Growing up in and around Boston, Massachusetts, I encountered enough urban crime to understand the importance of self-defense from an early age. I studied several forms of defensive training and soon began a career helping others improve their own personal safety. My life became a study of the fundamental principles of personal security, particularly in regard to violence and theft prevention.
I’ve Been a Victim Too
In the mid ‘90s, my small business qualified for merchant status and began accepting Visa, MasterCard and American Express. Within weeks my business received its first fraudulent credit card order. Because the money was ultimately coming out of my pocket, I subsequently tracked the criminal down at home, and over the years I went on to investigate and expose many others who had targeted my business.
A Friend’s Story
Around the year 2000, a good friend’s identity was stolen. A woman had stolen her mail and used her personal information to open a charge card at a local retail chain. My friend got a phone call notifying her that $3000.00 in curtains were ready for pick up. At the time, identity theft was so new that law enforcement wasn’t sure how to respond. But after we found out where the curtains were supposed to end up, law enforcement checked on the address and discovered that the woman who lived there had 45 prior convictions for fraud. She was arrested and eventually prosecuted, but only received a one year suspended sentence.
My Life’s Mission
I knew then that identity theft was on its way to becoming a major ongoing threat. From the late 90’s up through the present I’ve witnessed the exploding growth of identity theft fueled by Internet access, the overuse and availability of Social Security numbers, the speed of technology outpacing that of security, and a fundamentally flawed system of identification.
Personal security has evolved beyond smash and grabs in the physical world to criminal hackers and identity thieves in the virtual world. This new breed of criminal is savvy and technologically proficient, and is able to find the holes and flaws in our existing systems. The rise of the identity thief has resulted in a global crisis, in which anyone can pose as anyone else, at any time, for any reason. From simple credit card fraud to an adult stealing a child’s identity or a terrorist using your data to enter the country, identity theft is as close as it gets to the perfect crime.
Twitter phishing is a growing problem and is spreading through a virus. Twitter accounts that have been hacked are spreading a link with a request to click on and download a video.
Some Twitter phishing involves Twitter porn. Today Ena Fuentes, who’s definitely a hot little number, started following me on Twitter and wants me to check out her new pics. Problem is Ena is probably controlled by a dude from some little village in an oppressed country who’s using dumb human libido to snare his intended victims.
The Register reports users who follow these links are invited to submit their login credentials via a counterfeit Twitter login page (screenshot via Sophos here). In the process they surrender control of their micro-blogging account to hackers, who use the access to send out a fresh round of phishing lures.
In the past, compromised accounts have sent pictures and links to spoofed websites. The new attacks mimick email address book attacks when the compromised account sends direct messages to the users followers. Twitter only allows direct messages to those who are following you.
When clicking links and downloading whatever intended multi media file, the unsuspecting victim may end up with a virus that spreads a keylogger and/or harvests user login details. Criminals know many internet users have the same passwords for multiple accounts.
Shortened URLs that are necessary to keep tweets within the 140 character limit help mask these scams. As explained by NextAdvisor:
“Whenever a complete URL is too long or cumbersome, many users turn to URL shortening services like TinyURL. Unfortunately, a condensed URL that appears harmless can easily lead to a malware download or phishing site, rather than the destination you were expecting. What appears to be a link to a friend’s home video may actually be pointing you toward the Koobface virus. Hackers can target a single URL shortening service and intentionally misroute millions of users.”
How to protect yourself:
Don’t just click on any link no matter where it’s coming from. Attackers understand a person is more likely to click a link from someone they know, like and trust. If someone direct messages you requesting you click something, their account may be in control of a criminal.
Before you click on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.
Change up your passwords. Don’t use the same passwords for social media as you do for financial accounts.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
In 2007, a U.S. couple fell victim to identity theft when a criminal accessed their online bank account and stole $26,500 from a home equity credit line. The money was transferred to an Austrian bank that refused to return the funds to Citizens Financial Bank. So Citizens Financial informed the couple that they were liable for the loss. When the couple refused to pay, the bank notified the credit bureaus that their account was delinquent and threatened to foreclose on their home. So the couple sued the bank, claiming violations of the Electronic Funds Transfer Act and the Fair Credit Reporting Act, as well as accusing the bank of negligence.
