Archive for the ‘Identity Theft’ Category

Identity theft topped 2009’s list of customer complaints released by the Federal Trade Commission (FTC). It most frequently took the form of credit card fraud.

The report analyzed the complaints by type and location. Identity theft accounted for 278,078 complaints, or 21 percent of the total. The state with the most identity theft complaints was California, with 42,209. Florida, Arizona and Texas reported the highest number of such complaints per capita.

Third-party and creditor debt collection and Internet services also generated large numbers of complaints. The combined number of complaints related to these issues was still less than that for identity theft.

The complaints are received and stored by the Consumer Sentinel Network. Last year, there were more than 1.5 million complaints sent to the network, 54 percent of which were related to fraud. The median amount paid on these fraud complaints was $399, according to the report. Of the fraud-related complaints that reported initial contact, almost half pointed to e-mail.

Along with the list of top complaints, the FTC released a new animated video about filing a complaint. The video, which is available in Spanish, identifies various types of scams and directs consumers to ftc.gov/complaint to file a report.

In this age of heightened fears over identity theft, New York City residents will get an opportunity next month to shred their sensitive documents ⎯ at no charge.

The second annual Shred Fest NYC takes place all day on Sunday, May 3. Residents of all five boroughs will be able to bring their sensitive documents, like old bank statements, paycheck stubs and credit card statements, to 11 locations throughout the city.

The documents will be shredded by truck-mounted industrial shredding equipment, provided courtesy of Code Shred, Brink’s Document Destruction and USA Shred. All the shredded paper will be recycled.

The first five people to arrive with their papers at each site will receive a free paper shredder, donated by Staples.

New York’s Department of Consumer Affairs is sponsoring the event in coordination with the Office of the Criminal Justice Coordinator, the Parks and Recreation Department and the Department of Sanitation.

What a great idea!

Does your town or city offer a similar opportunity to safely destroy personal documents?

Scammers are at it again, this time targeting taxpayers who fall for bogus websites or emails claiming they can get an economic stimulus refund by simply providing their bank account number for direct deposit, or by paying a small fee. Duped victims end up with a drained bank account.

The Federal Trade Commission warns that in other cases, victims are asked to provide personal information, which is then used to commit identity theft. In yet another version of this insidious stimulus scam, victims receive an email containing a link to a website for more information; when consumers click on the link, they unknowingly download malicious software that collects their personal information, enabling identity thieves to rip them off. Read more »

As we start 2009, identity theft experts from around the globe are checking their crystal balls and compiling predictions of what you’re going to see in the field of identity theft in the new year. As I once again dust off my crystal ball and peer deep inside, here’s what I think is in store for you in 2009.

• More scams. That’s right, my crystal ball tells me that 2009 will be chock full of identity theft-related scams. Not surprising, considering the economic climate. When the economy goes belly-up, those people who walk the line on a good day will go to the dark side when the days get bad. They’ll do whatever it takes to get money, even if it means stealing your precious name.To make matters worse, today’s economic climate has turned people with good character desperate. And although they might not go to the dark side and become your neighborhood identity crook, when good people get desperate, they certainly are more prone to falling victims to these scams. Identity crooks thrive on the vulnerable, and the current economic situation is making many of us exactly that. In fact, scams related to real estate, jobs and credit (all affected by the current economic climate) will be on the rise. I’m even going to go out on a limb here — while overall identity theft crimes may or may not rise this year, I’d bet that we’re going to see an increase in new credit-related fraud due to the tight credit climate. When those who walk on the edge can’t get their own credit, they’ll get it using your precious name.

• Consumer education. Without a doubt, consumers appear to be more interested in educating themselves on identity theft-related issues. They want to understand the different types of identity theft and what they can do to protect themselves against them. They’re also looking more and more into available protection services and how to choose a service that meets their needs.

• Increased legislation. Every other week, it seems like there’s a big breach with thousands of consumer’s information being compromised. Without a doubt, “data breach central” has caused many states to take initiatives and create legislation in the interest of the consumer. With over 40 states passing or considering such legislation, more are sure to follow, and the federal government is getting involved in the game as well.

• Consumer-driven services. More and more consumers are inquiring about identity theft-related consumer services to help them prevent, detect and remedy an identity theft incident.

Los Angeles Times consumer columnist David Lazarus wrote about a recent brush with identity theft after someone stole his cash, driver’s license and credit cards from a locked gym locker.

