Credit Card Fraud isn’t the same as Identity Theft

Just as important as taking down the decorations, throwing out all the debris from opened gifts and getting the house back in order after the holiday activities, is that of scrutinizing your credit card statements.

2CWhy? To make sure that all the purchases on there were made by you and only you. The holiday season means more credit card use = more identity theft. In this case, it’s “account takeover.”

The crook gets your credit (or debit) card information in one of several ways: digging through trash to get credit card information; tampering with ATMs; hacking; and perhaps the thief is the person you gave the card to to pay for your restaurant meal.

Yet another way the thief could get you is to obtain a new credit card line—using your name, address and Social Security number. He maxes out his new card and doesn’t pay the bill. One day you get a call from a collection agency, along with knowledge that your credit has been ruined. This is called “new account fraud”

Account takeover can be discovered via unauthorized charges on your statements, or the thief’s spending habits may alert the company (via its anomaly detection software) to something suspicious, such as a lot of spending halfway across the globe one hour after you purchased something in your home town.

You have 60 days to report suspicious activity to save yourself from paying the unpaid bills. The zero liability policy protects you. The most you’ll pay out is $50. But if you delay reporting the fraudulent activity, you’re screwed.

Thus, you must make time to just sit down and look over every charge on your statements, even if this means that the only time you have to do it is when you’re on the toilet. But you DO have time. You have time to read someone’s drivel on Facebook or something about Duchess Kate’s hair…you certainly have time to read your card statements every month.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention.

Synthetic Identity Theft hard to detect

A criminal can do a lot with “only” your Social Security number, says a report from darkreading.com. Okay, so he doesn’t have the name that goes with the number. Big deal—he’ll just make one up to go with it! This is called synthetic identity theft.

10DAnd this crime has proven worthwhile for the crooks. Nowadays, there’s an increased risk for this crime, says a report by ID Analytics. This is because thieves exploit new SSN randomization practices, says Dr. Stephen Coggeshall, author of the report, and chief analytics and science officer for ID Analytics.

In 2011, the SS Administration began issuing the numbers randomly rather than by pattern to help protect against ID theft. This change has backfired because it trips up anti-fraud technology that’s supposed to spot when a number, that was issued a few years ago, is linked to a phony identity.

The implementation of chip-and-pin cards will fuel the risk and growth of synthetic ID theft. Chip-and-pin point-of-sale transactions will inspire ID theft specialists to figure out new fraud tactics. And they will. They always will. They’re not dumb.

The ID Analytics report says that this crime goes undetected for long stretches because there’s no specific consumer victim. Like, who’s Alekksandreya Puytwashrinjeku? Or, who’s John Smith? Alekksandreya will open up small accounts just to get some credit going under “her” name. The next step is to apply for a big loan—that will never be paid.

The long-term nature of undetection allows the criminal to generate increasingly larger credit limits when compared to the typical ID theft case, says Coggeshall.

As you can see, there’s no actual consumer victim, but instead, the victims are the banks, along with the companies that offer the products that are illegally obtained by the fraudsters. The U.S. government is also a victim. The report explains that over a time period of three years, nearly 1.4 percent of tax returns seemed to be synthetic, costing the government $20 million.

You don’t hear much, if at all, about synthetic ID theft, but the report also points out that a credit card issuer did an analysis and discovered that over a three year period, about two percent of the total application volume consisted of this type of crime.

Still, an identity that incorporates identity theft protection is less likely to be victimized and more secure. And synthetic identity theft can sometimes be detected by a protection service.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

7 Things You Can Do To Protect Your Identity

One of my favorite commercials is a guy working out with his personal trainer. The trainer asks him if he’s been eating his vegetables every day. When he replies, “When I can,” the trainer bops him on the head. He could have had a V8!

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Just like the man thought that eating his daily vegetables would be hard, sometimes protecting your identity seems like a chore. But it doesn’t have to be that way. Here are 7 “duh” steps you can take to protect your identity this holiday season and all year round.