Who should be held responsible? Well, the jury’s out. Literally.
Did the couple accidentally give their data to a phisher? Were they dumb, or was it just bad luck? Was their Internet security software up to date? Does that matter? Should the bank activate their zero liability policies and simply chalk it up to a loss? I’m a big believer in personal responsibility. However, if the bank offered a system that can be easily defeated then maybe they should take some responsibility.
White hat hackers are struggling to stay one step ahead of the criminals. There are more ways to compromise data today than ever before. Viruses quadrupled in one year, from just over 15,000 in 2007 to nearly 60,000 in 2008. Black hat hackers are out in full force.
In 2000, the white hats were supposedly about a year ahead of the black hats in technology, meaning that it should take about a year for the black hats to hack the white hats. Other research shows that by 2004, the black hats were about two weeks behind the white hats. And now here we are in 2009. In many cases, the black hats are years ahead of the white hats. The good guys are losing.
Many new viruses may already be on your hard drive, dormant, waiting for a signal to activate. They may be Trojans, waiting to strike when you log on to your online bank account.
We tend to have numerous viruses in our own bodies, which take control once our immune system is weak, or when they come into contact with one another. Similarly, your PC may have viruses lurking within. It’s easy for a PC to catch a virus when we simply visit a website, click on a link or download a program that we believe to be safe.
The technology of the criminal hacker has evolved, and is continuing to evolve faster than that of the white hats. This means you have to be on your game. Stay informed, and don’t let your guard down.
1. Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
2. Invest in Intelius Identity Theft Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
3. Make sure your McAfee anti-virus is up to date and set to run automatically.
4. Update your web browser to the latest version. An out of date web browser is often riddled with holes worms can crawl through.
5. Check your bank statements often, online, at least once a week.
The feds are getting better at busting criminals every day. Seventeen criminals, many from Eastern Europe, pilfered more than 95,000 stolen credit card numbers and $4 million worth of fraudulent transactions.
The New York Times reports the men were involved in a vast conspiracy known as the Western Express Cybercrime Group, which trafficked in stolen credit card information through the Internet and used it to create forged credit cards and to sell goods on eBay. They used digital currencies like e-gold and Webmoney to launder their proceeds.
Several of the scammers — Viatcheslav Vasilyev, Vladimir Kramarenko, Egor Shevelev, Dzimitry Burak and Oleg Kovelin — were charged with corruption. Vasilyev, 33, and Kramarenko, 31, were arrested at their homes in Prague, have been extradited to Manhattan. Shevelev, 23, was arrested in Greece last year, is still awaiting extradition. Burak, 26, a citizen of Belarus and Kovelin, 28, a citizen of Moldova have not been arrested
Vasilyev and Kramarenko recruited work from home employees to advertise and sell electronics on eBay. When someone would purchase an item, the two men would pocket the buyer’s payment, give a cut to their recruit, then use a stolen credit card number to purchase the item from a retail store and send it to the buyer. In essence, they used eBay to obtain a legitimate buyer’s credit card number through a legitimate channel and didn’t actually “hack” anything. They simply set up pseudo-fake auctions that, in most cases, delivered the product, but also obtained the victim’s credit card number and then made fraudulent charges.
Burak and Shevelev were “carders” who sold stolen credit card information on a website called Dumpsmarket and, probably, in chat rooms. “Dumps” is a criminal term for stolen credit cards and “carders” are the scammers who buy and sell them. Kovelin was a criminal hacker who stole victims’ financial information via phishing emails and more than likely used the victims’ own account information against them.
Protect yourself:
Check your credit card statements often, especially after using an online auction site. Refute unauthorized charged within 60 days to be made whole by the issuing bank.
Don’t just buy the lowest priced product on and auction site. Use auction sellers who have been approved my many and have a solid track record.