What was so startling about this story was the cool precision with which the thief set about to use the card ⎯ about 30 minutes after it was taken. The thief quickly hit two Toys R Us stores, spending hundreds of dollars at each outlet and another $1,350 at a Best Buy before returning to the same Best Buy for an additional $1,298 purchase. The thief’s next stop was Target, where, thankfully, attempted credit card transactions were declined.

Lazarus notes that cashiers are supposed to compare the signature on the credit card transaction with the signature on the back of the card. That one simple step by an alert employee could’ve prevented the theft. But do you remember when a store clerk actually took the time to check your signature against your card? They just don’t bother anymore.

If you purchase anything with a credit card in the next few days, make a point to see whether the cashier checks your signature, then share your findings with us, please.

One hundred million or more MasterCard and Visa cardholders may have had their personal information compromised in the latest security data breach by payment processor Heartland Payment Systems.

The firm’s payment processing platform handles about 100 million transactions a month for 250,000 businesses. The source of the breach, undiscovered until last week, was apparently in place for a while; fraudulent activity reports by MasterCard and Visa began showing up late last year on cards that were used at Heartland’s client/merchants to process payments. About 40% of Heartland’s clients are small- and mid-sized restaurants.

The source of the breach was malicious software that surreptitiously collected customer data as it was sent for processing to Heartland by the company’s retail clients. The stolen data include names, credit and debit card numbers and expiration dates.

But then, there’s a good chance you haven’t heard about this because Heartland’s announcement of the breach, the largest in history, was released on January 20, a day when most people were focused on the presidential inauguration. Some suggest the timing of the announcement was no accident.

What’s more galling, though, is that Heartland President Robert Baldwin said it wasn’t “appropriate” for the company to offer consumers identity theft protection services because only names, credit/debit card account numbers and their expiration dates were lifted. Without addresses, he said, it would be difficult to fashion counterfeit credit cards without that information. According to Baldwin,

“In this case, the amount of information we know they did not get is long enough that except in very circumscribed cases identity theft is just not possible. At the same time, we recognize and feel badly about the inconvenience this is going to cause consumers.”

Maybe what Mr. Baldwin is really concerned about is the inconvenience of providing free identity theft protection monitoring services to roughly one-third of the U.S. population.

When traveling with your laptop, be careful for a scam set up to steal it at airport security checkpoints.

Here’s how the con works:

A group of thieves try to get between you and your laptop at airport security — at the metal detector. One of the grifters will get in front of you, while another who has already passed through security waits on the inside. You put your laptop conveyor to pass it through the X-ray scanner, and the con man in front of you makes sure to set off the metal detector on purpose. He puts on a good show, making sure to take plenty of time and cause enough confusion to delay you and distract people. In the meantime, your laptop comes out of the conveyor, and it sits there untouched and probably out of your view.

The second thief is waiting for it to arrive and simply picks it up and walks away. No security person on the inside typically knows or cares who owns the items coming through. To make the scheme even harder to detect, the thief on the inside might even make a quiet hand-off, so a third grifter ends up with your laptop.

So be careful at airport security, and try to keep an eye on your laptop. Even the Federal Aviation Authority (FAA) has issued warnings about this.

Once they have your laptop, plus all the other goodies in your bag, not only can they resell the electronics, they, or whomever they sell it to, can hack into it and probably find loads of valuable personal information.

If someone steals or misuses your Social Security number (SSN), which is issued by the Social Security Administration (SSA), does the SSA ever get involved in investigating the crime?

The answer is no. The SSA does not investigate ID theft, and they have no authority or budget to do so. So it’s a waste of time to contact them (unless your card was stolen and you need a replacement).

Now, if you’re a victim of Social Security benefit fraud or benefit checks are being stolen, that is in their jurisdiction and they will likely investigate. The part of the SSA that would get involved in that is the Office of the Inspector General (OIG).

If your Social Security card was lost or stolen, you should get a replacement. It can take quite a bit of time, so don’t wait until you need the card to take the step. The SSA website has instructions to help you out.

Now you may be wondering who will or should investigate your identity theft. The answer is “it depends.” But you can and should report it to the local law enforcement authorities where you live or where the crime happened. The local police really should take a report and make at least an attempt to investigate. But if they don’t, you can try the sheriff or state police.

You’re certainly aware that your Social Security number (SSN) is one of the leading ways your identity can be stolen. If it is stolen, it can cause you enormous headaches. The thief can use the SSN to open new credit cards in your name, get mobile phones or utility service, or commit bank fraud.

Clearly, you should avoid giving out your SSN unless it is absolutely necessary. Think about how many people have your SSN or have access to it. Family, roommates, every doctor or dentist you have seen, every employer you have ever had, insurance companies — even video stores sometimes require it for membership.

