You have an opportunity to play a major part in the exciting birth of a new industry that will mature and evolve into a multi-billion dollar industry. Pandora’s box has opened on identity theft and it will never close in our lifetime. There is no doubt that this outsourced risk industry will be here longer than you and I will ever be. As you further your walk down this path you will consistently notice or be asked about new services that pop up on the scene. When you consider that less than 5% of households currently own some form of identity theft protection and that number is estimated to swell to over 70% in the next 36-48 months it would only stand to reason that this is a ripe market for new companies to enter into.
If you do any amount of research on the internet you will find literally hundreds of these companies. The identity theft protection industry is like the wild-wild west right now with numerous gimmicky programs popping up to cash in on the media attention surrounding this subject.
Unlike other traditional\mature outsourced risk programs (auto, life, health, home etc.) the identity theft protection industry has not gone through its cleansing process yet and consumers have not learned how to evaluate these programs like ones we are all second and third generation of.
I live my life by the mantra… “Time will either promote you or expose you.” When choosing any identity theft service today the term, "caveat emptor," or "buyer beware," certainly applies.
The trained eye doesn’t have to read too far into most service offerings on company websites or brochures to recognize that for the most part they provide help, guidance and assistance to their subscribers.
These would be prime examples I would use to demonstrate the difference between…
Resolution vs. Restoration - or maybe a better way to describe it would be… “Do-it-yourself with a manual and a subscriber help line” vs. “Please just make my problem go away with limited involvement on my part because I am too busy taking care of everything else life throws at me”
Part of what we do as the iTAG Community Action Team, is to help consumers understand what the important considerations are from both a victims and an advocates perspective. Having been down this road personally, I know what victims go through and really need in a protection program.
Right or wrong, we live in a society where consumers have come to expect\demand that someone ‘fix’ their problems for them and not just to provide counseling or do-it-yourself aid.
There are numerous ‘good’ programs out there. But as this industry evolves and more consumers become victims, there will be a shakeout of programs that don’t make the grade and the bar will continually rise.
As the bar does rise, more and more programs will have to offer ‘managed restoration’ to be able to compare themselves apple for apple with the Identity Theft Shield and the upgrade option to include the Life Events Legal Plan. But the newcomers will always be playing follow the leader for numerous reasons listed below.
In putting iTAG together as an industry leader in education and protection, we established criteria for how we would evaluate the programs out there, so we can make CONFIDENT recommendations to our clients. Here are the essential criteria anyone should consider when protecting the ‘WHOLE CLIENT’:
• Number of years in business - organizations that have been around for more than 5 years and have been put to the fire and stood the test of time. Which is a tall order when you consider that most of the companies that offer identity theft protection services have just popped up in the last 24-36 months. iTAG is reluctant to make our clients the guinea pig of a start up until they have proven themselves.
• Depth of knowledge - this is important when you are dealing with a person’s most valuable asset next to their good health.
• Resources\Staff Size - Most of the organizations offering these types of services lack the infrastructure of experienced personnel to service the ‘whole client’.
• Accountability - we tend to favor publicly traded companies because they have higher accountability due to compliance wit Sarbanes Oxley and the SEC.
• Access to legal counsel 24\7 – An important component as it relates to Criminal and DMV identity theft. PPL is the ONLY company that I have found anywhere in this country that provides their members with 24-7 access to legal counsel. And in 35+ years as an industry leader no other company has been able to duplicate\knock-off that critical component. Which ties into the next criteria…
• Solutions that address all 5 areas of ID Theft - The layered protection principle is an important consideration. We ONLY consider programs that have all the necessary components to address all 5 areas of ID Theft which of course includes access to qualified legal counsel not just 8-5 but around the clock 24/7.
• Highest Probability of making a client ‘whole’ again - And most importantly… the programs and companies that have the Highest documented Probability of making a client ‘whole’ again after victimization. There is a very compelling reason why most companies that have experienced data breaches or are concerned about the possibility of experiencing a breach have retained KROLL to come in to save the day and provide disaster control…. because they are undisputedly the best at what they do!!!
iTAG takes a very holistic approach to identity theft protection, much like consumers do when they shop for health insurance. We all recognize that no matter how healthy a lifestyle we lead or how cautious we live our lives…that illnesses and accidents can still happen to us (a medical doctor’s knowledge of the human body does not prevent them from getting sick or having an accident either… they still own medical insurance.) Lance Armstrong comes to mind. Mr. Armstrong could not have ridden his bike an extra couple of thousand miles the year he got cancer to stop that event from happening, but rather needed access to world class hospitals staffed by world class doctors that had the highest documented probability of making him well and putting him back together again. That’s what we all want when we shop for health care and insurance.
The same philosophy holds true for identity theft protection. Even with the thousands of hours I have dedicated to researching the subject of identity theft I am just as susceptible\vulnerable to becoming a victim again, as the person across the street that doesn’t know anything about identity theft.
I sincerely hope the above narrative is helpful to you in your marketing efforts. Feel free to leverage any part of it as you continue to shape your prospects perceptions and become their point of reference for identity theft education and protection.
Sunday, August 26, 2007
Sunday, August 12, 2007
Cybercriminals prey on consumer apathy
Apparently not enough of you are getting the message about phishing and how NOT to respond. Consumer Reports just came out with a study that suggests around 8% of the population, or about 1 in every 12 consumers, actually fell for phishing scams and handed over personal information.
The study found that in the last two years the nearly one million consumers who fell for these scams ended up losing billions of dollars in the process.
And the fight against spyware and viruses is not making much headway either. The study suggested that one every four consumers has fallen victim to some kind of cybercrime in the last 24 months, losing a staggering $7 billion between them.
And even more shocking, over the same period 1.8 million households had to replace a personal computer because of virus infections too . Hardly a surprise when a large part of the population still doesn't believe in the importance of anti-virus, anti-spyware, or even firewalls. Let alone identity theft protection !!!
Someimes it's hard to feel sorry for victims who refuse to think that the smoke they smell might be worth investigating.
The study found that in the last two years the nearly one million consumers who fell for these scams ended up losing billions of dollars in the process.
And the fight against spyware and viruses is not making much headway either. The study suggested that one every four consumers has fallen victim to some kind of cybercrime in the last 24 months, losing a staggering $7 billion between them.
And even more shocking, over the same period 1.8 million households had to replace a personal computer because of virus infections too . Hardly a surprise when a large part of the population still doesn't believe in the importance of anti-virus, anti-spyware, or even firewalls. Let alone identity theft protection !!!
Someimes it's hard to feel sorry for victims who refuse to think that the smoke they smell might be worth investigating.
Saturday, August 4, 2007
What's in your wallet?
A new research study of the top 25 largest credit card issuers suggests many of those firms need to upgrade their identity fraud prevention and detection tools to better serve consumers according to a story published by ComputerWorld.
The story continues with the excerpts from a recently released study conducted by Javelin Strategy & Research which found some of these deficiencies:
56% of the 25 card issuers surveyed continue to require full Social Security numbers to help identify their customers, whether by phone, online or by mail.
"This is a risky practice that unnecessarily increases the customer's exposure to identity fraud," the report states.
Consumers are not allowed to set transaction limits or block certain types of transactions using their credit cards, such as restricting card use to purchases only made with U.S. vendors, according to the study.
In fact, only 24% of the surveyed card issuers allow consumers to set so-called user-defined limits and/or prohibitions (UDLAPs) on their accounts to help prevent unauthorized use, the study concluded.
While card issuers can offer consumers e-mail or telephone "transaction alerts" to advise them of account activity, the number of participating card companies is still small -- about 8%.
So, our tip for today is to check what is really 'in your wallet.'
Make sure to contact your credit card company and inquire into what fraud prevention services they offer - for free.
We recently learned of major card provider which uses account numbers as the default mode for customers to access their online web site.
The consumer has to call the card issuer's customer service department and request an alternate user id be setup for web site access.
Regardless of "what's in your wallet", take proactive action to minimize your risk of becoming an easy target for identity theft.
The story continues with the excerpts from a recently released study conducted by Javelin Strategy & Research which found some of these deficiencies:
56% of the 25 card issuers surveyed continue to require full Social Security numbers to help identify their customers, whether by phone, online or by mail.
"This is a risky practice that unnecessarily increases the customer's exposure to identity fraud," the report states.
Consumers are not allowed to set transaction limits or block certain types of transactions using their credit cards, such as restricting card use to purchases only made with U.S. vendors, according to the study.
In fact, only 24% of the surveyed card issuers allow consumers to set so-called user-defined limits and/or prohibitions (UDLAPs) on their accounts to help prevent unauthorized use, the study concluded.
While card issuers can offer consumers e-mail or telephone "transaction alerts" to advise them of account activity, the number of participating card companies is still small -- about 8%.
So, our tip for today is to check what is really 'in your wallet.'
Make sure to contact your credit card company and inquire into what fraud prevention services they offer - for free.
We recently learned of major card provider which uses account numbers as the default mode for customers to access their online web site.
The consumer has to call the card issuer's customer service department and request an alternate user id be setup for web site access.
Regardless of "what's in your wallet", take proactive action to minimize your risk of becoming an easy target for identity theft.
Saturday, July 28, 2007
When FREE does not always equal FREE
Do an online search for “free credit report” and you’ll end up with a dozen or more websites promising online credit reports (and often credit scores) for FREE. Most of these companies even have the word “free” in their name, but don’t be fooled, there’s nothing FREE about their services. Many will entice people to sign up for a product that comes with strings attached. Most will request a credit card number to enroll and then will charge you if you do not cancel the service within a specific grace period.
A recent post (July 24, 2007) on the blogsite The Red Tape Chronicles written by Bob Sullivan explains that “one site, for instance, requires enrollment in pricey credit monitoring service, which can only be canceled online after precisely 23 days. Another automatically enrolls users in a discount travel service. And some hint that the real free credit report site established by Congress -- AnnualCreditReport.com -- isn’t all it’s cracked up to be.” He goes on to say that many of these sites actually can be traced back to the credit bureaus either directly or by affiliation.
The Fair and Accurate Credit Transaction Act of 2003 made it so that consumers are entitled to a free copy of their credit report, once per year, from each of the three major credit-reporting bureaus. Those three agencies -- Equifax, Experian and TransUnion -- even set up a Web site that consumers must go to for their freebie; it's only one legitimate source where you can obtain your FREE credit reports: http://www.annualcreditreport.com/.
There are plenty of other sites with similar names promising free credit reports, but invariably they package the "free" side with some other goods and services, selling you your credit score -- which the agencies are not required to give you for free -- bundling the three reports together into one, selling credit-monitoring services and more. Consumer Reports WebWatch recently reviewed 24 sites offering "free" credit reports and found that the proliferation of these other sites -- which invariably charge a fee for bundling several services together -- was creating confusion. Worse yet, the study found that nine of the 24 reviewed sites were owned or closely tied to TransUnion, with eight others having similarly close connections to Experian. In other words, the same guys who were required by law to provide a free report are also creating some of the confusion about the freebies. That's disconcerting -- and it explains some of the confusion -- but it's not against the rules. It just forces consumers to be particularly careful to get to the right site.
Also, Consumer Reports says half of all credit reports are loaded with errors that could affect you if you're trying to get a loan, open another credit account or even rent an apartment.
Increased consumer awareness and knowledge is a good thing. It’s a positive sign that more folks are interested in what’s being reported in their credit files. Everyone should check their credit reports at least once a year to make sure that all of the information contained in them is accurate and up to date. You should also check your reports for any information that is fraudulent, which could signal that you are the victim of Identity Theft. This includes accounts as well as personal information such as addresses and phone numbers.
So, before you give over your credit card number for something that is supposed to be “free,” don’t do it.
Go to http://www.annualcreditreport.com/.
A recent post (July 24, 2007) on the blogsite The Red Tape Chronicles written by Bob Sullivan explains that “one site, for instance, requires enrollment in pricey credit monitoring service, which can only be canceled online after precisely 23 days. Another automatically enrolls users in a discount travel service. And some hint that the real free credit report site established by Congress -- AnnualCreditReport.com -- isn’t all it’s cracked up to be.” He goes on to say that many of these sites actually can be traced back to the credit bureaus either directly or by affiliation.
The Fair and Accurate Credit Transaction Act of 2003 made it so that consumers are entitled to a free copy of their credit report, once per year, from each of the three major credit-reporting bureaus. Those three agencies -- Equifax, Experian and TransUnion -- even set up a Web site that consumers must go to for their freebie; it's only one legitimate source where you can obtain your FREE credit reports: http://www.annualcreditreport.com/.
There are plenty of other sites with similar names promising free credit reports, but invariably they package the "free" side with some other goods and services, selling you your credit score -- which the agencies are not required to give you for free -- bundling the three reports together into one, selling credit-monitoring services and more. Consumer Reports WebWatch recently reviewed 24 sites offering "free" credit reports and found that the proliferation of these other sites -- which invariably charge a fee for bundling several services together -- was creating confusion. Worse yet, the study found that nine of the 24 reviewed sites were owned or closely tied to TransUnion, with eight others having similarly close connections to Experian. In other words, the same guys who were required by law to provide a free report are also creating some of the confusion about the freebies. That's disconcerting -- and it explains some of the confusion -- but it's not against the rules. It just forces consumers to be particularly careful to get to the right site.
Also, Consumer Reports says half of all credit reports are loaded with errors that could affect you if you're trying to get a loan, open another credit account or even rent an apartment.