  1. Inspect credit card statements. Make a habit of regularly looking through your credit card statements for strange looking activity. If you notice just one unauthorized charge, assume that someone out there will strike again, and again and again—unless you take immediate action and contact your credit card company.
  2. Shred documents with personal information. Thieves will rummage through your garbage and recycling searching for intact documents that show Social Security numbers, credit cards and bank account information, etc. The next best thing to a cross-cut shredder is scissors. Shear up anything that could be revealing, including credit card purchase receipts.
  3. Review your credit reports. At least once a year, review your credit reports from the three major bureaus. This way you’ll be able to spot any suspicious actions, such as a thief opening a credit card account in your name.
  4. Credit freeze. If you’ve been a victim of identity theft, you might want to consider putting a freeze on your credit.While this will prevent you from getting loans or credit cards until you unfreeze it, this will also block criminals from opening accounts in your name and smearing your credit.
  5. Limit accessibility. In addition to using a shredder or scissors, consider getting a safe where you can store sensitive documents and limit the number of credit cards you carry with you. Have a list of important phone numbers (e.g., bank, credit card companies) already made up, in the event that you need to contact them immediately upon realizing you have lost or someone has stolen your identity or your physical credit cards, wallet, etc. 
  6. Password protection. If your device is lost or stolen, will someone be able to simply pick it up and access all your data? They won’t if it is password protected. Don’t use your cat’s name as your password; rather create a complicated password with upper and lower-case letters and numbers.
  7. Use comprehensive security software. It is essential that all your digital devices have updated security software, like McAfee LiveSafe™ service that can safeguard your data and protect against identity theft.

For more tips on protecting your identity, check out the Intel Security Facebook page or follow them on Twitter.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Identity Theft of the Dead affects the Living

You don’t have to be living to have your identity stolen. Every year in America there’s 2.5 million cases of ID theft involving the deceased. And while your first reaction might be “So what, I’ll be dead and I won’t care”, you need to keep in mind that identity theft of the dead often significantly affects the living. How can this be prevented or at least, minimized?

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Shut Down Social Media

Though it’s hard to do, closing down the decedent’s Facebook page will contribute to preventing ID theft.

Contact the Social Security Administration

This agency has a “death master file” of the SS numbers of deceased people that should be rendered inactive. This way a thief can’t use the number. Don’t wait for a funeral director to do this (though that’s their job); do it yourself for faster results.

Obits

When composing an obituary, people should post very little information. Crooks actually read these in search of a possible ID theft victim. The information to leave out includes names of survivors, complete addresses and professional history.

Receiving Bills

If a decedent’s identity has been hijacked, a survivor may begin receiving bills in that person’s name…and eventually, calls from collection agencies. “The problem isn’t so much financial — it’s emotional,” says Maria Cordeiro with the Chubb Group of Insurance Companies in an article from business-news.thestreet.com. You may have to be dragged through the pain of proving that your deceased loved-one is, in fact, no longer around.

How do you fix this problem?

  • Get all the needed documentation together, because you’ll need to send it out to any entity that requires it for proof.
  • Obtain a credit report prior to the person’s death. Of course, this works in cases of a diagnosed terminal condition versus accident. Once you have the person’s credit report, then six months after death, obtain another for comparison, says Cordeiro. The decedent’s name and SSN, six months later, should be in the death master file.
  • Do some credit monitoring. This is easier than obtaining a credit report for someone who’s dead.
  • Do a credit freeze. For a small fee, the credit report gets frozen shut, preventing a thief from opening a new account.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Feds Perp Social Media Identity Theft

A federal agent impersonated a woman without her knowledge; he created a Facebook page in a woman named Sondra, and the Justice Department is defending him. In addition, he posted racy photos of her, from her cell phone, to the site. The site was being used to connect with suspected criminals.