Anytime you ever receive an email asking for personal information, credit information, banking etc, do not enter it. Just hit delete. Often victims will receive and email from a trusted source like eBay directly to their account because they have been actively engaging the fraudulent auctioneer. eBays system doesn’t recommend giving your credit card information outside their network in an email.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
If there was ever a week to get high, totally drunk, on information security and identity theft scammers and hackers, then this is it! Media outlets everywhere have been pumping out story after story of data breaches, identity theft, criminal hackers and indictments! Yeah team! For a criminal hacker groupie, this is Woodstock!
Dark reading reports Eight defendants were arraigned in a Brooklyn court for allegedly using the stolen identities of AT&T, T-Mobile, and Asurion customers to steal some $22 million worth of wireless equipment and services. An indictment was unsealed in Brooklyn federal court yesterday morning charging Courtney Beckford and seven other defendants. When identity theft defendants named Courtney, Gabe, Marsha, Saul and Ron are involved in a $22 million identity theft scheme, then you know it’s just a matter of time until someone named Britney or Brad will get busted too! It’s the identity theft apocalypse!
ABC News reports that a former informant for the Secret Service was one of three men charged with stealing credit and debit card information from 170 million accounts in the largest data breach in history. The former informant, Albert Gonzalez of Florida, A.K.A “Segvec”, “SoupNazi,” and “j4guar17,” whose motto was ”Get Rich or Die Tryin’” was alleged to have been the ringleader of the criminal hacking operation of a prolific network that spans over five years of serious criminal activity.
Information week reports in the first half of 2009, the number of computer users affected by malware engineered to steal personal information has risen by 600% compared to the January through June period in 2008, according to PandaLabs. In quantitative terms, Panda reports identifying 391,406 computers infected with identity-theft malware in the first six months of the year. Identity thieves are also seeking sensitive information through a more diverse set of targets. Where previously financial data thieves focused on spoofing online bank sites to dupe users into entering login information, they have recently been targeting a variety of services where payment account information may be stored or entered, like PayPal, Amazon, eBay, or charity sites.
Cnet reports Rogue Facebook apps steal log-in data, send spam. Security firm Trend Micro warned on Wednesday that a handful of rogue Facebook apps are stealing log-in credentials and spamming victims’ friends. So far, six malicious applications have been identified: “Stream,” “Posts,” “Your Photos,” “Birthday Invitations,” “Inbox (1),” “Inbox (2)” according to a blog post by Trend Micro researcher Rik Ferguson. The activity started earlier in the week with a Facebook notification Ferguson says he got from an app called “sex sex sex and more sex!!!,” which has more than 287,000 fans. The notification said that someone had commented on one of his posts. That app doesn’t appear to be malicious and may have been compromised somehow to begin the distribution of the spam, he said.
USA Today reports Hackers harness Twitter to do their dirty work. A cyber gang has begun experimenting with setting up free Twitter accounts, then sending out Tweets from the popular micro-blogging service that are really coded instructions to botted PCs to carry out criminal activities. Anti-virus maker Symantec has isolated several samples of infected PCs carrying a unique new infection, dubbed “Sninfs.”
The PCs most likely got infected when their users unwittingly clicked to a tainted web page or on a corrupted link carried in an email or social network message, says Marc Fossi research and development manager at Symantec Security Response.
Protect yourself;
Don’t just sit back and get hacked. Arm yourself with anti-virus that runs automatically in the background and prevents “Courtney, Marsha and SoupNazi” from stealing your identity. Pick up McAfee’s Total Protection software and take control of your PC security.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
The Marines recently banned soldiers from using social media sites such as MySpace, Facebook and Twitter. This is for two reasons. First, because they fear that these sites’ lack of security may allow malware to infiltrate government computers. And second, they’re concerned about the potential for leaked military data. Military personnel are often prohibited from informing friends and family of their locations or missions, regardless of whether they’re communicating with handwritten letters, email, or the telephone. These measures are necessary to prevent leaks that would impede the soldiers’ missions and safety.
It’s no surprise that they have now banned social media. I recently reported on Sir John Sawers, the incoming head of MI6, the British equivalent of the CIA. His wife posted sensitive personal information to her Facebook page, including the address of the couple’s London apartment and the locations of their children and Sir John’s parents. Military personnel should held to a higher standard. We are talking about national security here, and we can’t risk leaks that could jeopardize lives.
