How to build up or rebuild your Credit

After taking all the necessary steps to Fixing a Credit Report after being hacked, it is then tome to rebuild your credit. Bad credit is bad credit no matter how it happens. No matter how responsible you are with your money, you won’t get a loan if there’s no evidence of this. The evidence comes from having credit. You need to show lenders you can be trusted.12D

  • Every time you apply for a credit card, this puts a dent in your credit score. In other words, it can negatively affect your scores especially if there are lots of credit checks in a short period of time. So apply with a lot of discretion; do you really need that extra charge card? Or is it worth it to continually cancel accounts and open new accounts while playing the interest/points game?
  • Get a major credit card. A charge card is an opportunity to show that you will pay back, on time, money that you “borrowed.” A debit card for this purpose is meaningless because it withdraws money from your account on the spot.
  • An option is a type of credit card that requires a security deposit. Payment of your bills will not come from this security deposit. But it looks good to a potential lender, making you seem more trustworthy.
  • Charge things like gas, food and other items, and/or put a monthly bill on the card for automatic payments such as your cable bill, then pay the card on time every single time—ideally the entire balance. This will create a record of your trustworthiness.
  • Charge no more than 50 percent of the card’s limit in any given month, even if you CAN pay the whole thing off every month. Exceeding 50 percent, some say, can adversely affect your credit score.
  • A rule of thumb is to charge only what you’d be able to pay in cold cash every month. Just because your card has a $5,000 limit doesn’t mean you should rack up $4,500 worth of purchases in one billing cycle.
  • Use the card every month; don’t let it go dormant, as this is not impressive to a lender. If you’re having a tough time remembering to charge things like new shoes, food, drug store items, etc., then set it up for automatic draft of a monthly service.
  • Even ONE late payment will screw things up. Remember, charge only what you’d be able to pay for in cash each month. If you can’t, don’t charge it.
  • If YOU check your credit report any time; it won’t dent your credit score. When lots of creditors check your credit, that can affect your scores.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Everything you need to know about a Credit Freeze

A credit freeze locks down your credit report so lenders can’t see your scores, making your credit/SSN useless to them because they don’t know their risk level.

1SIf thieves get ahold of your ID, they can’t get credit in your name as long as your credit is frozen. Freezing your credit will seal your credit reports. You’ll need a PIN to access your credit to allow valid services to check your credit when needed. Freezing won’t affect existing credit lines and are free to victims of ID theft. Since 2008, the three big credit bureaus have allowed non-victims to freeze their credit for a small charge.

When is a credit freeze a good idea?

For anyone 18 and over who has a credit report and those under 18 whose identity is stolen and for whom a report is then generated by default.

What should I consider before ordering a credit freeze?

Nothing. Just do it. Credit should be frozen across the board, but banks/retailers/lenders have spent millions lobbying to prevent that, as it would eliminate instant credit, and these institutions say that it would “gum up” the system of lending.

What are the costs?

Free to $15.00 per credit bureau for life, depending on the deal your state attorney general made with the bureau back in 2008. Then free to $5.00 to thaw it each time you apply for new lines of credit.

Inconvenience: It requires planning large financial decisions and being responsible. So horrible. Otherwise it takes five minutes per bureau to temporarily thaw your credit prior to financing a new line of credit at an auto dealer, mobile phone provider, etc.

Can a credit freeze hurt your credit score?

NO.

How does a credit freeze differ from a fraud alert?

Fraud alerts are only 90 days, and they don’t freeze your credit; they only alert a lender that you may have had your identity stolen, but don’t stop the lender from issuing credit in any way.

Fraud alerts at best are “notifications” that something may have gone wrong with your identity, but only suggest the lender takes additional steps to contact you before establishing credit in your name. It’s a false sense of security.