If you can limit the number of people who have your SSN, you can reduce your risk. The easiest way to protect your SSN is to never carry your card and to lock it away along with any papers that have your SSN printed on it.

You’re often asked for your SSN, but how do you know if it’s truly necessary to provide it? Well, outside of taxes or government benefits, it’s not always easy to know when providing a SSN is required rather than voluntary.

If someone asks for your Social Security number, pause for a moment to consider whether they really need it. Here are five questions you can ask the person who requested it.

1. Is my SSN absolutely necessary and, if so, why?
2. For what purpose will it be used?
3. Will you store it in a safe place?
4. Is there a law that requires you to get my SSN?
5. What happens if I don’t give it to you?

Something else to keep in mind: Often, when you’re told that your SSN is “required,” the business only wants it in case you don’t pay your bills. That makes it easy to track you down. They can provide it to a collection agency — which you want to avoid. They tend to not be very friendly.

Most of us realize that there’s a lot of valuable information that can be gleaned from the Internet. Whether you’re looking for the latest gossip on your favorite Hollywood star, following the election or researching a paper for school, the Internet can help you get the information that you need.

While most of us spend a lot of time pulling information from the Internet, sometimes we find ourselves posting it as well. We might be posting a question to a newsgroup seeking a technical answer or looking for that long-lost relative. What we must also realize is that in much the same way that we use the Internet to get information about our favorite topic, identity crooks are surfing the Internet looking for bits and pieces of personally identifiable information that they can use to steal our precious names.

Be careful what you post

All information is not created equal. As tempting as it may be to simply advise people not to post or provide any information online, it isn’t practical. There are legitimate reasons to post information online, and by not doing so, we reduce our online experience and limit the benefits of the Internet.

What we can do, though, is be careful about the type of information we provide. While it makes sense to post detailed information online about a technical problem so you can get help resolving it, it’s more difficult (but not impossible) to justify providing more personally identifiable information, such as name, address, date of birth, Social Security number, mother’s maiden name, etc.

We also need to remember that the more information we provide, the more significant it becomes. For example, if someone comes across your first name on the Internet, it means very little. Add your last name to it, however, and it means a bit more. Again, add a few more bits of information, such as your address and your date of birth, and you can quickly see where things start taking shape for an identity thief who’s on the prowl. So it’s not simply the type of information, it’s how it all can be used together.

Understand why you’re providing information

I doubt there are many people who’ve heard about protecting their personal information more than my friends and family have. Considering my background, it’s just my thing. I’m constantly telling them to protect it and to do so fiercely. Yet, even after hearing it day in and day out for the last five or so years, they’ll still sometimes provide information without really knowing why. Legitimate business or not, just because someone tells you they need your Social Security number doesn’t mean they really do. Don’t provide it without asking why. You’ll be surprised at how many of those people asking for it really don’t know why they need it and, in the end, won’t require you to provide it if you challenge it.

In the online world, even if some online forms request personal information, the information may not be required. Don’t assume that it is — see if you can proceed without providing it. If the information is required, take a minute to decide whether it makes sense for you to supply it. If something doesn’t seem right, don’t provide the information.

Is it worth the risk?

As you provide information online, measure not only whether it makes sense but also if it’s worth the risk. For example, if you’re getting your credit report online through a secure website from one of the three bureaus, you should expect to provide some personally identifiable information. In this case, the risk is relatively low, since you’re dealing with one of the three credit bureaus, making the transaction through their secure site, and getting a credit report in return, which is an important item and likely worth the small risk.

However, what if you’re providing personal information on a form as part of an online contest to win a free phone? Do you know who the recipient of that information really is? Is taking the chance of providing that information to an identity thief really worth the chance to win a free phone? It may sound far-fetched, but it’s not — people do it all the time. As part of surveys or contests, they provide very personal information without stopping, taking a deep breath, and asking if it’s worth the risk. They get caught up in the moment, as I vividly remember just a couple years ago when my wife received her free phone in the mail. As I asked all those questions that you would suspect that a person with my background might ask, we found out that what she really won was a new cell phone contract that she didn’t need.

How much information is too much?

There’s no quick and simple answer to this question. It depends on the type of information and why you’re providing it. I’ll go so far as to say, however, that providing any information that you don’t need to provide is too much. Protect your personal information fiercely, and always remember that your information might stay out there in cyberspace for a very long time. There will always be a crook out there browsing the Internet looking for those bits and bytes of information to steal someone’s precious name. Don’t let yourself become the next identity theft victim.