Increased consumer awareness and knowledge is a good thing. It’s a positive sign that more folks are interested in what’s being reported in their credit files. Everyone should check their credit reports at least once a year to make sure that all of the information contained in them is accurate and up to date. You should also check your reports for any information that is fraudulent, which could signal that you are the victim of Identity Theft. This includes accounts as well as personal information such as addresses and phone numbers.
So, before you give over your credit card number for something that is supposed to be “free,” don’t do it.
Go to http://www.annualcreditreport.com/.
Tuesday, July 24, 2007
It's Worth Repeating: Social Security Cards and Wallets DO NOT Mix
I give over one hundred identity theft seminars every year and at each seminar, at least one of the attendees will admit to carrying around their Social Security card in their wallet or purse.
In this day and age, and with all we know about identity theft, I'm shocked that some people still carry their social security card on them. Most of the guilty parties say that they realize it's a potential problem, but they have never gotten around to taking the card out. Others have said that they just didn't know it was dangerous.
How your Social Security number can be used to steal your identity...
There are many pieces of information that, if stolen, can lead to identity theft or, at the very least, identity fraud. They can include a bank or credit card number, a home address, family names, login and password info and so on. But the holy grail of stolen information is your Social Security number (SSN). And it can be exposed in so many different ways, it can make your head spin!
For example, my doctor has a hard copy of my SSN in the files in his office. That’s right. Our archaic healthcare and insurance system still uses Social Security numbers as the primary way to identify patients. But does my doctor take any precautions to prevent identity theft? I’m pretty sure that his office has no alarm system and no security guards. He also has a high staff turnover and probably doesn’t conduct criminal background checks on his employees. And like most medical practices, his files are stored wall-to-wall in plain sight of patients and with no protection other than a low countertop. So there’s a much greater risk that my Social Security number will be misused in his office than on my home computer. But because all medical offices work that way, there’s not much I can do.
And that’s the problem. So many different organizations have a copy of your Social Security number, there’s no way of guaranteeing that it’s safe in their hands. Your Social Security number can also just as easily disappear from your own workplace, and often the biggest thieves of Social Security numbers are co-workers and other insiders. And once it’s in the wrong hands, your SSN can really come back to haunt you.
Here are some examples of how your SSN can be misused and lead to identity theft fraud:
In this day and age, and with all we know about identity theft, I'm shocked that some people still carry their social security card on them. Most of the guilty parties say that they realize it's a potential problem, but they have never gotten around to taking the card out. Others have said that they just didn't know it was dangerous.
How your Social Security number can be used to steal your identity...
There are many pieces of information that, if stolen, can lead to identity theft or, at the very least, identity fraud. They can include a bank or credit card number, a home address, family names, login and password info and so on. But the holy grail of stolen information is your Social Security number (SSN). And it can be exposed in so many different ways, it can make your head spin!
For example, my doctor has a hard copy of my SSN in the files in his office. That’s right. Our archaic healthcare and insurance system still uses Social Security numbers as the primary way to identify patients. But does my doctor take any precautions to prevent identity theft? I’m pretty sure that his office has no alarm system and no security guards. He also has a high staff turnover and probably doesn’t conduct criminal background checks on his employees. And like most medical practices, his files are stored wall-to-wall in plain sight of patients and with no protection other than a low countertop. So there’s a much greater risk that my Social Security number will be misused in his office than on my home computer. But because all medical offices work that way, there’s not much I can do.
And that’s the problem. So many different organizations have a copy of your Social Security number, there’s no way of guaranteeing that it’s safe in their hands. Your Social Security number can also just as easily disappear from your own workplace, and often the biggest thieves of Social Security numbers are co-workers and other insiders. And once it’s in the wrong hands, your SSN can really come back to haunt you.
Here are some examples of how your SSN can be misused and lead to identity theft fraud:
- Illegal Immigrants can buy your SSN so they can get jobs and report income (or not report income) to the IRS in your name creating a duplicate tax return
- A thief\illegal can open new credit accounts.
- Your SSN can be used to open a bank account and obtain an overdraft or loan.
- It can be used to open a utility account. Many identity thieves will use SSNs they stole themselves, or purchased from someone else, to rent an apartment, open a utility or telephone account, or rent a car (and not return it).
- Crooks\illegals with bad histories can easily hide their past by using a stolen Social Security number when applying for a new job.
- Thieves\illegals have been known to give stolen Social Security numbers when arrested, often leaving their victims with a criminal record that’s very difficult and costly to erase.
- And some thieves have even been known to go bankrupt using a stolen Social Security number, either to avoid having a bankruptcy on their own record, or as a last twist of the knife against the real owner of the SSN.
So keep a close eye on your Social Security number and a closer eye on your credit through credit monitoring so you’ll know if someone does try to use it.
If you still have your social security card in your purse or wallet, take it out immediately!
Store the social security card in a safe deposit box or a secure place.
An Overdue Book Can Ruin Your Credit Score. Who would have thought?
As cities work to scrape up every little bit of revenue, they’re now going after library fines and overdue parking tickets.
How are they going after this money? With collection agencies.
Is it working? The Wall Street Journal says yes:
A handful of cities, including San Diego and Chicago, have worked with collection agencies since the late 1990s. But the trend is spreading rapidly around the country because of the popularity of identity theft. Strapped local governments are looking for creative ways to boost revenue without raising taxes and fees. Over the past few years, local governments in places including Seattle; Anchorage, Alaska; Austin, Texas; and Florida’s Miami-Dade County have contracted with private agencies to collect late parking tickets and court fees. In New York City, Baltimore and Dallas, libraries use private collection firms to recover fines. New York State recently hired a collection company to pursue overdue E-ZPass toll bills.
I learned about method of identity theft in 2005 from an audience member of one of my seminars. She had her purse stolen. As an out of the box thinker she even had a photocopy inventory of everything in her purse just in case. So needless to say she was prepared. She called and closed all of the accounts that would be potentially affected. Or so she thought...
Library Card Identity Theft
It never occurred to her to suspend her library card privileges. And how easy is it to get a library card? That was the specialty of the criminal who stole her purse. He knew the window of opportunity would be small to 'joy-ride' on her credit cards' so he raped and pillaged the public library system of its pricey titles. He knew exactly which books would fetch the highest prices on eBay. Of course she found out the hard way when the debt of unreturned library books turned into a collection issue and negatively affected her credit score.
While shaking down citizens over small debts might sound petty, hundreds of cities around the country are owed millions of dollars in unpaid fines. Since 1997, when Chicago began using a collection agency to track down unpaid parking fines, ticket revenue has more than doubled, rising from $68 million to $154 million last year. (The total number of parking tickets issued has dropped slightly over the period.) Since the Omaha, Neb., public-library system hired a private collection company in March, it has collected more than $40,000 in fines and recovered about $75,000 worth of overdue books and materials.
Yep, they’re bringing in the big boys in order to collect on millions of dollars of small fines that many of you have ignored… until now. If you decide to ignore a collection agency, that $20 library fine could show up as a collection account on your credit report.
How will single collection account for a stupid small overdue fine affect your credit score? It could lower it by as much as 100 points. Ouch! That’s gonna hurt.
It appears that Equifax is the sole credit bureau that feels this may be a bit of overkill. Also from the Wall Street Journal:
Equifax Inc., the third credit bureau, makes an effort to weed out small charges like library books and parking violations from credit files. The company says it is not fair to include them in credit reports since municipal fines are reported unevenly around the country.
Well, that won’t help too much because you never know which bureau a potential creditor will use to look at your credit.
So what should you do?
How are they going after this money? With collection agencies.
Is it working? The Wall Street Journal says yes:
A handful of cities, including San Diego and Chicago, have worked with collection agencies since the late 1990s. But the trend is spreading rapidly around the country because of the popularity of identity theft. Strapped local governments are looking for creative ways to boost revenue without raising taxes and fees. Over the past few years, local governments in places including Seattle; Anchorage, Alaska; Austin, Texas; and Florida’s Miami-Dade County have contracted with private agencies to collect late parking tickets and court fees. In New York City, Baltimore and Dallas, libraries use private collection firms to recover fines. New York State recently hired a collection company to pursue overdue E-ZPass toll bills.
I learned about method of identity theft in 2005 from an audience member of one of my seminars. She had her purse stolen. As an out of the box thinker she even had a photocopy inventory of everything in her purse just in case. So needless to say she was prepared. She called and closed all of the accounts that would be potentially affected. Or so she thought...
Library Card Identity Theft
It never occurred to her to suspend her library card privileges. And how easy is it to get a library card? That was the specialty of the criminal who stole her purse. He knew the window of opportunity would be small to 'joy-ride' on her credit cards' so he raped and pillaged the public library system of its pricey titles. He knew exactly which books would fetch the highest prices on eBay. Of course she found out the hard way when the debt of unreturned library books turned into a collection issue and negatively affected her credit score.
While shaking down citizens over small debts might sound petty, hundreds of cities around the country are owed millions of dollars in unpaid fines. Since 1997, when Chicago began using a collection agency to track down unpaid parking fines, ticket revenue has more than doubled, rising from $68 million to $154 million last year. (The total number of parking tickets issued has dropped slightly over the period.) Since the Omaha, Neb., public-library system hired a private collection company in March, it has collected more than $40,000 in fines and recovered about $75,000 worth of overdue books and materials.
Yep, they’re bringing in the big boys in order to collect on millions of dollars of small fines that many of you have ignored… until now. If you decide to ignore a collection agency, that $20 library fine could show up as a collection account on your credit report.
How will single collection account for a stupid small overdue fine affect your credit score? It could lower it by as much as 100 points. Ouch! That’s gonna hurt.
It appears that Equifax is the sole credit bureau that feels this may be a bit of overkill. Also from the Wall Street Journal:
Equifax Inc., the third credit bureau, makes an effort to weed out small charges like library books and parking violations from credit files. The company says it is not fair to include them in credit reports since municipal fines are reported unevenly around the country.
Well, that won’t help too much because you never know which bureau a potential creditor will use to look at your credit.
So what should you do?
- Pay your fines, no matter how small. Your city could start using a collection agency at any time. Your fines - even years old - could then be sent to collections.
- Call and negotiate. If you do get a collection notice, call and negotiate with the agency. Make sure they agree that if you pay the fine they will remove the collection from your credit file.
- Monitor your credit. Make sure you are monitoring your credit through the Identity Theft Shield. Make sure you know exactly how you appear to the financial world months before you apply for a car or home loan. You want to have time to resolve issues like this before applying.
Sunday, July 15, 2007
eBay for Identity Thieves
On any given day hundreds of thousands of U.S. consumers are having their private\sensitive information bought and sold via 'Internet Relay Chat' rooms. The identifiers that comprise our identity have become societies new digital currency.
Wednesday, July 11, 2007
Medical Identity Theft
An example of how disruptive medical identity theft can be. Any victim of medical identity theft needs a properly trained advocate\investigator to put the pieces back together and make the victim whole again.
A personal quote from the victim in this story:
"All of our medical information is reported to the MIB (Medical Information Bureau) which is located in Boston, MA. Who in turn aggregate or gather together this information from every procedure or doctor's visit we go on. Someone using our information can and does alter our files. If I am admitted to a hospital in an incapaciated state, I am at the mercy of what my medical history states or mis-states."
A Classic Case of Criminal Identity Theft
Most consumers are unaware that this type of identity theft can happen to them. This is one of the most tangled type of identity theft to come out from under.
How fast can identity theft happen?
In four seconds, as the captured security footage in this video shows. This video is provided for educational purposes by the Broward County Sheriff’s Department.
Tuesday, July 10, 2007
What can they really do with your identity?
Bob is on the run. He murdered a clerk at an all-night convenience store and cleaned out the cash register. He needs to hide, and hide fast.
He shaves off his mustache, dyes his hair a different color, pops in colored contact lenses, and applies some phony tattoos; but that's not enough. He needs a new name and the papers to go with it. He turns to his friend Bill who puts him in touch with Mary.
Mary is a hacker. Yesterday she sent out a few thousand emails from a mailing list she bought on the Internet. Half of the letters were for a phony Microsoft patch download, the other half were "I'm Amy and here's my photo" letters. As of this morning, 10% of those letters were opened and 5% of the recipients clicked on the patch or the "Amy" photo.
If you were one of the readers who clicked, you now have a Trojan horse on your computer and it opened a passage through your computer's firewall. Now Mary gets to work.
The Trojan has informed Amy that she has free entry into your computer. She logs into your computer from wherever she is located (it could be next door, it could be on the other side of the planet). In the middle of her monitor, a window appears. The window is your desktop, exactly as you see it, only smaller.
Whatever you have on that computer now belongs to Mary, and that includes ALL your Internet activity because everything you do out here in cyberspace is copied to your hard drive.
Did you do any online banking? Mary now has a copy of your username; besides that, she can apply a program to decode your password.
Did you make any online purchases? She now has your credit card information.
Is your credit lousy? That doesn't matter to Mary, and it certainly doesn't matter to the murderer, Bob. She knows you're a real person, she has your full name, she knows where you live, and that's enough for her to get your Social Security Number off the Internet and maybe even your Driver's License number. If there is anything at all on your computer about where you were born, she has that too which means she can send off for a copy of your Birth Certificate.
Bingo.
Phony identification documents are created for Bob using your Social Security Number and whatever else Mary was able to obtain - actually, your Social was enough. Bob, thief and murderer of convenience store clerks, is now walking around saying he is you. And, he is free to continue his crime spree posing as you.
The above is only one scenario. Mary can get into your computer simply by attaching viruses like Trojan horses and spyware to web sites, ad banners, forms, and popups.
All my Internet activity is on my hard drive? Where?