Anyone who thinks this is absurd need only look at sporting events for confirmation of why this type of communication should be banned. Every time I watch a baseball or football game, when I see the coaches talking to players, or the pitcher talking to the catcher, they cover their mouths with a hand, glove or paperwork. Why? Because there are thousands of “lip readers” watching the event who are happy to report on what was just said in order to give the opposing team an advantage. You’d think after all these years covering their mouths, lip readers would just give up. But no, that’s not the case at all. There’s always someone watching, waiting, hoping for someone to screw up so they can give the other team an advantage.
Today, social media gives scammers an advantage. Somebody is always watching and waiting for an opportunity. Social media is built on trusting relationships. Scammers can exploit that trust to gather information that could be used in password attacks. If you ever forget your password and have to reset it, the answers to several of the security questions might already be available in your profile. And in many cases, the default privacy settings leave profiles open to anyone.
Security professionals were able to create a virus called ZombieSmiles, which gains control of the victim’s browser and allows the hacker to access supposedly private data through the Facebook API, including friends, groups, wall postings and applications. Facebook applications allow a third party to access your data, which opens a Pandora’s box of possibilities for hackers. So if you send me a Facebook application and I refuse, it isn’t because I’m being rude, it’s because I think that the potential risks simply outweigh the benefits. No offense. I just don’t want my identity stolen.
If you use social media and regularly update your status or profile with pictures, video, or information about your whereabouts or daily routines, please keep the following advice in mind:
Before you post anything online, think about what a hacker, stalker, employer, or potential employer could do with that data. Could an ex, who’s fighting for custody, use the data against you in court?
Don’t give away specifics. Don’t post your address, date of birth, kids’ names, pets’ names, phone numbers, or any account numbers or financial information of any kind. You really shouldn’t even post childrens’ photos online.
Do not tell the world you are going on vacation! Or if you’re just going to dinner or the beach and won’t be at your house for several hours, why would you let potential burglars know that you’re away?
If you’re a “partier” and like to imbibe, informing the world that you just smoked a joint is not only one of the worst things you could do for your career, it also makes all your friends guilty by association. And don’t announce that you’re hungover, because after the age of 23, you ought to know better.
Before posting pictures or videos, consider what a criminal or potential employer might see. Could they be used against you in any way?
If you let your kids use social media, you must monitor every aspect of their Internet activities. Pick up McAfee’s Family Protection software and take control of your childrens’ Internet use.
Take advantage of privacy settings and lock down your profile, so that only those who you approve can view everything.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
It wasn’t long ago that most phishing emails were from a supposed Nigerian General Matumbi Mabumboo Watumboo. And you and I were flattered that we were the chosen ones to help the general transfer 35 million out of the country, because the Nigerian government was a bunch of jerks and wouldn’t let him keep the inheritance his wife had inherited from her deceased uncle Bamboo.
Phishing continues to become more sophisticated, more effective, and more prevalent. According to a recent study, a 52% increase in phishing scams occurred in July alone. Computerworld reports that basic phishing emails successfully led to corporate bank accounts being completely drained. Criminal hackers waited until Pennsylvania schools administrators were on vacation, then used simple money transfers to liquidate over $440,000 between December 29 and January 2.
Much of the phishing that occurs today is “spear phishing,” in which the spammers concentrate on a localized target, generally an individual with control over a company’s checkbook. This insidious type of phishing occurs when a recipient clicks a link, either in the body of an email or on the spoofed website linked in the email, and a download begins. That download is almost always a virus with a remote control component , which gives the phisher full access to the user’s data, including user names and passwords, credit card and bank account details, and Social Security numbers. The malicious software can attach itself to the victim’s web browser, where it waits for the victim to log into a bank site before launching. When the victim does log into his or her bank account, the software sets up new payees and transfers money to the criminal hacker.
In the school hack, the software added 42 people to its payroll during Christmas break and quickly began paying them. The issuing bank received 74 transfer requests during the four day period.
When consumers’ bank accounts are emptied, federal regulations limit their liability to $50, as long as the victim reports the theft within a set time frame. But things are a lot more complicated for corporations and other entities. Whether or not the victim is responsible for the missing cash varies from bank to bank.