Where to Freeze:

Equifax

https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp

Experian

https://www.experian.com/freeze/center.html

Transunion

http://www.transunion.com/personal-credit/credit-disputes/credit-freezes.page

Just do it. NOW.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

5 Tips to Credit Card Identity Theft Prevention

Robert Siciliano Identity Theft Expert

In a recent article in Computer World, Tom Patterson CSO of Magtek, with his Glamor Shot photo, provides “5 counter-fraud tips you’ve never been told”. Anything a consumer can do to reduce their risk for account takeover, they should exercise. While in most cases the consumer isn’t responsible for the losses, as long as you refute the fraud in a specified time frame, and it’s your duty as a citizen to do so. Studies show much of the terrorists funding is coming from card fraud. Card fraud is a breach of national security.

Tip#1 Stare down your waiter, waitress, gas station attendant or anyone who you hand your card. Or at least stare at the card in process. You want to see where that card is going and how it’s being used. The idea here is to make sure the card isn’t being “skimmed” with a skimmer. This is good advice when it’s possible. Most waiters, gas station attendants walk away with the card. This really only works at a POS where the clerk never leaves the terminal. What you should see is the clerk swiping the card through a PC/register based fixed keyboard or terminal. If you see them swipe the card in a handheld skimmer or something on their body, like attached to a  belt or ankle that’s a redflag.

Tip#2 Shield your pin. This is absolutely necessary at any POS or ATM. The public nature of these devices makes it very easy for someone to shoulder surf and grab your pin. A cell phone video cam over your shoulder, a video camera from 50 feet away, binoculars or even a hidden camera attached the to face of the ATM can all compromise your pin. See here as explained in this video I did on ExtraTV demonstrating how I bought an ATM off Craigslist and rolled it all over Boston.

Tip#3 Change your card number. With millions of card numbers hacked over the last few years, chances are yours was compromised. I for one have had 3 changes of credit cards due to card issuers being proactive and sending me a new card whether I liked it or not. Tom suggests voluntarily changing your credit card number every few months. While this is an extra layer of protection, it’s not at all practical and I doubt even Tom does it. I have numerous EFT’s set up with my cards and changing the number means changing them as well. It’s enough of a burden to change it all when the banks issue a new card. But a nice idea if you have the time.

Tip#4 Check your credit card statements every day. This is an extra layer of protection that requires savant like attention. You check your email every day so checking your credit card statements every day is do-able right? Every week is sufficient. Even every 2 weeks is OK. Just make sure to check with your bank to determine what their cutoff date is to refute unauthorized withdrawals. For most credit cards it’s 60 days. For most banks it can be under 30 days. This is the most important tip of all.

Tip#5 Authenticate the card. Or the card holder. Today this is out of the hands of the consumer. There are a number of new technologies that if banks/retailers/industry adopt to identify the actual card/user at the POS or even online then most, if not all of the card fraud problems will be solved. There is a race going on right now to see who gets there first. In the next 1-5 years we may see new cards being issued such as “chip and pin” which are standard in Europe. Or no new cards at all but changes in the system that the card holder is unaware of, or a 2 card system that requires a second swipe of another authenticating card the hacker doesn’t have access to. There are also readily available technologies that will allow the turning on/off of your card with your own preset spend limits too. We will see how this all plays out.

 

Robert Siciliano identity theft speaker discussing credit card fraud on CNBC

10 Tips to Secure Online Holiday Shopping

Robert Siciliano Identity Theft Expert

UK officials shut down an amazing 1200 online retailers who scammed millions from unsuspecting shoppers. Most of the sites originated from identity thieves in Asia who tricked victims into believing they were legitimate sites.  Victims then lost money by entered their credit card data, sending checks or giving up banking details.

The sites sold high end designer items from Tiffany & Co, Ugg and jewelry. In some cases the victims actually received the items, but were counterfeit. Like Mom said, if it’s too good to be true it probably is. Of course nobody running the fake sites has been caught.

Criminals set up fake websites and then go through the same process legitimate eTailers do in regards to search engine optimization, search engine marketing and online advertising via adwords. They use key words to boost their rankings on Internet searches to show up along side legitimate sites. These same processes are also being used to infect unsuspecting users with malware.