Everything you do on the Internet is recorded on your hard drive for future reference. Your browser stores your history, cookies, and your password management on your hard drive. Your activity is hidden in Temporary Downloads and Download files, cookies, cache files, Temp files, and files that don't even show in your Directory.
Can you go around every day and clean out these files yourself? No, not really. For one thing, you'd have to run through your entire Directory every few minutes. On top of that, you can easily delete a file that is vital to the functioning of your computer. This is strictly a job for your anti-virus program, your anti-spyware program, and your internet tracks eraser, and these programs must be actively run on a regular basis. That means that besides your regular scheduled maintenance, you need to make an extra run every now and then, especially after a heavy email or surfing session.
Where does my information go?
Mary can find out all she needs to know about you in just a few minutes, and she can turn around and sell that information more than a thousand times over the next 48 hours.
Mary's been at this for a while, so she has her contacts lined up and waiting. Your credit card information is sold to a criminal info-merchant in Malaysia, one in Nigeria, and one in Kiev. The credit card information is then sold to thieves who order merchandise over the Internet.
Your Driver's License and Social Security information go to phony ID makers in the US and Canada, and abroad to phony ID makers who create Passports, Social Security cards, and Driver's Licenses for foreign drug dealers and money launderers.
Your bad credit doesn't matter.
Even if you have no credit, criminals will establish credit for you. They will purchase pre-paid credit cards in your name and build them up, increasing the credit line and then apply for credit elsewhere. They forge documents showing they own property (belonging to someone else) and then obtain loans against that property in your name. They get jobs in your name, rent apartments, buy furniture, and lease cars, all in your name. Then they disappear over the hill and leave you with all the liability.
Once I prove it wasn't me who did everything, I'm in the clear. Right?
It's not as simple as that - not by a long shot. You have to prove your innocence for each and every event.
The above examples are not far-fetched. They are a daily occurance in this country. At it's current pace identity theft claims 27,000 victims per day in the United States alone.
Identity Theft may be a crime but unfortunately apathy is not. Apathy is the bigget ally an identity thief has. Educated consumers hear the stories, but do little to change their actions to protect themselves against this pandemic. Turn apathy into action and protect what you cannot prevent.
He shaves off his mustache, dyes his hair a different color, pops in colored contact lenses, and applies some phony tattoos; but that's not enough. He needs a new name and the papers to go with it. He turns to his friend Bill who puts him in touch with Mary.
Mary is a hacker. Yesterday she sent out a few thousand emails from a mailing list she bought on the Internet. Half of the letters were for a phony Microsoft patch download, the other half were "I'm Amy and here's my photo" letters. As of this morning, 10% of those letters were opened and 5% of the recipients clicked on the patch or the "Amy" photo.
If you were one of the readers who clicked, you now have a Trojan horse on your computer and it opened a passage through your computer's firewall. Now Mary gets to work.
The Trojan has informed Amy that she has free entry into your computer. She logs into your computer from wherever she is located (it could be next door, it could be on the other side of the planet). In the middle of her monitor, a window appears. The window is your desktop, exactly as you see it, only smaller.
Whatever you have on that computer now belongs to Mary, and that includes ALL your Internet activity because everything you do out here in cyberspace is copied to your hard drive.
Did you do any online banking? Mary now has a copy of your username; besides that, she can apply a program to decode your password.
Did you make any online purchases? She now has your credit card information.
Is your credit lousy? That doesn't matter to Mary, and it certainly doesn't matter to the murderer, Bob. She knows you're a real person, she has your full name, she knows where you live, and that's enough for her to get your Social Security Number off the Internet and maybe even your Driver's License number. If there is anything at all on your computer about where you were born, she has that too which means she can send off for a copy of your Birth Certificate.
Bingo.
Phony identification documents are created for Bob using your Social Security Number and whatever else Mary was able to obtain - actually, your Social was enough. Bob, thief and murderer of convenience store clerks, is now walking around saying he is you. And, he is free to continue his crime spree posing as you.
The above is only one scenario. Mary can get into your computer simply by attaching viruses like Trojan horses and spyware to web sites, ad banners, forms, and popups.
All my Internet activity is on my hard drive? Where?
Everything you do on the Internet is recorded on your hard drive for future reference. Your browser stores your history, cookies, and your password management on your hard drive. Your activity is hidden in Temporary Downloads and Download files, cookies, cache files, Temp files, and files that don't even show in your Directory.
Can you go around every day and clean out these files yourself? No, not really. For one thing, you'd have to run through your entire Directory every few minutes. On top of that, you can easily delete a file that is vital to the functioning of your computer. This is strictly a job for your anti-virus program, your anti-spyware program, and your internet tracks eraser, and these programs must be actively run on a regular basis. That means that besides your regular scheduled maintenance, you need to make an extra run every now and then, especially after a heavy email or surfing session.
Where does my information go?
Mary can find out all she needs to know about you in just a few minutes, and she can turn around and sell that information more than a thousand times over the next 48 hours.
Mary's been at this for a while, so she has her contacts lined up and waiting. Your credit card information is sold to a criminal info-merchant in Malaysia, one in Nigeria, and one in Kiev. The credit card information is then sold to thieves who order merchandise over the Internet.
Your Driver's License and Social Security information go to phony ID makers in the US and Canada, and abroad to phony ID makers who create Passports, Social Security cards, and Driver's Licenses for foreign drug dealers and money launderers.
Your bad credit doesn't matter.
Even if you have no credit, criminals will establish credit for you. They will purchase pre-paid credit cards in your name and build them up, increasing the credit line and then apply for credit elsewhere. They forge documents showing they own property (belonging to someone else) and then obtain loans against that property in your name. They get jobs in your name, rent apartments, buy furniture, and lease cars, all in your name. Then they disappear over the hill and leave you with all the liability.
Once I prove it wasn't me who did everything, I'm in the clear. Right?
It's not as simple as that - not by a long shot. You have to prove your innocence for each and every event.
The above examples are not far-fetched. They are a daily occurance in this country. At it's current pace identity theft claims 27,000 victims per day in the United States alone.
Identity Theft may be a crime but unfortunately apathy is not. Apathy is the bigget ally an identity thief has. Educated consumers hear the stories, but do little to change their actions to protect themselves against this pandemic. Turn apathy into action and protect what you cannot prevent.
Saturday, July 7, 2007
To shred or to tear: that is the question...
Robert Cockerham of cockeyed.com decided to put the matter to a test. His test subject? A newly received Chase Mastercard pre-approved application.
Step 1: Robert tears the application into small pieces.
Step: 2: Robert meticulously lines the torn pieces up and tapes them together, like so.
Step 3: Robert fills out the application, replacing the current billing address with a new one (his parent’s house) and using his cell phone as the phone number on the new account. With that, he mails it in.
Step 4: Robert excitedly receives his new credit card at his parent’s house and activates it using his cell phone.
Analysis: Tearing up your sensitive documents is not sufficient. Some creditors will process applications, even if they’ve been torn up, taped together and have a new address.
A criminal could easily apply for credit in your name, change the address, and activate the account via a pre-paid cell phone. You wouldn’t even know what happened until creditors started calling you about your unpaid bills.
You must destroy all sensitive documents using a cross-cut shredder before placing them in the trash. Better yet, opt-out of pre-approved offers and give your shredder and the recyclers a rest.
Read the whole story on Cockeyed.com.
Step 1: Robert tears the application into small pieces.
Step: 2: Robert meticulously lines the torn pieces up and tapes them together, like so.
Step 3: Robert fills out the application, replacing the current billing address with a new one (his parent’s house) and using his cell phone as the phone number on the new account. With that, he mails it in.
Step 4: Robert excitedly receives his new credit card at his parent’s house and activates it using his cell phone.
Analysis: Tearing up your sensitive documents is not sufficient. Some creditors will process applications, even if they’ve been torn up, taped together and have a new address.
A criminal could easily apply for credit in your name, change the address, and activate the account via a pre-paid cell phone. You wouldn’t even know what happened until creditors started calling you about your unpaid bills.
You must destroy all sensitive documents using a cross-cut shredder before placing them in the trash. Better yet, opt-out of pre-approved offers and give your shredder and the recyclers a rest.
Read the whole story on Cockeyed.com.
Higher Education behind on Identity Theft Education
Ever wonder why student identity theft is becoming such a big problem on college campuses? Let’s just say that statistics show that when it comes to identity theft protection, institutions of higher learning aren’t exactly making the grade.
Academic humor aside, the amount of personal information that’s “up for grabs” these days at the nation’s colleges and universities seem to be increasing every day.
The reported data breaches, a root cause of identity theft, in the last eighteen months, and leaves some pretty frightening identity theft statistics.
Apart from the fact that hundreds of millions of personal information have been compromised during that time, one of the most startling revelations is that a near majority of the data breaches have occurred at colleges and universities. Last month (May 2007) alone there were more than 14 reported data breaches at schools, colleges and universities that impact students, faculty and alumni, too. And If you don’t think that this is getting ready to balloon into a much bigger problem, think again. Just take a look at some of the following student identity theft scenarios that have occurred in the last year and half alone:
• A computer worm attacked a computer server at the University of Colorado-Boulder and accessed the financial and personal information of 45,000 college students.
• At Stony Brook University in New York, some 90,000 personal records belonging to staff, students and faculty were exposed. And that personal information remained online for at least two weeks after the “mistake” was first discovered.
• At a large community college in southern Nevada, a computer virus is believed to have exposed the personal records of as many as 197,000 students.
• An enterprising hacker (perhaps after an honorary degree in finance!) broke into a database at the University of Missouri. The files he accessed contained the names and Social Security numbers of more than 22,000 current and former college students and employees.
And last but not least, just to round out the hacker’s honor role, one of the biggest data breaches of 2006 took place at the University of California, Los Angeles. There, online identity thieves broke into a database containing the personal information (again, including Social Security numbers) of more than 800,000 current and former college students, faculty and staff.
What amount of shredding by those that were exposed can protect them against these events?
It’s clear that the academic world has quickly become a playground for identity thieves. And experts seem to have a lot of theories on the huge growth in student identity theft. One article recently described it like this: “The academic culture that embraces the open exchange of information lends itself to identity theft. Add to that diffused tech systems and independent departments and the struggle to stifle breaches becomes even more challenging.”
Maybe one of the real reasons for the on-campus surge in student identity theft is that universities have just become too complacent. Maybe they think they have nothing to lose, especially from the standpoint of student admissions.
What do I mean by that?
A data breach or identity theft can impact the bottom line and share price of a prominent retailer, for example, but how many aspiring college students are going to decide against applying to a certain school — just because that school has had some security problems with personal information?
So let me leave you with one more academic analogy:
Plain and simple, the only way identity thieves will start receiving failing grades, is if we all take bigger steps to protect what we cannot prevent.
Academic humor aside, the amount of personal information that’s “up for grabs” these days at the nation’s colleges and universities seem to be increasing every day.
The reported data breaches, a root cause of identity theft, in the last eighteen months, and leaves some pretty frightening identity theft statistics.
Apart from the fact that hundreds of millions of personal information have been compromised during that time, one of the most startling revelations is that a near majority of the data breaches have occurred at colleges and universities. Last month (May 2007) alone there were more than 14 reported data breaches at schools, colleges and universities that impact students, faculty and alumni, too. And If you don’t think that this is getting ready to balloon into a much bigger problem, think again. Just take a look at some of the following student identity theft scenarios that have occurred in the last year and half alone:
• A computer worm attacked a computer server at the University of Colorado-Boulder and accessed the financial and personal information of 45,000 college students.
• At Stony Brook University in New York, some 90,000 personal records belonging to staff, students and faculty were exposed. And that personal information remained online for at least two weeks after the “mistake” was first discovered.
• At a large community college in southern Nevada, a computer virus is believed to have exposed the personal records of as many as 197,000 students.
• An enterprising hacker (perhaps after an honorary degree in finance!) broke into a database at the University of Missouri. The files he accessed contained the names and Social Security numbers of more than 22,000 current and former college students and employees.
And last but not least, just to round out the hacker’s honor role, one of the biggest data breaches of 2006 took place at the University of California, Los Angeles. There, online identity thieves broke into a database containing the personal information (again, including Social Security numbers) of more than 800,000 current and former college students, faculty and staff.
What amount of shredding by those that were exposed can protect them against these events?
It’s clear that the academic world has quickly become a playground for identity thieves. And experts seem to have a lot of theories on the huge growth in student identity theft. One article recently described it like this: “The academic culture that embraces the open exchange of information lends itself to identity theft. Add to that diffused tech systems and independent departments and the struggle to stifle breaches becomes even more challenging.”
Maybe one of the real reasons for the on-campus surge in student identity theft is that universities have just become too complacent. Maybe they think they have nothing to lose, especially from the standpoint of student admissions.
What do I mean by that?
A data breach or identity theft can impact the bottom line and share price of a prominent retailer, for example, but how many aspiring college students are going to decide against applying to a certain school — just because that school has had some security problems with personal information?
So let me leave you with one more academic analogy:
Plain and simple, the only way identity thieves will start receiving failing grades, is if we all take bigger steps to protect what we cannot prevent.
Friday, July 6, 2007
Spammers and Hackers Get Personal
Could be a sign of desperation, or a sign of the times. But a growing number of email security firms are detecting sophisticated scam emails targeted at company executives.
As usual the goal seems to be to trick the recipient into opening email attachments infected with things like spyware and keystroke loggers.
But the hackers are researching their victims for their names, job titles, place of employment and even family members to make it look as though the email is from a trusted friend or colleague.
It's also believed that the hackers are using social networking sites like MySpace to gather personal information and piece it together.