Protect your yourself.
This is an easy fix, rule #1 – don’t click on links in an email if you aren’t 100 percent sure of its legitimacy. Whenever I receive an electronic statement from a bank or credit card company I always go to my “favorites” menu or type in the address manually to get to the entities website to check my statement. I’m only 99.9% sure its legit, so I just take the extra step to go to my favorites.
1. Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
2. Invest in Intelius Identity Theft Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
3. Make sure your McAfee anti-virus is up to date and set to run automatically.
4. Update your web browser to the latest version. An out of date web browser is often riddled with holes worms can crawl through.
5. Check your bank statements often, online, at least once a week.
Robert Siciliano Identity Theft Speaker discusses phishing
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-08-19 06:04:122009-08-19 06:04:12Criminal Hackers Clean Out Bank Accounts Using Spear Phishing
Why? Because they don’t care! September is National Campus Safety Awareness Month, and I’m teaming up with Uni-Ball pens to urge college students to protect their personal safety and security. Uni-Ball pens and the Identity Theft Resource Center surveyed 1,000 college students and 1,000 parents. This Campus Security Survey revealed that while about 74% of parents believe students are at a moderate to high risk for identity theft, and 30% of all identity theft victims are between 18 and 29, only 21% of students are concerned about identity theft.
It’s no surprise that most college students are indifferent when it comes to their personal and information security. When you are in your late teens or early twenties, you feel a sense of invincibility. However, once you have a few years under your belt, you begin to mature and gradually realize the world isn’t all about keg parties and raves. Hopefully if all goes well, you adopt some wisdom by the time you’re 30.
Here are a few more interesting statistics from the Campus Security Survey.
89% of parents have discussed safety measures with their kids, yet kids continue to engage in risky behavior
40% of students leave their apartment or dorm doors unlocked
40% of students have provided their Social Security numbers online
50% of students shred sensitive data
9% of students share online passwords with friends
1 in 10 have allowed strangers into their apartments
Only 11% use a secure pen (which can prevent check washing fraud) when write checks
College students have always been easy marks because their credit is ripe for the taking. Students’ Social Security numbers have traditionally been openly displayed on student badges, testing information, in filing cabinets and databases all over campus. Landlords and those involved in campus housing also have access to students identifying information.
The study concluded, “Students who ignore their own personal security are not only putting themselves at risk for identity theft, they are also putting their parents at risk. While getting established in the real world, it’s common practice among college students to use their parents’ names, bank account numbers and other personal information to co-sign loans and leases, write tuition and housing checks, register online to receive grades and more. So when online criminals strike, they are often manipulating parents’ personal data, not just the students’.” Any parent sending their children off to college should be concerned.
How to protect yourself:
Lock your doors! The transient nature of college life means people are coming and going and thievery is more likely to happen. Just because you may come from a small town and do not lock your doors, that doesn’t make it okay at school.
Limit the amount of information you give out. While you may have to give out certain private data, refuse whenever possible.
Shred everything! Old bank statements, credit card statements, credit card offers and other account number bearing documents need to be shredded when no longer needed.
Lock down your PCs. Make sure your Internet security software is up to date. Install spyware removal software. Lock down your wireless connection. Use strong passwords that include upper and lowercase letters as well as numbers. And never share passwords.
Secure your signature. Use Uni-Ball gel pens to write rent checks and sign documents. They cost as little as $2 and contain Uni “Super Ink,” which is specially formulated to reduce document fraud and check washing, a popular form of identity theft.
Be alert for online scams. Never respond to emails or text messages that are purportedly coming from your bank. Always log into your bank account manually via your favorites menu.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. In most cases, this prevents new accounts from being opened in your name.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-08-12 14:47:562009-08-12 14:47:56College Students At Risk For Identity Theft
Throughout the past week or so, scammers from Nigeria, Belgium and the UK have been coming after me in full force, via Craigslist. Unfortunately, the popular online classifieds website has become a launchpad for criminal activity. Everything from online affinity or advance fee scams to baby killers and the Craigslist killer have hampered the website’s reputation.