Many victims who end up on scam sites generally get there via phish emails with offers for high end products for little money.

  1. It’s easy enough to avoid spoofed websites where phishing is the gateway. Common sense says any time you receive an offer via an email automatically be suspect. The same goes with offers via tweets and messages received in any social media. Scammers are committing social media identity theft every day.
  2. If you aren’t familiar with the eTailer don’t even bother clicking the links, especially if it’s a too good to be true offer.
  3. If it’s a known site sending the email and you decide to click links, make sure the address you end up at is in fact the actual domain of the eTailer. Beware of cybersquatting and typosquatting which may look like the domain of the legitimate eTailer.
  4. When placing an order always look for HttpS is the address bar signifying it’s a secure page. Scammer generally won’t take the time to set up secure sites. Note the closed padlock in your browser to back up the HttpS.
  5. Beware of emails coming for eBay scammers. I’m getting 10 a day. The fact is it’s difficult to tell a real from a fake. If you are seeking deals on eBay go right to the site and don’t bother responding to emails. If there is a deal you see in an email search it on eBay.
  6. Whenever you decide to make an eBay purchase look at the eBayers history. eBay is set up on the honor system and if the eBayer is an established seller with great feedback then they should be legitimate.
  7. Don’t worry about credit card fraud. But do pay close attention to your statements. Check them every two weeks online and refute unauthorized charges within 2 billing cycles, otherwise you will pay for an identity thieves gifts.
  8. Don’t use a debit-card online. If your debit card is compromised thats money out of your bank account. Credit cards have more protection and less liability.
  9. Avoid paying by check online/Mailorder. In person is OK. But to an unfamiliar virtual site is not. Once the money is taken from your account and you don’t receive the goods, you are going to have a difficult if not impossible task of getting it back. Use a uniball gel pen that prevents check-washing.
  10. Do business with those you know like and trust. I for one am guilty of buying from eTailers who have the best deals. But I only buy low ticket items from them, generally under $50.00. It’s best to buy high ticket items from eTailers that also have a brick and mortar locations.

Robert Siciliano identity theft speaker discussing holiday scams on Foxes Mike and Juliet Show

Obama; Cybersecurity and Identity Theft Protection Starts at Home

Robert Siciliano Identity Theft Expert

Whether you realize it or not, your computer is one of the biggest threats to your personal security. The Obama administration believes that your computer is also one of the biggest threats to national security.

The message is: Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace — for many to see, steal and use against you or your government.

The Internet is incredibly powerful and not particularly secure. It is powerful enough to bring people together, to educating, inform, and make life easier. But it’s also used to hurt, scam, and debilitate in so many ways.

The Pentagon’s computer systems are probed 360 million times per day, and one prominent power company has acknowledged that its networks see up to 70,000 scans per day. Every single day, utilities, banks, retailers and just about every computer network are faced with attacks. Many of these hacks are insignificant. Many are conducted with intent to commit crimes such as espionage, financial data theft, or the destruction of crucial information. The criminal hackers could be cyber-terrorists attempting to destroy the U.S. or its economy, malcontents simply wreaking havoc for its own sake, or opportunists looking for a profit.

The U.S. is a prime target for a number of reasons. The most obvious is that we’ve made mistakes that have many in the world hating us. Then there’s our financial system, which offers instant credit to anyone with a Social Security number. And of course, credit card security is an oxymoron, since anyone can use any credit card at any time. We have a bullseye on us and we put it there.

“Weapons of Mass Disruption” are a growing concern. The U.S. and many other countries are electrically and digitally dependent. Our critical infrastructures, including drinking water, sewer systems, phone lines, banks, air traffic, and government systems, all depend on the electric grid. After a major successful attack we’d be back to the dark ages instantly. No electricity, no computers, no gasoline, no refrigeration, no clean water. Think about when the power goes out in your house for a few hours. We’re stymied.