As technology gets better at filtering and blocking mass attacks, expect more targeted attacks in the future.
Read the entire article by CLICKING HERE
As usual the goal seems to be to trick the recipient into opening email attachments infected with things like spyware and keystroke loggers.
But the hackers are researching their victims for their names, job titles, place of employment and even family members to make it look as though the email is from a trusted friend or colleague.
It's also believed that the hackers are using social networking sites like MySpace to gather personal information and piece it together.
As technology gets better at filtering and blocking mass attacks, expect more targeted attacks in the future.
Read the entire article by CLICKING HERE
Monday, July 2, 2007
Synthetic Identities
Privacy experts said thieves are taking identity theft to a whole new level in the form of scam that is being touted as the most sinister yet.
A woman had recently found out that someone used her Social Security number with a different name to work.
Seven years later, the Internal Revenue Service tracked her down. The IRS had charged her with thousands of penalties and fees and were going to literally put her in jail.
She was a victim of what is known as synthetic identity theft.Unlike traditional identity theft, thieves steal a person’s Social Security number but tie it to a different name and create a new, fictional person that experts said is hard to detect.
So, it is actually more insidious and more frightening for a victim.According to experts, thieves open bank accounts and credit cards, or even obtain jobs. Yet it can take years for the scam to be uncovered because it is difficult for authorities and creditors to unravel all of the mismatched information.
Five years ago, this crime was hardly seen, but now the majority of identity fraud is really this synthetic ID fraud, as opposed to the true name identity theft.
Since the fraud isn’t committed in your name, it typically does not show up on your credit report because not enough of the ID information matches you. However, your stolen Social Security number could end up in all kinds of different databases, including those used for background checks.
What synthetic identity thieves do is pollute the files. This act could affect consumers who are seeking a loan or job seekers applying for employment. The trouble isn’t always financial.
Another gentleman, his Social Security number was used by someone who was tried for murder, and so every time there was a background check that pulled up his name, it linked these other databases showing him as arrested for murder.
To find out if you’re a victim, experts said there are steps you can take.Look at your Social Security statement that you receive once a year from the government carefully and make sure that there isn't income on there that you didn't actually earn.
Without checking the statement, the IRS could end up knocking on your door, experts said.If you receive a large portion of mail in someone else’s name, it could be a sign that your information is at risk.
Your Social Security number right now is the key to really destroy your life because if someone uses it with or without your name, it still can come back to haunt you.
While synthetic identity fraud does not typically show up on credit reports, experts said it is still critical to check credit reports yearly to verify all activity.
A woman had recently found out that someone used her Social Security number with a different name to work.
Seven years later, the Internal Revenue Service tracked her down. The IRS had charged her with thousands of penalties and fees and were going to literally put her in jail.
She was a victim of what is known as synthetic identity theft.Unlike traditional identity theft, thieves steal a person’s Social Security number but tie it to a different name and create a new, fictional person that experts said is hard to detect.
So, it is actually more insidious and more frightening for a victim.According to experts, thieves open bank accounts and credit cards, or even obtain jobs. Yet it can take years for the scam to be uncovered because it is difficult for authorities and creditors to unravel all of the mismatched information.
Five years ago, this crime was hardly seen, but now the majority of identity fraud is really this synthetic ID fraud, as opposed to the true name identity theft.
Since the fraud isn’t committed in your name, it typically does not show up on your credit report because not enough of the ID information matches you. However, your stolen Social Security number could end up in all kinds of different databases, including those used for background checks.
What synthetic identity thieves do is pollute the files. This act could affect consumers who are seeking a loan or job seekers applying for employment. The trouble isn’t always financial.
Another gentleman, his Social Security number was used by someone who was tried for murder, and so every time there was a background check that pulled up his name, it linked these other databases showing him as arrested for murder.
To find out if you’re a victim, experts said there are steps you can take.Look at your Social Security statement that you receive once a year from the government carefully and make sure that there isn't income on there that you didn't actually earn.
Without checking the statement, the IRS could end up knocking on your door, experts said.If you receive a large portion of mail in someone else’s name, it could be a sign that your information is at risk.
Your Social Security number right now is the key to really destroy your life because if someone uses it with or without your name, it still can come back to haunt you.
While synthetic identity fraud does not typically show up on credit reports, experts said it is still critical to check credit reports yearly to verify all activity.
Monday, June 18, 2007
Identity theft is a crime but APATHY is NOT...
Why so many people are ignoring the problem. "Oh, it won't happen to me," people think. They know that identity theft is a problem, but they can't visualize what it would be like to go through.
Most people don't understand that their identity is their most valuable asset. It is worth more than everything they own, combined. Your home, car, credit rating, checking account, mutual funds, and even future earnings are only a portion of what's at stake.
"Your identity is your net worth. Your entire financial life. Where it has been, where it is now and where it is going." And people give in to apathy. We hear the stories, but we don't make any changes. We protect our homes with deadbolts and alarms, but we do little to protect our identities, which are worth more!
"The many checklists that are promoted on so many websites and articles will help you start to protect yourself, but they are usually overwhelming. Like so many people, so busy with work and life that completing hundreds of tasks in a weekend seems daunting. It just doesn't compete with spending time with family and friends.
The result? We fail to take action and leave ourselves vulnerable to attack.
It just reminds us once again that the biggest ally for identity thieves is the continuing apathy of consumers.
Most people don't understand that their identity is their most valuable asset. It is worth more than everything they own, combined. Your home, car, credit rating, checking account, mutual funds, and even future earnings are only a portion of what's at stake.
"Your identity is your net worth. Your entire financial life. Where it has been, where it is now and where it is going." And people give in to apathy. We hear the stories, but we don't make any changes. We protect our homes with deadbolts and alarms, but we do little to protect our identities, which are worth more!
Identity theft is not just about paper shredders and checklists.
"The many checklists that are promoted on so many websites and articles will help you start to protect yourself, but they are usually overwhelming. Like so many people, so busy with work and life that completing hundreds of tasks in a weekend seems daunting. It just doesn't compete with spending time with family and friends.
The result? We fail to take action and leave ourselves vulnerable to attack.
It just reminds us once again that the biggest ally for identity thieves is the continuing apathy of consumers.
Thursday, May 24, 2007
Account Holders Dilema
There were at least 2 articles in the news this week that demonstrate a coming trend of Banks holding their customers accountable when identity thieves strike. These 2 stories should serve as a big 'wake up' call for cosumers. Consumers do not know what they do not know !!!
Story #1:
Target 5 Warns Of 'Online Insecurity'
Special Report Looks At Pitfalls In Online Banking
POSTED: 10:33 am CDT May 24, 2007
CHICAGO -- An Indiana woman says she has 26,500 reasons you should pay attention to what happened to her online bank account -- and don't let it happen to yours. Somebody in Hawaii knows something about the money that started in the bank account of an Indiana woman, Target 5's Lisa Parker reported Wednesday night.
"Nobody called me. Nobody ever questioned the transaction. And I only found out about it when I got my bank statement," Marci Shames-Yeakal told Target 5. The transaction she referred to was $26,500 transferred from Shames-Yeakal's line of credit into her business account, then wired to Hawaii. "They found out that the wire was sent to a bank in Hawaii, to an account in Hawaii, and then the next day, people went into that account and took the money and wired it out to Austria and it was gone," she said.
Gone for good.
Shames-Yeakal said she got that news in a letter from her bank, Citizens Financial Bank of Indiana and the south suburbs.
Her Munster, Ind., branch told her that she had signed an agreement stating that the bank "will have no liability to you for any unauthorized payment of wire transfer using your password."
The same letter stated that the bank's "security procedures were commercially reasonable."
"The irony of all that is that they didn't do anything to protect us," Shames-Yeakal said. "They gave us a user ID and a password, and that's what they call their protection."
Parker said that the Indiana woman's story joins a growing number in which banks appear to be taking a hard line, putting the onus on consumers to prove that they didn't cause a security breach that led to online theft. "It's really unfair to say, 'OK, now you have to prove a negative. You have to prove what didn't happen," said consumer attorney Clint Krislov.
Consumer advocates point to the increasing number of threats to online banking security, such as "phishing," those persistent and realistic e-mails from scammers posing as your bank; hackers; viruses that intercept passwords; and key loggers, the malicious software that silently takes a snapshot of all the strokes you type, including user IDs and passwords. "We consumers, we don't know what protections we need until we've been fleeced," Krislov said. "And so you have to be as aggressive and as assertive as you can in finding out what your bank does to protect you." Parker said that many consumers think that their money online is protected, much like their credit cards, which limit liability if they are stolen. But in the world of online banking, she said, the protections are very specific and somewhat narrow.
Regulation E, passed in Congress in part to encourage online banking, sets a consumer's liability:
· $50 if a theft is reported within two days
· $500 if reported within 60 days
· 60+ days and there is no guaranteed protection
Although Shames-Yeakal said she found her problem within 10 days, to her dismay Regulation E did not protect her because her account was a business one, not a personal one.
"Since all this has happened, I've learned that the bank could do a lot more and be a lot more aggressive in protecting assets," she said.
And many banks are more aggressive, Parker said. Some have recently announced anti-fraud innovations, like biometric IDs, which scan your eyes or fingerprints; security fobs that rotate multidigit codes and online programs that require visual IDs to thwart Trojan viruses that hijack accounts. "In this brave new banking world," Parker said, "it's the kind of protection aimed at keeping your money where you put it." "Once it's outside the banking system and outside the country, it's gone," Krislov said. "We can search for your money, we can search for bin Laden. Chances are, we'll catch him first."
Citing privacy concerns, Citizens Financial would not comment for this report, even though Shames-Yeakal agreed to sign a waiver allowing the bank to talk about her case, Parker said.
There are two lessons taken from Shames-Yeakal's experience: Know what your bank has in place to thwart fraud and know you must regularly watch all of the activity in your online account. The quicker you catch discrepancies in personal accounts, the better chance you have of recovering your money.
Story #2:
Bank of America Sues ID Theft Victim
New York Post Reports that Bank of America Wants Their Money - from the Victim
By Aly Adair
Chuck Bennett of the New York Post reported Monday, that Gloria Carlo, 51, of The Bronx, was slapped with a lawsuit by Bank of America for $23,312.04. Bennett reports that Carlo was a victim of identity theft and the thieves emptied her life savings from her five Bank of America accounts between August and October of 2005.
The thieves allegedly used her accounts to make purchases on Jewelry Television, Shop NBC, QVC, and Home Shopping Network. On one September day alone, her bank statement showed 37 transactions to Jewelry Television that lowered a single account balance from $9,286 to $5,074. The day before, nine transactions to Shop NBC made a balance in another account go from $913 to a negative $3,993, according to the New York Post article. Carlo ended up with a total overdraft of $20,000 before it all ended.
Carlo thought she did everything right: she called police, filed a report, filed an affidavit of fraud, and repeatedly protested to the bank, who according to Carlo, did not reply. Her efforts to clear up the situation were delayed when her mother and brother died, and she ended up in the hospital for heart failure and pulmonary embolism. When Carlo got home from her three-day stay at the hospital, she found a court summons under her door informing her that Bank of America was filing suit against her.
The bank claims that the $23,312.04 was money that Carlo used on the two-month shopping spree after she already depleted her entire savings account worth $38,000. Bank of America declined to comment to the New York Post, but Carlo said, "It was enough to open a jewelry shop. Why would I do this? The bank is a bigger villain than the thief."
In the report, Carlo tells reporter Chuck Bennett that a separate $30,000 seven-year CD also disappeared. According to Carlo, she never received a phone call or alert from the bank that her accounts were being used excessively for television shopping, and inquiring as to whether the charges were being made by her. Carlo wants to know why the bank did not see the huge overdrafts and do something about them. She said int he report, "What kind of bank would give an overdraft of $23,000? We are not talking about $100."
Carlo is a retired clerk with New York's Human Resources Administration and lives on her $2,110 per month pension and Social Security disability benefits. She has hired a lawyer, and according to the lawyer, she has lost a total of $68,733.77 in the alleged identity-theft scam.
More resources
http://www.nypost.com/seven/05212007/news/regionalnews/dough_unto_others_regionalnews_chuck_bennett.htm
2007 © Associated Content, All rights
Story #1:
Target 5 Warns Of 'Online Insecurity'
Special Report Looks At Pitfalls In Online Banking
POSTED: 10:33 am CDT May 24, 2007
CHICAGO -- An Indiana woman says she has 26,500 reasons you should pay attention to what happened to her online bank account -- and don't let it happen to yours. Somebody in Hawaii knows something about the money that started in the bank account of an Indiana woman, Target 5's Lisa Parker reported Wednesday night.
"Nobody called me. Nobody ever questioned the transaction. And I only found out about it when I got my bank statement," Marci Shames-Yeakal told Target 5. The transaction she referred to was $26,500 transferred from Shames-Yeakal's line of credit into her business account, then wired to Hawaii. "They found out that the wire was sent to a bank in Hawaii, to an account in Hawaii, and then the next day, people went into that account and took the money and wired it out to Austria and it was gone," she said.
Gone for good.
Shames-Yeakal said she got that news in a letter from her bank, Citizens Financial Bank of Indiana and the south suburbs.
Her Munster, Ind., branch told her that she had signed an agreement stating that the bank "will have no liability to you for any unauthorized payment of wire transfer using your password."
The same letter stated that the bank's "security procedures were commercially reasonable."
"The irony of all that is that they didn't do anything to protect us," Shames-Yeakal said. "They gave us a user ID and a password, and that's what they call their protection."