I use Craigslist to find renters for an apartment that I own. Last year, scammers copied my advertisement verbatim, except for the contact information, which they replaced with their own, and the price, which they reduced by half. The scammer, who claimed to be the property owner, informed potential renters that he was in Austria, and instructed them to drive by the apartment, and to send him a deposit check if they liked the look of the place. Fortunately, I happened to be present when a couple came by, per the scammer’s instructions. We discovered the ruse and contacted Craigslist. The fake ads continued popping up, but after numerous emails to Craigslist, they were all removed.
Last week I posted a new ad, and within minutes, I received the following email:
Subject: RENTAL INQUIRY!!hope to hear from you soon
Hello Robert,
Let me know if the room/apt you advertise on craigslist.com is still available and let me know if you can accept certified cashier check as mode of payment..And the last price for the space.
I’m presently in Belgium.I will be coming immediately the place is vacant for me to move in.But the issue is that because of the distance i wont be able to come to see the place.Meanwhile let me tell you a ill about myself..I don’t smoke and I don’t have boyfriend.Am Sarah Smith and my nick name is SERA and am 26years old i lost my dad some years back when i was young so my mom had to remarry so she married to Mr Scott Michael who is my step dad now..He has been the one who has been taking care of me all this while i believe he is a God sent to me cux i have never regretted moment with him..Things i like are as follows reading,swimming and chatting with people around me and also make them happy..I have always been thinking of how i will affect peoples life positively by making donations to the less privileges cus when i looked at my pass when i lost my dad from the story my mom told me..I noticed it is not easy for people that as no parent.Well i hope when we meet in person you will know more about me..Meanwhile my step dad will need the followings to make payment to you ASAP..
1.Your name and surname.
2.Address in full with the zip code..
3.I will need your phone number
I wait to have this information from you so that my step dad can make payment for the rental fee and security deposit in advance … I Await to hear from you….
Hope to hear from you pretty soon.
Thanks, SARAH
It’s easy to dissect this scam. The person who sent this email has two goals. First, the scammer wants to build a relationship with his or her mark. He or she provides a (horribly written) story in an attempt to establish trust. The victim is then more likely to fall for the scam, following the scammer’s instructions and conducting the necessary financial transactions. Many victims are foolish enough to provide account numbers or other personal identitifying information. Second, the scammer is setting up an affinity, or advance fee scam. In such a con, the scammer mails you a check. You deposit this check in your bank account, and it temporarily clears. In that limited window of time, the scammer will request that you return some or all of the money. He may claim to have changed his mind about renting or buying from you, or that he accidently made the original check out for more than the agreed upon sum. So you wire the money back. Within a day or two, the bank calls to let you know that the original check was counterfeit. So you’ve lost the money you wired to the scammer.
How can you protect yourself from scams like this, or other scams that take advantage of online classified ads? Use common sense, be smart, and pay attention. If you do that, you won’t fall for these types of cons.
When we were young, our parents told us not to talk to strangers. Strangers are not yet part of our trusted circle. So don’t trust them! There’s no benefit to paranoia, but being a little guarded can prevent you from stumbling into a vulnerable situation. Since predators use online classifieds to lure unsuspecting victims, you should find out as much as possible about strangers who contact you. Use Google or iSearch.com to investigate names and email addresses.
Whenever possible, deal locally. People who cannot meet you in your town are more likely to be scammers. And even when you do meet in person, you should be wary.
Never engage in online transactions involving credit cards, cashier’s checks, money orders, personal checks, Western Union, MoneyGram or cash, that require you to send money to a stranger in response to money they have sent you. This is an advance fee scam.
Be smart. Don’t disclose your financial information, including account or Social Security numbers, for any reason. Scammers will say anything in order to get this information.
Prevent check fraud. When sending checks in the mail, you want to prevent “check washing,” which occurs when they recipient alters the name of the payee and increases the dollar amount, draining your checking account. Something as simple and inexpensive as a select uni-ball pen can help. These pens contain specially formulated gel ink (trademarked Uni-Super Ink™) that is absorbed into the paper’s fibers and can never be washed out.