The Pentagon and the Department of Homeland Security are hiring thousands of computer experts to protect our networks. But the weakest link in the chain is not the government, but the citizens. Government has lots of work to do, but moms and pops are the most vulnerable. Enterprise networks have become hardened, while small business and the lowly consumer know enough about information security to get hacked. Awareness is key. You are either part of the problem or the solution.

Read this and every possible blog, article and report you have access to so you can stay on top of what is new and ahead of what is next in technology and the security necessary to keep it safe. Build your IT security vocabulary. Protect yourself and your business.

Those steps include:

Use antivirus software, spyware removal, parental controls and firewalls.

Back up your data locally and in the cloud.

Understand the risks associated with the wireless web especially when using unsecured public networks.

Protect your identity too. The most valuable resource you have is your good name. Allowing anyone to pose as you and let them damage your reputation is almost facilitating a crime. Nobody will protect you, except you.

  • Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.
  • And invest in Intelius identity theft protection. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.
  • Visit US-Cert here

Robert Siciliano identity theft speaker discussing the mess of data security on Fox News

Invest in Identity Theft Protection and a Credit Freeze

ConsumersUnion provides a resource for consumers to learn what their options are in regards to a “security or credit freeze”.

“There are more than eight million new victims of identity theft each year in the U.S. Many of these victims find that crooks have used stolen personal information like Social Security numbers to open new accounts in their victim’s name. A security freeze gives consumers the choice to “freeze” or lock access to their credit file against anyone trying to open up a new account or to get new credit in their name.”

When a security freeze is in place at all three major credit bureaus, an identity thief cannot open a new account because the potential creditor or seller of services will not be able to check the credit file. When the consumer is applying for credit, he or she can lift the freeze temporarily using a PIN so legitimate applications for credit or services can be processed.”

As essential and effective and as a credit freeze is, it can be cumbersome for some people. I’ve gone through it myself and was a little miffed by the inaccuracies in the administration by the credit bureaus who processed the applications.

For whatever reason when the applications were received they entered the data incorrectly and some of the freezes couldn’t go through. After a few letters and phone calls everything was straightened out.

The process generally involves an “affidavit” that requires name, address, Social Security number, and a copy of a utility bill to verify you are you. Fees for a freeze can be free up to $15.00 per credit bureau. Once this is complete, your identity as far as new account fraud is locked down pretty well. However that’s not enough.

State laws with affidavit downloads:

Alaska, ArizonaArkansas, California, Colorado, Connecticut, Delaware,District of Columbia, Florida,GeorgiaHawaiiIdahoIndiana, Illinois, Iowa,Kansas, KentuckyLouisiana, Maine, Maryland, Massachusetts, Minnesota, MississippiMontana, Nebraska, Nevada, New Hampshire, e=”text-decoration: underline;”>New Jersey, New Mexico, New YorkNorth Carolina, North Dakota, Ohio, Oklahoma, Oregon, PennsylvaniaRhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, VermontWashingtonWest Virginia, Wisconsin, Wyoming

For more information, see: Frequently Asked Questions about the security freeze.

Robert Siciliano Identity Theft Speaker discussing credit card and debit card fraud on CNBC

National Protect Your Identity Week Facilitates Identity Theft Protection and Education

Robert Siciliano Identity Theft Expert

A recent National Foundation for Credit Counseling (NFCC) survey conducted by Harris Interactive(R) revealed that 45 percent of all U.S. adults, roughly 101 million people, would feel at most risk for identity theft when making a purchase with a credit card that requires the card to be temporarily taken out of their sight, for example, at a restaurant.

By contrast, consumers are least fearful of falling victim to identity theft when using their credit card to make a purchase in person, for instance at a store. Only 21 percent of U.S. adults listed this as a concern, suggesting that consumers are comfortable as long as they can keep an eye on their card.

In an effort to provide consumers with identity theft education and protection, the NFCC announces its second annual National Protect Your Identity Week (PYIW), October 17-24. Joining the NFCC as a full partner this year is the Council of Better Business Bureaus (CBBB), combining the strength of two well-respected nonprofits behind this initiative.