Parker said that the Indiana woman's story joins a growing number in which banks appear to be taking a hard line, putting the onus on consumers to prove that they didn't cause a security breach that led to online theft. "It's really unfair to say, 'OK, now you have to prove a negative. You have to prove what didn't happen," said consumer attorney Clint Krislov.
Consumer advocates point to the increasing number of threats to online banking security, such as "phishing," those persistent and realistic e-mails from scammers posing as your bank; hackers; viruses that intercept passwords; and key loggers, the malicious software that silently takes a snapshot of all the strokes you type, including user IDs and passwords. "We consumers, we don't know what protections we need until we've been fleeced," Krislov said. "And so you have to be as aggressive and as assertive as you can in finding out what your bank does to protect you." Parker said that many consumers think that their money online is protected, much like their credit cards, which limit liability if they are stolen. But in the world of online banking, she said, the protections are very specific and somewhat narrow.
Regulation E, passed in Congress in part to encourage online banking, sets a consumer's liability:
· $50 if a theft is reported within two days
· $500 if reported within 60 days
· 60+ days and there is no guaranteed protection
Although Shames-Yeakal said she found her problem within 10 days, to her dismay Regulation E did not protect her because her account was a business one, not a personal one.
"Since all this has happened, I've learned that the bank could do a lot more and be a lot more aggressive in protecting assets," she said.
And many banks are more aggressive, Parker said. Some have recently announced anti-fraud innovations, like biometric IDs, which scan your eyes or fingerprints; security fobs that rotate multidigit codes and online programs that require visual IDs to thwart Trojan viruses that hijack accounts. "In this brave new banking world," Parker said, "it's the kind of protection aimed at keeping your money where you put it." "Once it's outside the banking system and outside the country, it's gone," Krislov said. "We can search for your money, we can search for bin Laden. Chances are, we'll catch him first."
Citing privacy concerns, Citizens Financial would not comment for this report, even though Shames-Yeakal agreed to sign a waiver allowing the bank to talk about her case, Parker said.
There are two lessons taken from Shames-Yeakal's experience: Know what your bank has in place to thwart fraud and know you must regularly watch all of the activity in your online account. The quicker you catch discrepancies in personal accounts, the better chance you have of recovering your money.
Story #2:
Bank of America Sues ID Theft Victim
New York Post Reports that Bank of America Wants Their Money - from the Victim
By Aly Adair
Chuck Bennett of the New York Post reported Monday, that Gloria Carlo, 51, of The Bronx, was slapped with a lawsuit by Bank of America for $23,312.04. Bennett reports that Carlo was a victim of identity theft and the thieves emptied her life savings from her five Bank of America accounts between August and October of 2005.
The thieves allegedly used her accounts to make purchases on Jewelry Television, Shop NBC, QVC, and Home Shopping Network. On one September day alone, her bank statement showed 37 transactions to Jewelry Television that lowered a single account balance from $9,286 to $5,074. The day before, nine transactions to Shop NBC made a balance in another account go from $913 to a negative $3,993, according to the New York Post article. Carlo ended up with a total overdraft of $20,000 before it all ended.
Carlo thought she did everything right: she called police, filed a report, filed an affidavit of fraud, and repeatedly protested to the bank, who according to Carlo, did not reply. Her efforts to clear up the situation were delayed when her mother and brother died, and she ended up in the hospital for heart failure and pulmonary embolism. When Carlo got home from her three-day stay at the hospital, she found a court summons under her door informing her that Bank of America was filing suit against her.
The bank claims that the $23,312.04 was money that Carlo used on the two-month shopping spree after she already depleted her entire savings account worth $38,000. Bank of America declined to comment to the New York Post, but Carlo said, "It was enough to open a jewelry shop. Why would I do this? The bank is a bigger villain than the thief."
In the report, Carlo tells reporter Chuck Bennett that a separate $30,000 seven-year CD also disappeared. According to Carlo, she never received a phone call or alert from the bank that her accounts were being used excessively for television shopping, and inquiring as to whether the charges were being made by her. Carlo wants to know why the bank did not see the huge overdrafts and do something about them. She said int he report, "What kind of bank would give an overdraft of $23,000? We are not talking about $100."
Carlo is a retired clerk with New York's Human Resources Administration and lives on her $2,110 per month pension and Social Security disability benefits. She has hired a lawyer, and according to the lawyer, she has lost a total of $68,733.77 in the alleged identity-theft scam.
More resources
http://www.nypost.com/seven/05212007/news/regionalnews/dough_unto_others_regionalnews_chuck_bennett.htm
2007 © Associated Content, All rights
Tuesday, May 1, 2007
Identity Theft Concerns Do Not Always Result in Consumers taking Action
A poll recently released by Zogby International revealed that 91% of respondents are concerned about Identity Theft. Yet, the same survey also revealed that 69% of respondents said that they never, rarely, or only sometimes read Company Privacy Policies. Only 7% said they always read such policies, while 24% said they read most of the time. Privacy Policies usually state how a company will use personal information gathered from the customer.
Such results may seem odd and unexpected. You are concerned that your personal information may be compromised. You are concerned this would subject you to the possibility of Identity Theft. You are voluntarily providing merchants with your personal information.
Why wouldn’t you want to know how your information will be used?
Philosophically, the answer may be simple. If a merchant is going to misuse personal information, does it really matter what they say in their Privacy Policies? Such skepticism is reflected in the Zogby Poll. Almost half of respondents said they believe companies will share or sell their information despite promising not to do so, while 35% believe that companies will not follow up with promises to protect such information.
I actually believe that reputable institutions and businesses have too much to loose from deliberately misleading the public in the statement of their Privacy Policies. Although skepticism, whether at a subliminal or conscious level, may play part in consumer behavior, human nature for “passiveness” also plays another part. Consider the following additional statistics.
According to a Federal Trade Commission report on Identity Theft, 62% of Identity Theft Victims in 2006 did not notify a Police Department while 57% of Victims did not contact a Credit Reporting Agency. Once again, this may seem unusual. If someone stole your identity, why wouldn’t you contact the Credit Reporting Agencies in order to protect your credit and limit the possibility of financial damage? Is it possible that so many people do not realize that contacting the Police and Credit Reporting Agencies are probably the first things to do when a person becomes a victim of Identity Theft?
Whether it is “Human Passiveness”, “Skepticism”, or another reason, unless consumers take active preventive measures, consumers certainly have reason to continue to be concerned about Identity Theft.
Such results may seem odd and unexpected. You are concerned that your personal information may be compromised. You are concerned this would subject you to the possibility of Identity Theft. You are voluntarily providing merchants with your personal information.
Why wouldn’t you want to know how your information will be used?
Philosophically, the answer may be simple. If a merchant is going to misuse personal information, does it really matter what they say in their Privacy Policies? Such skepticism is reflected in the Zogby Poll. Almost half of respondents said they believe companies will share or sell their information despite promising not to do so, while 35% believe that companies will not follow up with promises to protect such information.
I actually believe that reputable institutions and businesses have too much to loose from deliberately misleading the public in the statement of their Privacy Policies. Although skepticism, whether at a subliminal or conscious level, may play part in consumer behavior, human nature for “passiveness” also plays another part. Consider the following additional statistics.
According to a Federal Trade Commission report on Identity Theft, 62% of Identity Theft Victims in 2006 did not notify a Police Department while 57% of Victims did not contact a Credit Reporting Agency. Once again, this may seem unusual. If someone stole your identity, why wouldn’t you contact the Credit Reporting Agencies in order to protect your credit and limit the possibility of financial damage? Is it possible that so many people do not realize that contacting the Police and Credit Reporting Agencies are probably the first things to do when a person becomes a victim of Identity Theft?
Whether it is “Human Passiveness”, “Skepticism”, or another reason, unless consumers take active preventive measures, consumers certainly have reason to continue to be concerned about Identity Theft.
SCAM ALERT: 'Credit Repair' Scam
Their has been a rising trend of identity fraud in which companies promise to create a new credit history for consumers by filing false documents with credit bureaus claiming the consumer fell victim to identity theft.
Consumers and companies alike are appealing to legitimate fraud resolution organizations for help by submitting false documents intending to appear as victims of fraud as a means to clear bad credit debt history and unload unpaid debts. False documents such as police reports, credit card accounts and identity theft affidavits are the tools these scam artists use to misrepresent their claims to credit bureaus.
Credit bureaus are seeing more identity theft resolution claims that are actually “credit repair” fraud in disguise. Some experts at credit bureaus estimate 50 percent of disputes are credit-repair related and 25 percent of identity theft claims now contain altered police reports.
One woman contacted a fraud specialist claiming several fraudulent credit card accounts were opened in her name while she was in prison, leaving her with thousands of dollars of bogus debt. The specialist found the police report doctored, the prison time inaccurate and several fraudulent documents in her file.
This scam also has a negative impact on the very institutions that are currently helping consumers who have been victims of identity theft. Resources are tight among police forces and credit institutions and the influx of false claims continues to draw attention away from the real victims.
Consumers and companies alike are appealing to legitimate fraud resolution organizations for help by submitting false documents intending to appear as victims of fraud as a means to clear bad credit debt history and unload unpaid debts. False documents such as police reports, credit card accounts and identity theft affidavits are the tools these scam artists use to misrepresent their claims to credit bureaus.
Credit bureaus are seeing more identity theft resolution claims that are actually “credit repair” fraud in disguise. Some experts at credit bureaus estimate 50 percent of disputes are credit-repair related and 25 percent of identity theft claims now contain altered police reports.
One woman contacted a fraud specialist claiming several fraudulent credit card accounts were opened in her name while she was in prison, leaving her with thousands of dollars of bogus debt. The specialist found the police report doctored, the prison time inaccurate and several fraudulent documents in her file.
This scam also has a negative impact on the very institutions that are currently helping consumers who have been victims of identity theft. Resources are tight among police forces and credit institutions and the influx of false claims continues to draw attention away from the real victims.
Sunday, April 15, 2007
Credit or Debit?
Traditional advice would suggest to avoid using Credit Cards because of the potential to overspend. BUT there is DANGER in using Debit Cards. The next time you are asked "Debit or credit?" at the checkout, use your credit card. The law limits your liability to $50 if a credit card is stolen, but you could lose much more if you report debit card theft.
Fair Credit Billing Act
This federal act limits the liability of a credit card holder to a maximum of $50 for any unauthorized transaction -- whether or not your card was actually stolen. Someone may have been able to access your account without the card.
Electronic Fund Transfer Act
This limits the liability of a debit card holder to a maximum of $50 if you notify the bank about a lost card within two days and up to $500 if the bank's notified after two days. After 60 days, there is potentially unlimited liability on the debit cardholder.
If someone makes an unauthorized transaction without obtaining the debit card, you could be liable for all transactions made after 60 days of receiving your bank statement and before you tell the bank.
Proactive measures to limit liability for unauthorized transactions:
Fair Credit Billing Act
This federal act limits the liability of a credit card holder to a maximum of $50 for any unauthorized transaction -- whether or not your card was actually stolen. Someone may have been able to access your account without the card.
Electronic Fund Transfer Act
This limits the liability of a debit card holder to a maximum of $50 if you notify the bank about a lost card within two days and up to $500 if the bank's notified after two days. After 60 days, there is potentially unlimited liability on the debit cardholder.
If someone makes an unauthorized transaction without obtaining the debit card, you could be liable for all transactions made after 60 days of receiving your bank statement and before you tell the bank.
Proactive measures to limit liability for unauthorized transactions:
- watch your checking account balance
- check your statements
- call the bank immediately to report a lost or stolen debit card, or notify the bank of an unauthorized transaction
Shoppers must be made aware of ways to safeguard personal information and their money.
Not annually.
Not monthly.
But weekly, if not daily.
Besides switching from debit to credit cards, I suggest the regular check of accounts and your credit report. Using the credit card option on your debit card, is not safe, either. It is a non-PIN option to using money in your account.
Companies are sloppy with information. People need to be aware that companies are not protecting their information.
Your credit card is their money, but your debit card is your hard earned money!!!
Consumers should find out their bank's written policy on liability for unauthorized transactions if they use a debit card. Although a number of banks limit liability to $50 or less for fraud, a thief can drain your account, and if a conflict with the bank arises, no law requires that you see any of that money again.
Friday, April 13, 2007
Tax Time TIPS
A majority of Americans will finish filing their taxes this weekend. I wanted to give you a few reminders to help you keep your information safe.
It is important that you are aware that most photocopiers produced in the last five years contain hard disk drives that keep a picture of every document copied over a historical period. This means that someone else can gain access to any document you photocopy. Most of these copiers don't include security software and encryption to protect or adequately erase data that is no longer needed.
The biggest threat comes from the companies that service photocopiers (you know, the ones who fraudulently call you and try to get you to order new toner or service your machine?). When repairing a photocopier, most any competent technician will know how to run a copy of all historical documents. Tax documents are particularly vulnerable because of all of the private information they contain.
It is important that you are aware that most photocopiers produced in the last five years contain hard disk drives that keep a picture of every document copied over a historical period. This means that someone else can gain access to any document you photocopy. Most of these copiers don't include security software and encryption to protect or adequately erase data that is no longer needed.
The biggest threat comes from the companies that service photocopiers (you know, the ones who fraudulently call you and try to get you to order new toner or service your machine?). When repairing a photocopier, most any competent technician will know how to run a copy of all historical documents. Tax documents are particularly vulnerable because of all of the private information they contain.
