Posts

Identity thieves bombarding Call Centers

One out of 2,900 seems very small, but when there’s a total of 105 million…then this percentage stacks up in the end. It represents the frequency of calls from fraudsters made to call centers in an attempt to get customer account details so they could steal.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Many times these crooks will succeed by conning phone operators into altering personal details. The thieves will then commit ID theft, gaining access to customer information and even changing customer contact information so that the victims cannot receive alerts.

These clever cons spoofed their phone numbers to avoid detection, and used software to alter their voices, even the gender sound.

Research into the 105 million calls also unveiled that the fraudsters keyed in stolen Social Security numbers in succession until they got a bull’s-eye: a valid entry for an unnamed bank. They then tricked the victim into revealing personal data.

One expert says that if contact phone channels were monitored, this could predict criminal behavior two weeks prior to actual attacks. Many companies also believe that most attacks result from malware rather than social engineering: the tricking of victims into revealing sensitive data. The targets include the staff of the call centers, who are often conned into allowing these smooth-talking worms to get under any door.

When businesses focus on the theory that most of these problems are from malicious software, this opens up a huge door for the fraudsters to swagger their way in.

The crooks’ job is made even easier when companies assign fraud detection to a department that fails to effectively communicate with other departments.

Consumers would be smart to check in with various credit card and bank accounts “posing” as themselves to see just how easy or difficult it might be to gain access with what kind of “easy to guess” or ”easily found on social” information/questions that may be used to authenticate the caller. Then change those “out of wallet” or “knowledge based questions”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

SEC comes down on Breached Companies

If you’re wondering if businesses, who’ve been targets of cybercrime, have been properly handling the fallout, you have company: The U.S. Securities and Exchange Commission.

1SThe SEC is investigating this very issue. Key Questions Include:

  • Did the businesses adequately protect data?
  • Were investors properly notified about the breach’s impact?

One of the companies being investigated is Target Corp.

The SEC, historically, has concentrated on giving guidance to companies regarding disclosure of data-breach risks, and the SEC has traditionally also assisted with ensuring that financial companies were well-equipped against hackers.

But the SEC doesn’t like when there seems to be incomplete disclosures of the data breaches or some kind of perceived misleading information.

For example, Target didn’t disclose its breach until the day after it was first reported—by renowned security blogger Brian Krebs.

Just how much should companies say about breaches? This is being debated among regulators, corporate attorneys and activist investors.

Nevertheless, public companies owe it to investors to inform them of material compromises that could affect the investors’ decisions to sell or buy shares. A material attack, says the SEC, includes one that makes a company greatly boost what it spends on defenses, and one in which intellectual property is stolen.

Businesses in general would rather keep silent about breaches to avoid negative fallout. At the same time, it’s not easy to come up with evidence that a business should have disclosed more about a data breach than it actually did. A stolen trade secret, even, won’t necessarily be harmful to a big company’s growth or profits. The interpretation here varies almost as much as the different kinds of cyber attacks do.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

10 simple Ways Identity Thieves steal your Credit Card

There are 10 basic ways a crook can easily rob your identity by getting at your credit card or open a new credit card in your name, but there are also ways you can prevent this from occurring.

2CSimple Thievery

Leave a window open and a thief can slide through, then steal your stuff. He can even slide an arm through your car’s open window while you’re filling the tank at a gas station. To prevent this, keep house windows closed as much as sensibly possible; keep important documents locked up; keep car windows rolled up and doors locked when you’re out; and keep your wallet/purse hidden.

Employee Records

Your employer has your private information and in some cases a credit card number, which an identity thief could get access to. To prevent this crime, ask your employer how your personal information is stored. Be on the lookout for things you’d never expect.

Change of Address

An identity thief may file a change of address form in your name. He’ll get all your credit card related mail or your Social Security number. To prevent this, watch for change-of-address notices in your mailbox. If you stop receiving credit card statements, call the company.

Social Media

Your online profile may have all the information a thief needs to steal your identity. Prevent this by deleting personal information. Give answers to the security questions of financial accounts that don’t appear on your social media pages.

Mailbox Theft

A crook can easily abscond with mail (incoming and outgoing) relating to your credit cards and bank account. To prevent, get a locking mailbox and don’t delay retrieving new mail. When mailing letters, use an official Post Office mailbox or go to the post office.
Dumpster Digging

If you see someone foraging through the trash, they’re not necessarily looking for food or cans or metal. They can be searching for paper: a credit card statement, credit card offer or anything with your important numbers on it. To prevent, use a shredder, and go to electronic statements when possible.

Shoulder Snooping

The thief will peer over your shoulder to see your transaction (credit card number, password, whatever data is there). To prevent, cover your card number at a cash register and mask your PIN as you enter it in a keypad or ATM. When using your laptop for ecommerce, sit against a wall. If this isn’t possible, keep the screen at an angle that only you can view or get a 3M Privacy Filter. Google it.

Phony Call

The thief calls you, claiming to be a rep from your credit card company, asking you to confirm personal information. The thief then contacts your credit card company and poses as you…Please just HANG UP!! Call back the credit card company using the number on the back of your card to confirm any potential issues. Never give personal information over the phone if that person has called you.

Pickpocketing

These snakes slither in and out of crowds, often without being noticed, non-violent but very efficient. Prevent being their target by keeping your wallet hidden and not easily accessed.