A number of national organizations are also putting their weight behind this initiative, joining the NFCC and CBBB as Supporting PYIW Coalition Members. This Coalition includes: the American Bankers Association Education Foundation, AFSA Education Foundation, Consumer Action, Consumer Federation of America, Credit Union National Association, Federal Trade Commission, Identity Theft Resource Center, Jump$tart Coalition for Financial Literacy, Junior Achievement USA, National Council of LaRaza, National Crime Prevention Council, National Education Association Member Benefits, National Sheriff’s Association, Office of the Comptroller of the Currency, and the National Association of Triads. MSN Money is once again the national online media sponsor.

Consumers can find PYIW educational events in their area by going to www.ProtectYourIDNow.org. Hosted by a local member of the NFCC, BBB or other Coalition Member, consumers can take advantage of identity theft workshops, onsite shredding and credit report reviews. The Web site also includes identity theft prevention tips, videos, an interactive quiz to assess your risk of identity theft, and resources for victims.

A new feature this year on www.ProtectYourIDNow.org is a blog hosted by me. I will be providing insight, information and advice for consumers each day during PYIW and then weekly on the blog throughout the year on topics relevant to identity theft. The goal is to keep the public informed and not just one, but 10 steps ahead of the bad guys.

According to the non-profit Identity Theft Resource Center and other sources, identity theft can be sub-divided into five categories:

  • Business/commercial identity theft (using another’s business name to obtain credit)
  • Criminal identity theft (posing as another when apprehended for a crime)
  • Financial identity theft (using another’s identity to obtain goods and services)
  • Identity cloning (using another’s information to assume his or her identity in daily life)
  • Medical identity theft (using another’s information to obtain medical care or drugs)

We will be discussing these and many others issues of fraud on an ongoing basis.

1. Protecting yourself from new account fraud requires effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.

2. Invest in Intelius Identity Protection and Prevention. Because when all else fails you’ll have someone watching your back.

Robert Siciliano Identity Theft Speaker with ID Analytics discussing Social Media Identity Theft on Fox Boston

The Scourge of Medical Identity Theft

Robert Siciliano Identity Theft Expert

Medical identity theft can make you sick. As I once eloquently explained on CBS’s Early Show, if medical identity theft happens to you, “you’re screwed.” And it’s true.

Medical identity theft occurs when the perpetrator uses your name and, in some cases, other aspects of your identity, such as insurance information, to obtain medical treatment or medication or to make false claims for treatment or medication. As a result, erroneous or fraudulent entries wind up on your medical records, or sometimes entirely fictional medical records are created in your name. Having somebody else’s ailments noted on your medical records can create a great deal of confusion, potentially even negatively impacting your own health or medical treatment.

As of last week, a new rule requires health care providers, health plans, and other entities covered by the the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals of any breaches of their medical information. A breach, in this case, is defined as, “the acquisition, access, use, or disclosure of protected health information in a manner not permitted [by the HIPAA Privacy Rule] that compromises the security or privacy of the protected health information.”

Most states have required corporations to disclose data breaches for the past few years. Ever since the ChoicePoint breach in 2005, states have been implementing notification laws. At the time, ChoicePoint was only required to notify California residents. Once word spread that residents of other states had also been compromised in the breach, ChoicePoint became the poster child for what not to do in response to a data breach.

Since health care facilities often handle and store some of the same sensitive personal information that corporations do, these facilities are now subject to similar regulations. But protecting yourself from medical identity theft isn’t as easy as protecting yourself from financial identity theft.

  1. Medical ID cards, insurance cards and medical statements that come in the mail can all be used to steal your medical identity. Install a locking mailbox to prevent your mail from being stolen.
  2. Don’t carry cards in your wallet unless absolutely necessary like when you have an actual appointment.
  3. Protect medical information documents. Shred all throw away documentation and lock it up when it’s in your home or office.
  4. Treat your medical identity similarly as you treat your financial identity by getting similar protections. If the thief can’t steal your financial identity then your medical identity may be less attractive. Protecting yourself from new account fraud requires more effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.