There are several solutions:
- Photocopy documents on a photocopier that has no hard drive
- Photocopy documents on a copier that you own and can frequently erase the hard drive
- Ask the company copying for you (e.g., Kinkos) if they maintain an image of your photocopy and how often they erase the drive (CHOP for those of you who have seen me speak)
- Make sure you ask your CPA, Bookkeeper, Lawyer and Broker about their photocopy machines. Most of them probably don't even know that it is becoming a problem
- Make sure you mail your tax return via USPS Registered Mail with Return Receipt in order to provide an extra level of security. Drop your filing off inside of the post office; never use the blue USPS boxes to mail sensitive documents (many of them get picked up at night by ID thieves and replaced by morning) and don't send it from your home or the office.
- When you are done filing, store the documents in a locked filing cabinet or fire safe. You protect yourself against fire and theft at the same time.
- Don't forget that it is also tax scam season. Ignore all faxes and emails that appear to be from the IRS. They are NOT FROM THE IRS, but are trying to get your private information from you. If you receive one of these faxes or emails, contact the IRS at phishing@irs.gov.
Monday, April 9, 2007
Sounds Familiar
An article was just published in the American Bar Association Journal.
The article details how a lawyer has come up with a 'new concept' of having home parties for estate planning packages. This concept sounds familiar. Can you say Pre-Paid Legal?
Included in this attorneys estate planning package is a basic will, healthcare proxy, and a durable power of attorney. For this, the attorney gives a $25 discount off his normal feee of ONLY $500.
ONLY $500 for what PPL does (and a PPL Legal Plan does a whole lot more) for $17 per month.
"But Haroutunian thinks his take on the Tupperware party could be just as big. He’s contemplating creating a franchise for the will-signing party, and he thinks there will be no shortage of takers. In fact, just the other day, he says, an Ohio attorney who got wind of the idea called him to learn more. "
The article details how a lawyer has come up with a 'new concept' of having home parties for estate planning packages. This concept sounds familiar. Can you say Pre-Paid Legal?
Included in this attorneys estate planning package is a basic will, healthcare proxy, and a durable power of attorney. For this, the attorney gives a $25 discount off his normal feee of ONLY $500.
ONLY $500 for what PPL does (and a PPL Legal Plan does a whole lot more) for $17 per month.
"But Haroutunian thinks his take on the Tupperware party could be just as big. He’s contemplating creating a franchise for the will-signing party, and he thinks there will be no shortage of takers. In fact, just the other day, he says, an Ohio attorney who got wind of the idea called him to learn more. "
Seize the opportunity you have before you.
Privacy Advocate Pushes to Protect Data in Public Records
April 09, 2007 (Computerworld) For nearly five years, Betty “BJ” Ostergren — a feisty 57-year-old former insurance claims supervisor — has led a one-person crusade to persuade county and state government officials to stop posting public records containing Social Security numbers and other personal data on their Web sites.
Last month, Ostergren persuaded the secretaries of state in Colorado and Arizona to break links to some commercial and tax lien documents. And last week, she began putting public pressure on Massachusetts Secretary of State William Galvin to do the same thing.
Ostergren, who lives in Virginia, spoke with Computerworld about her privacy campaign last week.
Excerpts follow:
Are there many counties around the U.S. that are still posting public records with personal data?
Yes, there are. It’s stupid, it’s reckless, and it’s dangerous. Here’s a thought: If somebody wants to see a public record, why don’t they get in their car and drive down to the courthouse or the secretary of state’s office? Don’t be spoon-feeding criminals with stuff on the Internet. County clerks say all they’re doing is making the same records that are available in the courthouse available online.
What’s wrong with that?
Sure, these are open records at the courthouse, as well they should be. But when we first started putting our records in these courthouses hundreds of years ago, it was for safekeeping and for different legal purposes. With the advent of the Internet, everybody wants to put all this crap online, and I just think that it’s dead wrong.
So who do you think is accessing the data?
Absolutely anybody and everybody can access it. People from outside this country are into these sites, and so are people from within this country. Maybe it’s your neighbor down the street. A site like the Colorado secretary of state’s is free and open. Anybody can just simply sign up and get a password, and in a minute you can get right in.
But some states and counties require you to pay for the records, right?
A subscription is no protection. In Virginia, for $25 you can sign up to access [the Web site of] Fairfax County. I send in $25 and I get a password and a username back in three days or so, and then I’m in there sitting on 33 million records and about 5 million Social Security numbers. That’s where you lose control of those records. There are people downloading them by the gazillions.
Last month, Ostergren persuaded the secretaries of state in Colorado and Arizona to break links to some commercial and tax lien documents. And last week, she began putting public pressure on Massachusetts Secretary of State William Galvin to do the same thing.
Ostergren, who lives in Virginia, spoke with Computerworld about her privacy campaign last week.
Excerpts follow:
Are there many counties around the U.S. that are still posting public records with personal data?
Yes, there are. It’s stupid, it’s reckless, and it’s dangerous. Here’s a thought: If somebody wants to see a public record, why don’t they get in their car and drive down to the courthouse or the secretary of state’s office? Don’t be spoon-feeding criminals with stuff on the Internet. County clerks say all they’re doing is making the same records that are available in the courthouse available online.
What’s wrong with that?
Sure, these are open records at the courthouse, as well they should be. But when we first started putting our records in these courthouses hundreds of years ago, it was for safekeeping and for different legal purposes. With the advent of the Internet, everybody wants to put all this crap online, and I just think that it’s dead wrong.
So who do you think is accessing the data?
Absolutely anybody and everybody can access it. People from outside this country are into these sites, and so are people from within this country. Maybe it’s your neighbor down the street. A site like the Colorado secretary of state’s is free and open. Anybody can just simply sign up and get a password, and in a minute you can get right in.
But some states and counties require you to pay for the records, right?
A subscription is no protection. In Virginia, for $25 you can sign up to access [the Web site of] Fairfax County. I send in $25 and I get a password and a username back in three days or so, and then I’m in there sitting on 33 million records and about 5 million Social Security numbers. That’s where you lose control of those records. There are people downloading them by the gazillions.
Sunday, April 1, 2007
Industry of Ignorance or Greed?
I have stated in my book as well as my lectures and seminars that in my opinion identity theft “insurance” or a “monitoring service” that is proactive as well as reactive will be a must in everyone’s insurance portfolio within three to five years.
You do not have to like this, it is a matter of necessity.
Ask yourself, when is the last time you have made a claim under your auto insurance? What about your home owners insurance? Then why do most of you carry it? It is the same reason you will start to carry identity theft insurance.
The problem with insurance products on the market today is they are not robust enough. Until someone starts to listen to the masses and builds a product for the good of the people instead of for corporate greed the individual will continue to lose.
I am convinced the insurance industry is to lazy and greedy to do the research needed to build a product that will have some real teeth. I am also convinced that the congress is to lazy, greedy and worried about being re-elected to make any "real" changes to the law that, god forbid, is on the side of the public instead of "corporate america." I want to assure the insurance industry, if you get your head out of the sand and realize what opportunity you have in front of you there is a lot of money to be made, while truly fulfilling your client's needs.
In a meeting, roughly one year ago, I attended with a large company that provides an identity theft protection product, I voiced my concern with their product and the lack of “true” proactive coverage and the false sense of security the consumer was getting from it. The answer I received from their managers was flabbergasting. They said their product was … (Another Post for another Time) Even I was shocked.
This is not a local, state, regional, or national issue, this is a global issue that can and will cause financial destruction on a global scale. This global issue will soon become an epidemic if unchecked as the below article from South Africa demonstrates.
In an article written by Nabelah Adams on 15 March 2007 for BusinessOwner.Co.ZA, Nabelah quotes Caroline Buthelezi of the Credit Information Ombud’s Office of South Africa as stating, “Clearing one’s name involves a great deal of effort as many people only discover the consequences of not reporting their ID book stolen when the credit bureau has already handed the matter over to their lawyers.”
“The consequences of ID theft might be even more exacerbated by the fact that attempts to have matters resolved are complicated by having to deal with attorneys,” Buthelezi says.
This is of course if you can afford to hire an attorney.
© 2007 Michael R. McCoy
You do not have to like this, it is a matter of necessity.
Ask yourself, when is the last time you have made a claim under your auto insurance? What about your home owners insurance? Then why do most of you carry it? It is the same reason you will start to carry identity theft insurance.
The problem with insurance products on the market today is they are not robust enough. Until someone starts to listen to the masses and builds a product for the good of the people instead of for corporate greed the individual will continue to lose.
I am convinced the insurance industry is to lazy and greedy to do the research needed to build a product that will have some real teeth. I am also convinced that the congress is to lazy, greedy and worried about being re-elected to make any "real" changes to the law that, god forbid, is on the side of the public instead of "corporate america." I want to assure the insurance industry, if you get your head out of the sand and realize what opportunity you have in front of you there is a lot of money to be made, while truly fulfilling your client's needs.
In a meeting, roughly one year ago, I attended with a large company that provides an identity theft protection product, I voiced my concern with their product and the lack of “true” proactive coverage and the false sense of security the consumer was getting from it. The answer I received from their managers was flabbergasting. They said their product was … (Another Post for another Time) Even I was shocked.
This is not a local, state, regional, or national issue, this is a global issue that can and will cause financial destruction on a global scale. This global issue will soon become an epidemic if unchecked as the below article from South Africa demonstrates.
In an article written by Nabelah Adams on 15 March 2007 for BusinessOwner.Co.ZA, Nabelah quotes Caroline Buthelezi of the Credit Information Ombud’s Office of South Africa as stating, “Clearing one’s name involves a great deal of effort as many people only discover the consequences of not reporting their ID book stolen when the credit bureau has already handed the matter over to their lawyers.”
“The consequences of ID theft might be even more exacerbated by the fact that attempts to have matters resolved are complicated by having to deal with attorneys,” Buthelezi says.
This is of course if you can afford to hire an attorney.
© 2007 Michael R. McCoy
Saturday, March 31, 2007
An Open Letter From a So-Called Stupid
Why Identity Theft makes us all dummies, and what you can do to stop being stupid...
Someone recently told me, "You would have to be a stupid to lose your personal information."
While I respectfully responded to this person in the moment, the comment has stuck with me. I present on identity theft all over the Western United States, and thought I would respond to this particular individual in writing.
There are multitudes of ways to lose your personal information. You have undoubtedly heard of many of them. Fake web sites, data theft, stealing people’s trash, stealing people’s outgoing mail, check fraud, etc., are just a few of the possibilities for loss of information. Job ads are also being used for Identity Theft. Monster.com ranks fake companies posing as real companies on their web site among their biggest problems.
Since Februaury 5th 2005 the Privacy Rights Clearinghouse has reported that over 104 million U.S consumers have had their information lost, stolen or compromised.
So, to you who think that it could never happen to you, you might want to read this next sentence twice. No matter how good you are, no matter how vigilant, no matter how much you shred or tear, no matter how many times you go to the post office so that you don't put outgoing mail in your home mailbox, regardless of how well you can hide in your home, there is no 100% effective defense against Identity Theft. Let me say that again, in case you don't read it twice. There is NO 100% effective method to defend yourself against identity theft.
Here's an example of why. Let's say you want to get health insurance, or auto insurance, or finance a car, etc. etc. etc. Let's say for purposes of this example that you are trying to get health insurance through your company. This is a relatively simple process, right? Fill out the form, and wait to get the insurance cards in the mail.
What you may not realize is that the insurance agent has taken the form you filled out and submitted it for group health. It is submitted to three different companies for underwriting. So now, the insurance agent and the insurance company has the information from you, the three companies supplying the insurance coverage have the information on you, AND all of the employees at all four points have access to the information. Think about how many employees that might be.
That information is often then passed on to a data warehouse like ChoicePoint, and anyone who has access to ChoicePoint now has access to that information. Who has access to ChoicePoint? I think with the recent news articles, the more appropriate question is, who doesn't have access to ChoicePoint?
The information is also submitted to your MIB (Medical Information Bureau) file. Anyone who has access to the MIB files, now has access to all of that information. Who has access to the Medical Information Bureau records? Anyone, at any hospital around the United States, who has even a small amount of clearance, has access to the Medical Information Bureau records.
According to John Gardner, co-author or Chicken Soup for the Entrepreneurial Soul, "This makes the Identity Theft Shield, along with a Pre-Paid Legal Services Membership, an absolute must for anyone that’s breathing.”
So to you, sir, who more or less said to me, “You’d have to be stupid to become a victim of Identity Theft!” I wish you my best. If you want to continue thinking that shredding your information is going to protect you, then for you I respectfully choose a phrase used by my friend Larry Smith. “Sometimes, you just can’t fix stupid.”
Someone recently told me, "You would have to be a stupid to lose your personal information."
While I respectfully responded to this person in the moment, the comment has stuck with me. I present on identity theft all over the Western United States, and thought I would respond to this particular individual in writing.
There are multitudes of ways to lose your personal information. You have undoubtedly heard of many of them. Fake web sites, data theft, stealing people’s trash, stealing people’s outgoing mail, check fraud, etc., are just a few of the possibilities for loss of information. Job ads are also being used for Identity Theft. Monster.com ranks fake companies posing as real companies on their web site among their biggest problems.
Since Februaury 5th 2005 the Privacy Rights Clearinghouse has reported that over 104 million U.S consumers have had their information lost, stolen or compromised.
So, to you who think that it could never happen to you, you might want to read this next sentence twice. No matter how good you are, no matter how vigilant, no matter how much you shred or tear, no matter how many times you go to the post office so that you don't put outgoing mail in your home mailbox, regardless of how well you can hide in your home, there is no 100% effective defense against Identity Theft. Let me say that again, in case you don't read it twice. There is NO 100% effective method to defend yourself against identity theft.