14DSondra learned of this when a friend wondered about the photos on the FB page; Sondra didn’t even have an FB account. The agent is with the U.S. Drug Enforcement Administration.

Seems like he was simply doing what he had to do, because prior, Sondra had been arrested for suspicion of drug ring involvement. While she was awaiting trial (and ultimately was given probation), the agent created the Facebook account.

“The incident at issue in this case is under review by Justice Department officials,” states Brian Fallon, the Justice Department’s top spokesperson. Facebook’s terms of service do not exempt undercover agents from term violations, one of which is posing as another person.

Facebook removed the page once news broke. This case doesn’t compare to when detectives go undercover in person, posing as a fictitious character or a real person who authorizes the impersonation. Sondra is real, and she didn’t know about this.

The defense claims that Sondra indeed consented because she granted access to the data in her phone. A privacy expert points out, however, that this is parallel to granting detectives permission to search your house for drugs, but then they steal photos in your bedroom and post them online. Furthermore, the agent posted photos of Sondra’s minor son and niece.

But is Sondra any angel herself? She pled guilty to conspiracy to distribute cocaine in February 2011, but was slapped on the wrist because apparently, she wasn’t a key player in the ring. Really this shouldn’t matter.

It is necessary for law enforcement to use any means necessary and legal to capture bad guys. However there must be a better way to create a social profile, such as using a stock photo or even a computer generated one. The technology is readily available to make this happen.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Security is Everyone’s responsibility

In the movies, the good guys always get the bad guys. In cyber reality, no such thing exists.

1DA survey of 5,000 IT security professionals turns up the following:

  • 63% doubt they can stop data breaches.
  • 69% think threats slip through the cracks of their security systems.
  • 57% believe their company lacks protection from advanced attacks.
  • 80% think their company’s leaders fail to connect the dots between a data breach and potential profit loss.

A survey of customers shows:

  • 59% are quite concerned about credit and debit card information theft.
  • 57% are very concerned about ID theft.
  • About 60% believe that a data breach involving their credit card or personal details would make them less likely to conduct business at a store or bank they usually use.

That last point leads to reputation smearing and loss of customer trust. But what about customer responsibility when it comes to security breaches? The “blame the customer” mentality seems more appropriate in the workplace when employees bring to work their own devices to assist in their jobs. This lets the data-breach cat out of the bag.

Though a significant percentage of employees have admitted (in surveys) to having a security problem with their device, a remarkably small percentage of these users felt compelled to report this to their boss. A very statistically significant number of employees who bring their devices to work haven’t even signed a formal contract that outlines security procedures. The bottom line is that taking security seriously is a rare find among employees who do the BYOD thing.

Another survey turned up an unsettling result: 76% of the 700+ consumers (who were affected by a breach) who were surveyed experienced stress from the event—but more than half didn’t even take steps to prevent ID theft afterwards.

Maybe this complacency can be in part explained by the fact that the losses from breaches are mostly absorbed by the companies involved.

The consumer, customer and employee need to step up to the plate and do their fair share of taking security measures seriously, rather than sitting back and letting businesses and banks take the entire burden.

It’s like getting attacked by a shark. Is the shark entirely to blame if the swimmer jumped into water near a sign that says “Beware of Sharks”? Then again, someone has to take the responsibility of putting the sign there in the first place…

All entities must pull together, stop finger pointing and accusing, and try to get a step ahead of the real villains.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

What is Criminal Identity Theft?

Identity theft gets all kinds of buzz in the news. It’s not hard to see why—in 2012, over 16.6 million Americans were victims of identity theft. What most people don’t know is that identity theft is much more than just stealing your credit card number. In other posts, I discussed how thieves use your identity to get free healthcare or your child’s identity to apply for credit. Today, I want to introduce you to another kind of identity theft—criminal identity theft—where the criminal uses your identity to make you look like the criminal.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Criminal identity theft involves impersonation and it’s the worst kind of identity theft and the hardest to clean up. You don’t want to end up like Jason Bateman’s character Sandy Patterson, in the movie Identity Thief, where his identity was stolen and used by another individual and he finds out because he owes a bunch of money and has a warrant out for his arrest.