Secure your PC. Make sure your PC is protected with McAfee anti-virus software and all your critical security patches in your operating system are up to date.
Protect your identity. You can’t prevent all forms of identity theft. However you can significantly reduce your risk by making a small investment in your personal security by investing in Intelius Identity Protect or considering the options described in this blog post.
As opening new lines of credit becomes more difficult, identity thieves are gravitating toward check fraud.
Check fraud is a billion dollar problem. As predicted by the Identity Theft Resource Center, check fraud, which accounted for 12% of financial crimes in 2007, increased to 17% in 2008. According to the American Bankers Association Deposit Account Fraud Survey Report, $969 million were stolen via check fraud in 2006, up from a reported $677 million in 2003. Of the $969 million dollars lost to check fraud, 38% was stolen through return deposit scams, 27% was stolen using cloned checks, 28% was stolen using counterfeit checks, and 7% was stolen by altering or washing checks.
In an article in The New York Post, a brazen ring of thieves enlisted crooked bank tellers to run a check fraud scheme that was brought down when the crooks made the mistake of forging checks from a NYPD account. Two criminal hacker ringleaders organized the counterfeit scam, using 950 “soldiers,” or “mules,” to deposit and cash counterfeit checks, netting them millions of dollars. Three bank tellers were involved, stealing and selling customer profiles which included names, Social Security numbers, and account numbers. Insider identity theft of this kind accounts for up to 70% of all instances of identity theft.
Check fraud victims include banks, businesses and consumers themselves. Our current system for cashing checks is somewhat flawed. Checks can be cashed and merchandise can be purchased even when there is no money in the checking account.
I presented a program on motivation and self-improvement at a women’s prison in Massachusetts a few years back. I requested a little background on the women I was speaking to, just because I watch too many movies and I wanted to know if there was any possibility I’d get shanked. The case worker informed me that about 80% of the women were incarcerated for check fraud and shoplifting. It seems that when some people get a checkbook, they consider it an opportunity to print money.
There are numerous forms of check fraud:
Forged signatures are the easiest form of check fraud. These are legitimate checks with a forged signature. This can occur when a checkbook is lost or stolen, or when a home or business is burglarized. An individual who is invited into your home or business can rip a single check from your checkbook and pay themselves as much as they like. Banks don’t often verify signatures until a problem arises that requires them to assign liability.
Forged endorsements generally occur when someone steals a check and cashes or deposits it. There’s really nothing anyone can do to protect themselves from this, aside from guarding their checks and going over their bank statements carefully.
Counterfeit checks can be created by anyone with a desktop scanner and printer. They simply create a check and make it out to themselves. In order to prevent your checks from being counterfeited, make sure you shred all canceled checks before throwing them away, and be sure to lock up any checks in your home or office. Consider a locked mailbox so nobody can access your bank statements. You should also seriously consider using online banking exclusively, and discontinuing paper statements.
Check kiting or check floating usually involves two bank accounts, where money is transferred back and forth, so that they appear to contain a balance which can then be withdrawn. A check is deposited in one account, then cash is withdrawn despite the lack of sufficient funds to cover the check. In this case, it’s generally the bank or whoever cashed the check that gets burnt, unless they are able to go after the person who used their own account.
Check washing involves altering a legitimate check, changing the name of the payee and often increasing the amount. This is the sneakiest form of check fraud. When checks or tax-related documents are stolen, either from the mail or by other means, the ink can be erased using common household chemicals such as nail polish remover. This allows the thieves to endorse checks to themselves. In this case, something as simple and inexpensive as a select uni-ball pen can help. Select uni-ball pens contain specially formulated gel ink (trademarked Uni-Super Ink™) that is absorbed into the paper’s fibers and can never be washed out. The pen costs two bucks and is available at any office supply store.
If you write a check to pay a bill and then put it in your mailbox for the postal carrier to deliver, you put yourself at a higher risk for check fraud. Thieves see that red flag up and go phishing for checks. I suggest using a uni-ball pen and taking checks directly to the post office, or dropping them in a big blue mailbox.
If you plan to do any online banking, which millions do, make sure your PC is protected with McAfee anti-virus software and all your critical security patches in your operating system are up to date.