Here's an example of why. Let's say you want to get health insurance, or auto insurance, or finance a car, etc. etc. etc. Let's say for purposes of this example that you are trying to get health insurance through your company. This is a relatively simple process, right? Fill out the form, and wait to get the insurance cards in the mail.
What you may not realize is that the insurance agent has taken the form you filled out and submitted it for group health. It is submitted to three different companies for underwriting. So now, the insurance agent and the insurance company has the information from you, the three companies supplying the insurance coverage have the information on you, AND all of the employees at all four points have access to the information. Think about how many employees that might be.
That information is often then passed on to a data warehouse like ChoicePoint, and anyone who has access to ChoicePoint now has access to that information. Who has access to ChoicePoint? I think with the recent news articles, the more appropriate question is, who doesn't have access to ChoicePoint?
The information is also submitted to your MIB (Medical Information Bureau) file. Anyone who has access to the MIB files, now has access to all of that information. Who has access to the Medical Information Bureau records? Anyone, at any hospital around the United States, who has even a small amount of clearance, has access to the Medical Information Bureau records.
According to John Gardner, co-author or Chicken Soup for the Entrepreneurial Soul, "This makes the Identity Theft Shield, along with a Pre-Paid Legal Services Membership, an absolute must for anyone that’s breathing.”
So to you, sir, who more or less said to me, “You’d have to be stupid to become a victim of Identity Theft!” I wish you my best. If you want to continue thinking that shredding your information is going to protect you, then for you I respectfully choose a phrase used by my friend Larry Smith. “Sometimes, you just can’t fix stupid.”
Is identity theft going DOWN?
Maybe you have read some headlines recently that studies show identity theft is decreasing.
First let me say, this study was completed on the heels of one of the biggest data breaches with the widest ripple effect in recent history..... TJ Maxx.
The Javelin study was sponsored by Visa, Wells Fargo and electronic billing company CheckFree.
Do you suppose they have an interest in avoiding further regulation?
The Javelin Study was just 1 of 3 major studies that came out this month that indicate that identity theft is on the decline. Maybe now we can stop guarding our Social Security numbers like state secrets and sell our shredders on eBay. NOT.
It's hard to gauge the reliability of any of these reports.
1) Javelin Strategy & Research, in a phone survey of 5,000 people, found that 3.7 percent had their identity stolen in 2006, down from 4 percent in 2005 and 4.7 percent in 2003.
2) Then the Federal Trade Commission released its report, which showed that ID theft declined slightly last year from 2005, though it remained the top fraud complaint for the seventh consecutive year. The FTC study, based on complaints filed with the commission. The FTC study, based on complaints filed with the commission, ranked Florida fifth among states in ID thefts per capita. South Florida, encompassing Miami to West Palm Beach, was 37th among metropolitan areas.
3) A report released Wednesday by ID Analytics, a San Diego-based consultant, showed New York, California, Nevada and Arizona as the states with the highest risks of ID fraud. New York City, Detroit, Los Angeles and Little Rock, Ark., had the highest rates among cities. Neither Florida nor any cities in the state ranked in the top 10.
As for the FTC study, the sample base was large and the commission has been consistent with its methodology. But how meaningful is it to analyze only complaints made to the FTC? Most victims report ID theft to local police or not at all. (upwards of 60% goes Unreported)
Even if the studies were accurate, they would simply reflect the reality that anything measured by a number can peak only once. Just like real estate prices and the stock market, ID theft can't go up forever. Perhaps it already hit a historic high and is now leveling off.
Frankly, it shouldn't matter. The problem, regardless of whether it's a little bigger or a little smaller than it was a year ago, remains serious.
People need to protect what they can NOT prevent. That is why they need you.
If we read a report that crime is down, we don't start leaving our car doors open and our wallets lying around in public places. We didn't stop consuming vitamin C once scurvy was under control. So we shouldn't let our guard down now, either.
But is it possible we're too worried about ID theft? Is it possible the risks have been overhyped in the media? It won't come as a shock to anyone who has followed recent coverage of Anna Nicole Smith's death and the diaper-wearing astronaut lady, but the answer is yes, it's possible.
ID thefts described in the media -- such as the brazen use of someone's identity to have medical procedures provided -- accurately show how devastating the crime can be to its victims.
What does all this mean for consumers? Don't ditch your shredder just yet.
First let me say, this study was completed on the heels of one of the biggest data breaches with the widest ripple effect in recent history..... TJ Maxx.
The Javelin study was sponsored by Visa, Wells Fargo and electronic billing company CheckFree.
Do you suppose they have an interest in avoiding further regulation?
The Javelin Study was just 1 of 3 major studies that came out this month that indicate that identity theft is on the decline. Maybe now we can stop guarding our Social Security numbers like state secrets and sell our shredders on eBay. NOT.
It's hard to gauge the reliability of any of these reports.
1) Javelin Strategy & Research, in a phone survey of 5,000 people, found that 3.7 percent had their identity stolen in 2006, down from 4 percent in 2005 and 4.7 percent in 2003.
2) Then the Federal Trade Commission released its report, which showed that ID theft declined slightly last year from 2005, though it remained the top fraud complaint for the seventh consecutive year. The FTC study, based on complaints filed with the commission. The FTC study, based on complaints filed with the commission, ranked Florida fifth among states in ID thefts per capita. South Florida, encompassing Miami to West Palm Beach, was 37th among metropolitan areas.
3) A report released Wednesday by ID Analytics, a San Diego-based consultant, showed New York, California, Nevada and Arizona as the states with the highest risks of ID fraud. New York City, Detroit, Los Angeles and Little Rock, Ark., had the highest rates among cities. Neither Florida nor any cities in the state ranked in the top 10.
As for the FTC study, the sample base was large and the commission has been consistent with its methodology. But how meaningful is it to analyze only complaints made to the FTC? Most victims report ID theft to local police or not at all. (upwards of 60% goes Unreported)
Even if the studies were accurate, they would simply reflect the reality that anything measured by a number can peak only once. Just like real estate prices and the stock market, ID theft can't go up forever. Perhaps it already hit a historic high and is now leveling off.
Frankly, it shouldn't matter. The problem, regardless of whether it's a little bigger or a little smaller than it was a year ago, remains serious.
People need to protect what they can NOT prevent. That is why they need you.
If we read a report that crime is down, we don't start leaving our car doors open and our wallets lying around in public places. We didn't stop consuming vitamin C once scurvy was under control. So we shouldn't let our guard down now, either.
But is it possible we're too worried about ID theft? Is it possible the risks have been overhyped in the media? It won't come as a shock to anyone who has followed recent coverage of Anna Nicole Smith's death and the diaper-wearing astronaut lady, but the answer is yes, it's possible.
ID thefts described in the media -- such as the brazen use of someone's identity to have medical procedures provided -- accurately show how devastating the crime can be to its victims.
What does all this mean for consumers? Don't ditch your shredder just yet.
Everything your Insurance Agent and Banker forgot to tell you about Identity Theft Coverage
By David Bruerd, CITRMS
Pandora’s box has opened and will never close in our lifetime. Identity Theft is rapidly evolving and is quickly becoming a socio economic inevitability. In the last 2 years we have gone from worrying about Joe ‘Dumpster Diver’ to feeling we have no control due to ‘Corporate Data Theft.’
With all the media attention surrounding identity theft lately I have also witnessed a lot of the identity theft protection service providers coming under fire from the media as well. Making statements like… “is it all hype?” or “are these products really worth the money?” and “Should you really have to pay for identity theft protection?”
Pandora’s box has opened and will never close in our lifetime. Identity Theft is rapidly evolving and is quickly becoming a socio economic inevitability. In the last 2 years we have gone from worrying about Joe ‘Dumpster Diver’ to feeling we have no control due to ‘Corporate Data Theft.’
With all the media attention surrounding identity theft lately I have also witnessed a lot of the identity theft protection service providers coming under fire from the media as well. Making statements like… “is it all hype?” or “are these products really worth the money?” and “Should you really have to pay for identity theft protection?”
It would seem that the media makes a valid point.
But then again I remember when TV was FREE and in the not so distant future our kids will be questioning if radio was ever free. Ten years ago I would have told you you were crazy if you told me I would someday pay $2 for a bottle of water.
Most consumers know how to shop for auto, life, health and home owners insurances because they are second and third generation of most of those outsourced risk products. But identiy theft is a fairly new discipline, and in my line of work I hear many consumers say…. “I think I have something through my… (home owners policy, bank etc.)”
You know when someone says “I think I have something through my (home owners policy, credit card, bank etc.)…” it means they have NO clue what they just enrolled in what the fine print might take away. It just seemed like a good idea at the time.
Identity Theft Products and Services are not created equal.
Most of the hundreds of services I have personally evaluated are NOT comprehensive in nature by themselves… and offer little in restoring the WHOLE YOU.
The identity theft protection service industry is fairly simple and for the most part is comprised of 4 basic components.
Reimbursement Policies (also called ID Theft INSURANCE because hey are offered by Property &Casualty Carriers)
They are very inexpensive - Typically $25-$50 per year as an add-on to your home owners policy. In fact I saw a $20K policy the other day that was bundled in for FREE as a ‘value added bonus’ when you purchased an inexpensive computer software security program… which makes you wonder just how helpful it would be in the aftermath of identity theft… the actuarial numbers just don’t add up.
The downside may be Deductibles - like most P&C policies. In this case they could be $300-$500
As the name implies it is a reimbursement policy. You do the work of restoration yourself, ONLY to be ‘reimbursed’ for specifically defined out of pocket expenses as defined in the fine print of the master policy that you didn’t get around to reading before you enrolled. And trust me the insurance agent that sold it to you doesn’t do the work of recovery for you. Identity theft insurance does not cover direct monetary losses.
REIMBURSEMENT means that you will be out of pocket first to be reimbursed later after your claim has gone through the CLAIMS process.
Some of the REIMBURSED Expenses may include:
Lost WAGES – but check to see if lost wages is defined as… AFTER you have exhausted all of your ‘PAID TIME OFF” before you have technically lost any wages.
Legal Fees up to… If the policy covers legal fees, verify what limits apply and if legal work needs to be pre-approved by the insurer. (who determines reasonable and customary)
In these types of policies there are NOT any Credit Monitoring which serves as early detection to catch potential fraudulent dollar losses during the ‘Inquiry Phase vs. the MAXED out credit card phase… and the law holds the consumer partially responsible after 48 hours.
Credit Monitoring (Popular with Financial Institutions)
This is the monitoring of your SSN through one of 3 major repositories to look for credit activity before they turn to opened accounts and losses.
I am a fan of credit monitoring because it is the ONLY system in place to proactively and methodically monitor against this often unavoidable crime. Identity theft is like a poison gas -- nearly undetectable until after the debilitating affects have begun to take place. But Credit Monitoring only does one thing…. it can serve as an early warning system. But as a stand alone service it is like a band-aid on a broken leg. Much like a smoke detector it ONLY warns you that your nightmare may just beginning… it does NOT put out the fire.
Resolution Services are becoming popular as a form of help guidance or assistance in the aftermath of identity theft because they are relatively easy to deliver. They are typically outsourced call centers with Customer Service Reps answering the telephones and letting the victims know what they will need to do to make themselves whole again. I find this to be much like going out to the parking lot and finding your transmission lying on the ground under your car and and dialing a toll-free number on your cell phone to have someone send you a do-it-yourself manual or explain how you will need to crawl under your car with a bag of tools and put that sucker back together to get back on the road of life. I don’t know about you, but I am not much of a do-it-yourselfer.
The most important component in recovering from identity theft is Restoration Services:
Ask any victim of true identity theft about the process and they will tell you the act of becoming a victim is not the horrific part. It is the NEXT 2 years of making themselves whole again. In my weekly workshops I ask “who in attendance has been a victim of ID Theft.” Then the $64,000 question for those that did not raise their hand. How do you know you are NOT a victim right now? Unlike tradtional crimes it would ONLY take the blink of an eye to figure out we were being mugged in the parking lot but according to the FTC, the average amount of time that lapses from the date id theft occurs to the date that it is noticed by the victim is 14 months.
Since identities are stolen by professionals… it ONLY makes since to have it restored by professionals? Restoration is the single most important component of identity theft protection yet it is the hardest to deliver by service providers because it means having an infrastructure of licensed investigators and attorneys on staff. Many services will disguise this by using fancy terms like ‘Recovery Advocate’ to make you believe they will actually do the 'heavy lifting.' Usually a little further into the sentence\paragraph they will use nebulous terms like help, guidance or assistance. Which may mean they only provide a ‘HOTLINE’ for you to call when you are a victim and you are greeted by someone in an outsourced 3rd world call center that offers you ‘Do-It-Yourself’ information you could have downloaded on the net for FREE.
The identity theft protection service industry is fairly simple and for the most part is comprised of 4 basic components.
Reimbursement Policies (also called ID Theft INSURANCE because hey are offered by Property &Casualty Carriers)
They are very inexpensive - Typically $25-$50 per year as an add-on to your home owners policy. In fact I saw a $20K policy the other day that was bundled in for FREE as a ‘value added bonus’ when you purchased an inexpensive computer software security program… which makes you wonder just how helpful it would be in the aftermath of identity theft… the actuarial numbers just don’t add up.
The downside may be Deductibles - like most P&C policies. In this case they could be $300-$500
As the name implies it is a reimbursement policy. You do the work of restoration yourself, ONLY to be ‘reimbursed’ for specifically defined out of pocket expenses as defined in the fine print of the master policy that you didn’t get around to reading before you enrolled. And trust me the insurance agent that sold it to you doesn’t do the work of recovery for you. Identity theft insurance does not cover direct monetary losses.
