their position to pass along information to identity thieves. There are some measures you can take, however, that will make it harder for a thief to steal your identity.

    Protect Your Credit Card Number When Making Purchases

    After you make a purchase and your credit or debit card has been swiped through a credit card terminal, check to make sure that the printed receipt hides all but the last 4 digits of your credit card account number (usually there will be Xs in place of the first 12 digits). Some terminals still print receipts that show all 16 digits of an account number, and may even include the expiration date as well. After your card is swiped, you're permitted by law to hide the first 12 digits of your account number on the copy of the receipt that the vendor keeps. Use any marking pen that will do the job.

    When you go to a restaurant, it's especially important to make sure that the first 12 digits of your credit card number are hidden on your receipt. You might be in the habit of signing it and then leaving the restaurant's copy on the table after your meal. An identity thief can easily steal the signed receipt before the waitperson comes back around to pick it up from the table. Don't take any chances.

    Do You Really Need To Give Your Social Security Number?

    Another important way that you can guard against identity theft is to avoid giving out your social security number unless it's absolutely required. Although you need to share your social security number when you apply for credit or for a bank account, sometimes a store or an organization will want to use it as an ID number, simply to identify you within their system. This is a common practice even though the law says that social security numbers aren't to be used as ID numbers. In these situations, use your judgment. There's usually an alternative if you ask.

    Destroy Documents That Contain Sensitive Personal Information

    Buy a paper shredder and use it to destroy documents you're throwing away which contain personal information such as credit card numbers, social security numbers, phone numbers and dates of birth. This is important to do both at home and at work. Identity thieves aren't above going through someone's trash to find valuable personal information that can help them obtain credit in your name.

    If The Worst Happens

    If you do become a victim of identity theft, take the following steps immediately:

    • Contact your credit card companies, close your accounts and ask to have new cards issued to you.
    • Place a fraud alert on your file with any one of the three major credit bureaus. The other two will be notified automatically.
    • File a police report. You may need it to show to creditors as proof of the crime.
    • File a complaint with the FTC, which maintains a database of identity theft cases used by law enforcement agencies for their investigations.