Robert Siciliano identity theft speaker discusses medical identity theft on the CBS Early Show

Criminal Hackers Get to Momma and DaDa Via Children

Robert Siciliano Identity Theft Expert

I’m particularly irate about this. There’s criminal hackers, then there’s complete lowlife scumbag criminal hackers that hack children. InternetNews reports hackers took over sections of the PBS.org Web site earlier this week, installing malicious JavaScript code on the site’s “Curious George” page that infects visitors with a slew of software exploits.

For the uninitiated Curious George is a little happy go lucky bumbling monkey that continually gets himself in a pickle. His curiosity almost kills the monkey in every episode. Thank heavens for “”The Man in the Yellow Hat” which is Georges keeper and occasional life saver. A 41 year old male knows this when he waits 38 years to spawn.

Security research firm Purewire found that when visitors tried to log onto a fake authentication page they were served with an error page that took them to a malicious domain where the malware attempted to compromise users’ desktop applications.

So here you are in your kitchen making a bunt cake. You continually glance over in amazement that a 3 year old, who cant color in the lines or spell or count above 20 or even tie her own shoes, but she can navigate through an inexhaustible gaming and learning website of PBSKids. She whacks away at the keyboard from morning till evening. So intensely she hacks that when it’s time to pull her away from the computer to maybe, ahh eat? She takes a fit because you caught her mid Sid The Science Kid.

Little do you know that while little miss Mitnick was tap tap tapping away, some frigging cheesebag was trying to rifle all your data via a Clifford The Big Red Dog JavaScript reliant puzzle.  Is there no shame? Boundaries? Apparently not.

It is not immediately evident how hackers compromised the site. They may have taken advantage of a known flaw and  exploited a SQL injection vulnerability.

Kids playing were met with a pop-up message requesting authentication to enter a username and password during a game. “But DaDa, I don’t know my words yet”.  From here, no matter what was entered they were directed to an error page that had malicious code. The JavaScript then loaded malware targeting flaws in Adobe Acrobat Reader, AOL Radio AmpX and SuperBuddy and Apple QuickTime. If the affected computer was not up to date with all their critical security patches then they got the bug.

Lax security practices by consumers are giving scammers a base from which to launch attacks. USA Today reports IBM Internet Security Systems blocked 5000 SQL injections every day in the first two quarters of 2008. By midyear, the number had grown to 25,000 a day. By late fall, attacks climbed to 450,000 daily.

The key to identity theft protection and preventing your computer from becoming a zombie is to engage in every update for every browser, software and media player that you use, keeping your operating system updated and use anti-virus software such as McAfee Total Protection.

And if your 3 year old happens to engage a toothless criminal hacker from the Eastern Bloc and you haven’t been up to date, make sure you have a backup plan if your data is compromised.

1. Protecting yourself from new account fraud requires more effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.

2. Invest in Intelius Identity Protection and Prevention. Because when all else fails you’ll have someone watching your back.

Includes:

·         Triple Bureau Credit monitoring – monitors changes in your credit profiles from Equifax, Experian and TransUnion-includes email alerts of any suspicious changes

·         Social Security Number and Public Record Monitoring – monitors the internet and public sources for fraudulent social security number, aliases, addresses, and phone numbers

·         Junk Mail Reduction – stop identity thieves from using personal information from your mailbox, trash or even phone calls by eliminating junk mail, credit card offers and telemarketing calls

·         Neighborhood Watch – includes a sex offender report, list of neighbors and a neighbor report on each of your neighbors

·          Identity Theft Specialists  – if in the unlikely event you become a victim of identity theft our Identity Theft experts will work with you to restore your identity and good name

·         Credit Report Dispute – if you find errors on your credit report we will help you resolve them quickly

·         Protection Insurance and Specialists -Identity Protect has you covered with up to $25,000 in Identity Theft Recovery Insurance and access to Personal Identity Theft Resolution Specialists.