Basically, a thief takes over your identity and assumes it as his or her own. But instead of using your identity to access your bank account or apply for a credit card, the thief uses your identity to commit crimes and get off scot-free.. How? They can give your personal information (like your name, identification number, or date of birth) to law enforcement officials during an investigation or an arrest. They could also use your information to create fake identification for themselves.

Criminal identity theft can lead to a very nasty headache for you. A thief could get caught for a traffic violation or a misdemeanor and sign the citation with your name. Then you get stuck paying those annoying fees and fines. If a thief uses your name when getting arrested for a crime, you could end up with a criminal record, which could affect your ability to get a job or buy property. Another case is when the thief commits a crime using your identity, and then a warrant is issued for your arrest.  But instead of looking for the criminal, they are looking for you—you could have a warrant out for your arrest and not even know it!

Criminal identity theft can have some pretty drastic consequences. Here’s some ways to protect yourself from this dastardly form of identity theft:

  • Shred all sensitive documents. This can prevent thieves from getting their hands on your personal information.
  • Report missing identification cards. Most criminal identity thieves get your information from stealing your driver’s license or other personally identifiable information (PII) like Social Security numbers or Identification cards. If you report a missing driver license, your state might flag your license number and in the event that another driver is pulled over by law enforcement and presents your license as their own they could be questioned for further information
  • Get a background check on yourself. If you feel like someone may be impersonating you, get a background check done. This can be done via online services or by a private investigator.
  • Check State and National criminal databases. Search your name in criminal databases like the FBI’s National Crime Information Center (NCIC) database to see if you have a criminal record.

Stay safe!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

2 Ways to Prevent Military Identity Theft

You’d think that servicemen and women would be better protected than civilians from identity theft, but their risk is higher, since their Social Security numbers are used so often and also abroad. In Iraq, it’s painted on their laundry bags!

2DOhio wants to introduce a bill to stifle military ID theft.

When a military individual has damaged credit and accumulated debt, they are subjected to disciplinary action. ID theft can delay or cancel a military person’s deployment and lead to revocation of security clearances.

The FTC says that ID theft among service individuals is on the rise. Last year, 22,000 filed complaints of ID theft. In Ohio, this crime jumped 20 percent between 2012 and 2013.

The proposed Ohio bill would raise the penalties for ID theft against active-duty members and their spouses. The bill would also allow the victims to file civil actions against the thieves.

New Jersey is also considering a bill that would increase the penalty for ID theft of veterans. New York and Illinois have already passed stronger penalties. North Carolina bans the release of military discharge documents.

All along, the SSN was printed on a service member’s military ID card, which was used all over the place. In 2008, the Department of Defense began removing the numbers. In 2012, they implemented removal of the SSNs from the card barcodes. These changes won’t be completed till 2017.

What can military personnel do to protect against ID theft?

Two things that service members can do is get active duty alerts and security freezes, but it would be simpler to use these tools one at a time.

The active duty alert, which is free, is done one year at a time after contacting one credit bureau. You can remove this at any time.

The security freeze, once in place, is indefinite unless you decide to remove it. It requires contacting three credit bureaus and is free online to North Carolina residents.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

3 Stupid Simple Tips to protect your Identity

For anyone who goes online, it’s impossible to hack-proof yourself, but not impossible to make a hacker’s job extremely difficult. Here are three things to almost hack-proof yourself.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Two-factor authentication. Imagine a hacker, who has your password, trying to get into your account upon learning he must enter a unique code that’s sent to your smartphone. He doesn’t have your smartphone. So he’s at a dead-end.