REIMBURSEMENT means that you will be out of pocket first to be reimbursed later after your claim has gone through the CLAIMS process.
Some of the REIMBURSED Expenses may include:
Lost WAGES – but check to see if lost wages is defined as… AFTER you have exhausted all of your ‘PAID TIME OFF” before you have technically lost any wages.
Legal Fees up to… If the policy covers legal fees, verify what limits apply and if legal work needs to be pre-approved by the insurer. (who determines reasonable and customary)
In these types of policies there are NOT any Credit Monitoring which serves as early detection to catch potential fraudulent dollar losses during the ‘Inquiry Phase vs. the MAXED out credit card phase… and the law holds the consumer partially responsible after 48 hours.
Credit Monitoring (Popular with Financial Institutions)
This is the monitoring of your SSN through one of 3 major repositories to look for credit activity before they turn to opened accounts and losses.
I am a fan of credit monitoring because it is the ONLY system in place to proactively and methodically monitor against this often unavoidable crime. Identity theft is like a poison gas -- nearly undetectable until after the debilitating affects have begun to take place. But Credit Monitoring only does one thing…. it can serve as an early warning system. But as a stand alone service it is like a band-aid on a broken leg. Much like a smoke detector it ONLY warns you that your nightmare may just beginning… it does NOT put out the fire.
Resolution Services are becoming popular as a form of help guidance or assistance in the aftermath of identity theft because they are relatively easy to deliver. They are typically outsourced call centers with Customer Service Reps answering the telephones and letting the victims know what they will need to do to make themselves whole again. I find this to be much like going out to the parking lot and finding your transmission lying on the ground under your car and and dialing a toll-free number on your cell phone to have someone send you a do-it-yourself manual or explain how you will need to crawl under your car with a bag of tools and put that sucker back together to get back on the road of life. I don’t know about you, but I am not much of a do-it-yourselfer.
The most important component in recovering from identity theft is Restoration Services:
Ask any victim of true identity theft about the process and they will tell you the act of becoming a victim is not the horrific part. It is the NEXT 2 years of making themselves whole again. In my weekly workshops I ask “who in attendance has been a victim of ID Theft.” Then the $64,000 question for those that did not raise their hand. How do you know you are NOT a victim right now? Unlike tradtional crimes it would ONLY take the blink of an eye to figure out we were being mugged in the parking lot but according to the FTC, the average amount of time that lapses from the date id theft occurs to the date that it is noticed by the victim is 14 months.
Since identities are stolen by professionals… it ONLY makes since to have it restored by professionals? Restoration is the single most important component of identity theft protection yet it is the hardest to deliver by service providers because it means having an infrastructure of licensed investigators and attorneys on staff. Many services will disguise this by using fancy terms like ‘Recovery Advocate’ to make you believe they will actually do the 'heavy lifting.' Usually a little further into the sentence\paragraph they will use nebulous terms like help, guidance or assistance. Which may mean they only provide a ‘HOTLINE’ for you to call when you are a victim and you are greeted by someone in an outsourced 3rd world call center that offers you ‘Do-It-Yourself’ information you could have downloaded on the net for FREE.
What I advise clients to look for in restoration coverage, is the term ‘Limited Power of Attorney.’ This means the service providers licensed investigator can actually act on the victims behalf and get the work done with the least amount of involvement from the victim. Most consumers are NOT trained in the protocols of identity theft restoration and there are few if any community college offering classes in ‘Identity Theft Restoration 101.’
As a former victim myself and currently a victims advocate, I had a hard time suggesting consumers should even consider buying one more form of outsourced-risk coverage when most of us already feel ‘insurance poor’. But as I looked at the statistical probability of being a victim of identity theft and utilizing my id theft coverage over all other outsourced-risk coverage (combined) it all came down to mathematics.
Considering that even the MOST comprehensive forms of ID Theft protection available are relatively inexpensive comparatively. I had to ask myself…
What is my time worth?
About David Bruerd and the Identity Theft Awareness Group™ (iTAG):
Because of his early efforts as an identity theft advocate, David Bruerd became the nations very first ‘Certified Identity Theft Risk Management Specialist’ and is considered Oregon’s foremost authority on the subject of identity theft. After becoming a victim himself in 2001 he founded the Identity Theft Awareness Group™ (iTAG). iTAG has grown to become a national identity theft education and protection organization. iTAG conducts computerized Risk Assessments and provides onsite Privacy Trainings to help businesses create an ‘Affirmative Defense’ against the often unavoidable data loss or breach. This helps businesses comply with current and proposed identity theft legislation and to help ensure their Benefit Programs accommodate for current and evolving trends in identity theft.
Friday, March 30, 2007
The Fallacy of Fraud Alerts
By Lucy Lazarony • Bankrate.com
If you think putting a fraud alert on your credit report will stop an identity thief, think again.
"Just because a fraud alert is on there does not mean it provides much of a measure of protection," says Judith Collins, director of Identity Theft Partnerships in Prevention at Michigan State University.
A fraud alert is a statement that's placed on your credit report to alert creditors that your private financial information has been or may be compromised. A fraud alert also lists your telephone number. Creditors are asked to call and verify all credit applications made in your name before granting credit.
What good is a fraud alert?Fraud alerts are supposed to curb identity theft by preventing impostors from receiving credit in victims' names. But a fraud alert will only work if a creditor takes the time to read it. This doesn't always happen. And some lenders grant credit without even pulling a person's full credit report.
"A fraud alert is supposed to be a warning to protect a company from fraud, yet they choose to blindly go against it," says Jay Foley, co-executive director of the Identity Theft Resource Center.
Keep in mind that fraud alerts are advisory only. Lenders are not legally obligated to act on them in any way.
Lenders that brush off consumer fraud warnings and ID verification requests could wind up issuing credit to impostors time and time again, and the victims get stuck with a credit mess, time and time again.
Identity-theft victims end up monitoring their credit reports and disputing inaccurate information long after learning of the crime.
Just ask Tracey Thomas of San Francisco. A health care worker stole her identity in late 1999. Thomas learned of the crime in March 2000 and immediately put a fraud alert on her credit report.
"She was still able to get credit in my name with no problem at all. So was I when my credit wasn't trashed," Thomas says. An uneasy pattern set in over the next several months. Posing as Thomas, a thief opened credit accounts, ran up balances and walked away from the bills.
Thomas then went to work informing creditors and the credit reporting agencies that a thief was making charges in her name. As soon as Thomas got her credit report cleaned up, her impostor started charging again.
"She'd wait for me to clean it up and apply for credit all over again," Thomas says. All told, a thief was able to run up $15,000 of charges in Thomas' name.
Since placing a fraud alert on her credit report in March 2000, Thomas has applied for credit on four separate occasions. Three out of four creditors granted her credit without first verifying her identity.
"Only one creditor has ever bothered with my fraud alert," Thomas says. "One credit card company was responsible enough to see there was a fraud alert and obey it."
Can politicians help?
Legislators are looking at ways to make fraud alerts more effective deterrents of identity theft.
A U.S. Senate bill S. 223 introduced by Sen. Dianne Feinstein, D-Calif., would give the Federal Trade Commission the authority to impose fines on creditors that fail to heed fraud alerts.
A state Senate bill in California would require banks and retailers to honor all fraud alerts.
According to SB 25, which was passed by the California Senate on June 4, any business that pulls a credit report with a fraud alert must contact the consumer at the phone number on the alert before approving new loans and credit.
Any federal bills aiding identity-theft victims are likely to be addressed later this year when the Fair Credit Reporting Act, which is up for renewal, is reviewed.
"It's going to require legislation," Foley says. "Voluntary programs to check fraud alerts are already in place and they don't work 100 percent."
Credit reporting agencies, while making it easier to place fraud alerts on a consumer credit file with a new one-call system, are no help when it comes to enforcing fraud alerts.
"It's incumbent on credit grantors," says Jeffrey Junkas, a spokesman for TransUnion. "We've done our part in informing credit grantors of a consumer's wishes in the fraud alert."
As long as some credit grantors continue to ignore fraud alerts, identity-theft victims and their credit reports will remain vulnerable to new credit assaults.
"There's a very high stress level," says Collins, whose identity was stolen almost four years ago.
"The problems go on and on. Once an identity is stolen, it's gone."
A thief could strike again at any time. "You never know," Collins says. "I still don't know."
If you think putting a fraud alert on your credit report will stop an identity thief, think again.
"Just because a fraud alert is on there does not mean it provides much of a measure of protection," says Judith Collins, director of Identity Theft Partnerships in Prevention at Michigan State University.
A fraud alert is a statement that's placed on your credit report to alert creditors that your private financial information has been or may be compromised. A fraud alert also lists your telephone number. Creditors are asked to call and verify all credit applications made in your name before granting credit.
What good is a fraud alert?Fraud alerts are supposed to curb identity theft by preventing impostors from receiving credit in victims' names. But a fraud alert will only work if a creditor takes the time to read it. This doesn't always happen. And some lenders grant credit without even pulling a person's full credit report.
"A fraud alert is supposed to be a warning to protect a company from fraud, yet they choose to blindly go against it," says Jay Foley, co-executive director of the Identity Theft Resource Center.
Keep in mind that fraud alerts are advisory only. Lenders are not legally obligated to act on them in any way.
Lenders that brush off consumer fraud warnings and ID verification requests could wind up issuing credit to impostors time and time again, and the victims get stuck with a credit mess, time and time again.
Identity-theft victims end up monitoring their credit reports and disputing inaccurate information long after learning of the crime.
Just ask Tracey Thomas of San Francisco. A health care worker stole her identity in late 1999. Thomas learned of the crime in March 2000 and immediately put a fraud alert on her credit report.
"She was still able to get credit in my name with no problem at all. So was I when my credit wasn't trashed," Thomas says. An uneasy pattern set in over the next several months. Posing as Thomas, a thief opened credit accounts, ran up balances and walked away from the bills.
Thomas then went to work informing creditors and the credit reporting agencies that a thief was making charges in her name. As soon as Thomas got her credit report cleaned up, her impostor started charging again.
"She'd wait for me to clean it up and apply for credit all over again," Thomas says. All told, a thief was able to run up $15,000 of charges in Thomas' name.
Since placing a fraud alert on her credit report in March 2000, Thomas has applied for credit on four separate occasions. Three out of four creditors granted her credit without first verifying her identity.
"Only one creditor has ever bothered with my fraud alert," Thomas says. "One credit card company was responsible enough to see there was a fraud alert and obey it."
Can politicians help?
Legislators are looking at ways to make fraud alerts more effective deterrents of identity theft.
A U.S. Senate bill S. 223 introduced by Sen. Dianne Feinstein, D-Calif., would give the Federal Trade Commission the authority to impose fines on creditors that fail to heed fraud alerts.
A state Senate bill in California would require banks and retailers to honor all fraud alerts.
According to SB 25, which was passed by the California Senate on June 4, any business that pulls a credit report with a fraud alert must contact the consumer at the phone number on the alert before approving new loans and credit.
Any federal bills aiding identity-theft victims are likely to be addressed later this year when the Fair Credit Reporting Act, which is up for renewal, is reviewed.
"It's going to require legislation," Foley says. "Voluntary programs to check fraud alerts are already in place and they don't work 100 percent."
Credit reporting agencies, while making it easier to place fraud alerts on a consumer credit file with a new one-call system, are no help when it comes to enforcing fraud alerts.
"It's incumbent on credit grantors," says Jeffrey Junkas, a spokesman for TransUnion. "We've done our part in informing credit grantors of a consumer's wishes in the fraud alert."
As long as some credit grantors continue to ignore fraud alerts, identity-theft victims and their credit reports will remain vulnerable to new credit assaults.
"There's a very high stress level," says Collins, whose identity was stolen almost four years ago.
"The problems go on and on. Once an identity is stolen, it's gone."
A thief could strike again at any time. "You never know," Collins says. "I still don't know."
Welcome to the Team !!!
Hello and welcome,
Identity Theft is in the news everyday. The identity theft protection industry is in its infancy. There is NO doubt this arena will mature just like other outsourced risk categories (i.e auto, life, health and home) It is being compared to the birth of the computer virus at the turn of the new millenium. Experts estimate that over 70% of the U.S consumer public will own some form of identity theft protection in the next 36-48 months. In other words it will go through its economic 'S Curve' at a break neck speed.
Identity Theft is in the news everyday. The identity theft protection industry is in its infancy. There is NO doubt this arena will mature just like other outsourced risk categories (i.e auto, life, health and home) It is being compared to the birth of the computer virus at the turn of the new millenium. Experts estimate that over 70% of the U.S consumer public will own some form of identity theft protection in the next 36-48 months. In other words it will go through its economic 'S Curve' at a break neck speed.
Someone will market protection to them... will it be you?
This is your opportunity to posture yourself in front of your existing clients or sphere of influence as the authority on the subject. As the consumer public recognizes the social proof of identity theft that surrounds them, you will be their 'point of reference.'
A rising tide raises ALL ships... BUT your boat has to be in the water !!!
Empowering individuals\businesses with the information you will glean by your association with us will open numerous doors and help you reach all of your financial goals.
We are committed 110% to your success in this business.
Enthusiastically,
David Bruerd, CITRMS
Holly Yoes
We are committed 110% to your success in this business.
Enthusiastically,
David Bruerd, CITRMS
Holly Yoes
Subscribe to:
Posts (Atom)
Posts