Robert Siciliano Identity Theft Speaker discussing soulless criminal hackers on Fox News

Carders, Dumps, and Identity Theft

Robert Siciliano Identity Theft Expert

WE DO NOT SELL DUMPS. DO NOT EMAIL OR CALL US.

WE DO NOT SELL DUMPS

Albert Gonzalez and his gang of criminal hackers were responsible for data breaches in retailers and payment processors, with some estimates saying they breached over 230 million records combined. Gonzalez, considered a proficient criminal hacker, provided “dumps,” a term which refers to stolen credit card data, to “carders”. “Carders” are the people who buy, sell, and trade stolen credit card data online. This video provides an example of an online forum where stolen data is bought and sold. Gonzalez pleaded guilty to his crimes and will be serving the next fifteen years in jail. He and his gang used a combination of schemes that have caused a significant increase in counterfeit fraud.

Hackers rely on a variety of techniques to obtain credit card data. One such technique is wardriving, in which criminals hack into wireless networks and install spyware. Another is phishing, in which spoofed emails prompt the victim to enter account information. Phexting or smishing are similar to phishing, but with text messages instead of emails. Some hackers use keylogging software to spy on victims’ PCs. Others affix devices to the faces of ATMs and gas pumps in order to skim credit and debit card data.

Gonzalez and his gang used another, more advanced technique known as an “SQL injection.” SQL stands for “Structured Query Language.”  The term refers to a virus that infects an application by exploiting a security vulnerability. WordPress, a blogging platform, is an example of a commonly used application that has been found vulnerable to these types of attacks. There are hundreds of other applications that can fall victim to an SQL injection.

IBM Internet Security Systems discovered 50% more web pages infected in the last quarter of 2008 than in the entire year of 2007. In 2005, a now defunct third party payment processor called CardSystems suffered an SQL injection, compromising a reported 40 million credit cards.

While Gonzalez has gone down, carders are still very active. A group of white hat hackers that calls itself War Against Cyber Crime recently succeeded in breaking into Pakbugs.com, a Pakistan-based carder forum, and published a list of members’ login details and email addresses. Pakbugs.com has since dropped offline.

With 213 million cardholders and 1.2 billion credit cards in the U.S., there’s no shortage of opportunity for carders to maintain their current pace. When a carder uses one of your existing credit cards, it’s called “account takeover.” When they use your personal information to open up new credit accounts in your name, it’s called “new account fraud” or “application fraud.”

1. Protecting yourself from account takeover is relatively easy. Simply pay attention to your statements every month and refute unauthorized charges immediately. I check my charges online once every two weeks. If I’m traveling extensively, especially out of the country, I let the credit card company know ahead of time, so they won’t shut down my card while I’m on the road.

2. Protecting yourself from new account fraud requires more effort. You can attempt to protect your own identity, by getting yourself a credit freeze, or setting up your own fraud alerts. There are pros and cons to each.

3. Invest in Intelius Identity Protection and Prevention. Because when all else fails you’ll have someone watching your back.

Includes:

·         Triple Bureau Credit monitoring – monitors changes in your credit profiles from Equifax, Experian and TransUnion-includes email alerts of any suspicious changes

·         Social Security Number and Public Record Monitoring – monitors the internet and public sources for fraudulent social security number, aliases, addresses, and phone numbers

·         Junk Mail Reduction – stop identity thieves from using personal information from your mailbox, trash or even phone calls by eliminating junk mail, credit card offers and telemarketing calls

·         Neighborhood Watch – includes a sex offender report, list of neighbors and a neighbor report on each of your neighbors

·          Identity Theft Specialists  – if in the unlikely event you become a victim of identity theft our Identity Theft experts will work with you to restore your identity and good name

·         Credit Report Dispute – if you find errors on your credit report we will help you resolve them quickly

·         Protection Insurance and Specialists -Identity Protect has you covered with up to $25,000 in Identity Theft Recovery Insurance and access to Personal Identity Theft Resolution Specialists.

Robert Siciliano Identity Theft Speaker discussing credit card and debit card fraud on CNBC