The two-factor authentication means you’ll get a text message containing a six-digit number that’s required to log into your account from someplace in public or elsewhere. This will surely make a hacker quickly give up. You should use banks and e-mail providers that offer two-factor. Two factor in various forms is available on Gmail, iCloud, PayPal, Twitter, Facebook and many other sites.

Don’t recycle passwords. If the service for one of your accounts gets hacked, the exposed passwords will end up in the hands of hackers, who will invariably try those passwords on other sites. If you use this same password for your banker, medical health plan and Facebook…that’s three more places your private information will be invaded.

And in line with this concept of never reusing passwords, don’t make your multiple passwords sound schemed (e.g., Corrie1979, Corry1979, Corree1979) for your various accounts, because a hacker’s penetration tools may figure them out.

Use a password manager. With a password manager, you’ll no longer be able to claim not being able to remember passwords or “figure out” how to create a strong password as excuses for having weak, highly crackable passwords. You’ll only need to know the master password. All of your other passwords will be encrypted, penetrable only with the master password.

A password manager will generate strong passwords for you as well as conduct an audit of your existing passwords.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Tonight’s Special Guest: McAfee’s Most Dangerous Celebrity of 2014

After a long day of hard work, there’s nothing like coming home, throwing on some PJs, and watching some good old late night television. I love catching up on all the latest news and watching celebrities like Kaley Cuoco-Sweetin discuss the celebrity photo hack (what can I say? I’m a security junkie).

Dangerous Celebrity of 2014It seems like we’ve always had a fascination with the lives of the rich and famous. In the 1700s, people gathered to watch the every move of the King of France, from getting out of bed to changing his underwear. Page Six, the gossip column, used to be the must-read page in the New York Post. Now, in the age of social media, following our favorite celebrities’ comings and goings is even easier. All we have to do is go on Twitter to get the latest about Jayoncé.

Unfortunately, our obsession with celebrities can get us into trouble on the Web. Cybercriminals love to take advantage of our interest in celebrities for malicious means. They use hot celebrity news, like updates on Ryan Gosling and Eva Mendes’ baby, along with the offer of free content to lure you to malicious sites that could steal your money or personal information or install malware.

There are some celebrities who are more likely to lead you to bad stuff than others. Today McAfee announced that Jimmy Kimmel, the host of Jimmy Kimmel Live!, is the 2014 Most Dangerous Celebrity™. McAfee found that searching for the latest Jimmy Kimmel videos and downloads yields more than a 19.4% chance of landing on a website that tested positive for online threats.

Here are the rest of the celebrities that round out this year’s Top 10 Most Dangerous Celebrities list.

 

History tells us we probably aren’t going to get over our fascination with celebrities anytime soon. But there are some things you can do now to stay safe online while you’re reading about your favorite personalities.

  • Be suspicious. If a search turns up a link to free content or too-good-to-be-true offers, be wary
  • Check the web address. Look for misspellings or other clues that the site you are going to may not be safe (for more on this, read my blog on typosquatting)
  • Search safely.Use a Web safety advisor, such as McAfee® SiteAdvisor® that displays a red, yellow, or green ratings in search results, alerting you to potential risky sites before you click on them
  • Protect yourself. Use comprehensive security software on all your devices, like McAfee LiveSafe™ service, to protect yourself against the latest threats

Help Spread the Word!
In order to continue to promote safe celebrity searching, McAfee will be running a sharing sweepstakes. Help others stay educated about staying safe online by sharing Most Dangerous Celebrities content and you could  win a Red Carpet Swag Bag that includes a Dell Venue™ 7 tablet, Beats Solo 2.0 HD headphones, a subscription to McAfee LiveSafe service along with other goodies. You must be 18 or older and reside in the United States in order to participate. Learn more here.

While it’s fine to get your fix of celebrity gossip , remember to be safe when doing so.

To learn more about Most Dangerous Celebrities, click here or read the press release, use the hashtag #RiskyCeleb on Twitter, follow @McAfeeConsumer or like McAfee on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.