Cloned Cards

Once all the damage is done and your card number is stolen, criminals can create exact duplicates of your card using foils and laminators burnt onto blank cards that can be purchased online.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

10 Credit Score Truths and Myths

If your personal information gets compromised, a thief will open up financial accounts in your name. However, they will not pay the bills, and this will ruin your credit.

2CWhether bad credit results from the legitimate credit holder’s irresponsibility or from identity theft, your ability to buy a car, rent a nice place, purchase a home or even get employment can be severely stifled.

1. Credit reports aren’t always accurate. Most have a big error or mistake: 80 percent, actually. Regularly check your credit report.

2. Pulling your credit score will lower it. A “soft” pull is done yourself for personal reasons; it will have zero effect. A “hard inquiry” is when a lender pulls it up for loan approval. It will have a negative impact, but small.

3. A higher income = higher credit score. Income is not relevant to credit score; paying bills on time (or not) is what matters.

4. Credit scores and credit reports are the same. The three big credit reports are Equifax, Experian and Transunion. But there are too many various calculations of credit score to even list here. What matters is your credit managing skills and making sure all 3 large credit bureaus have similar information and scores.

5. Debt settlement removes debt from your credit report. But debt settlement doesn’t fix bad credit. Late payments, bad information and other smears remain for up to seven years following the first “infraction” date.

6. Cash-only payments will improve credit score. You can’t build good credit unless you use credit—and wisely. Get a couple small loans or credit cards and pay them off as you use them.

7. Improve your credit score by closing your credit card accounts. Closing a card lowers your amount of disposable income: the ability to pay off other debt. You don’t want to lower “credit utilization” by closing out a card.

8. Smart management of your various banking accounts will reflect in your credit score. These are not reported to credit bureaus and thus have no impact.

9. Dispute accurate (but negative) information to remove it from your credit report. You can dispute only mistakes. A valid dispute will result in deletion of inaccurate information. A dispute of negative, but accurate, information will achieve nothing.

10. Missed payments that aren’t reported to credit bureaus won’t affect credit score. Any missed or late payment can be reported to a credit bureau.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Older Technologies Facilitate Credit Card Fraud

America the Superpower is also the super choice for criminals wanting to steal credit card information. Security experts warn that this problem will get worse before it improves.

1CThat ancient technology of the magnetic strip on the back of credit and debit cards is a godsend to criminals. The easy-to-copy band stores account information using a technology the same as that of cassette tapes. U.S. credit card technology has not kept up with fraudsters. One challenge facing the industry is that it is very expensive for companies to upgrade their credit card security.

When a card is swiped, the strip allows communication between the retailer’s bank and the customer’s bank: 1.4 seconds. That’s enough time for the network to record the cardholder’s information on computers controlled by the payment processing companies.

Hackers can snatch account data (including security codes) as it crosses the network or steal it from databases. Though the security code is required for most online purchases, thieves don’t care as long as the magnetic strips are easily reproducible and placed on fake cards—which they then use for purchases or sell the card data online. Three bucks will get you a fraudulent card with limited customer information and a low balance.

You’ll have to wait at least until the fall of 2015 for U.S. credit card companies to ditch the magnetic strips for digital chips. Retailers want more: each transaction to require a PIN rather than signature.

What can retailers do in the meantime?

  • Internet-based payment systems should be protected from hackers with strong firewalls.
  • Data should be encrypted, so that hackers see gibberish.

This may be easier said than done, because implementing these safeguards isn’t cheap. The U.S. lags behind most other nations when it comes to credit and debit cards; most countries’ cards use the digital chips that contain account information.

Every time the card is used, the chip generates a code that’s unique. This makes it a lot harder for criminals to duplicate the cards—so difficult, in fact, that usually they don’t even bother trying to replicate them. It would really be great if the U.S. could catch on to this technology.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

How to Handle a Credit Card Breach While Abroad

One of the best and worst parts of traveling overseas is being immersed in a different language. My wife and I once got lost in Naples, Italy. When we pulled over and asked a stranger for directions, he answered in rapid Italian, which we don’t speak. We had no idea what he was saying, but were mesmerized just watching him talk. After two minutes he stopped, so we said “Grazie!” and kept moving. Now imagine if you had to deal with credit card fraud in a foreign country, and couldn’t find any English-speakers to assist you.

Fortunately, you only have to deal with your own credit card company, rather than any overseas officials. Victims of fraudulent credit card charges only wind up paying the unauthorized charges if they fail to detect and report the credit card fraud within 60 days. A 60-day window covers two billing cycles, which should be enough for most account-conscious consumers who keep an eye on their spending. During that time, you are covered by a “zero liability policy,” which was invented by credit card companies to reduce fears of fraud no matter where in the world you travel. Under this policy, the cardholder may be responsible for up to $50 in charges, but most banks extend the coverage to include charges under $50.

You can effectively stop fraud in its tracks by checking your statements online every day. If you only check every week or month, you will have to dispute that many more charges if and when your account is eventually compromised. If you fail to recognize and dispute unauthorized transactions on your credit card statements, you take responsibility for the fraudulent charges.

So, to prevent credit card scams, take the time to watch your statements. This extra layer of protection requires special attention. If you check your email daily, you ought to be able to check your credit card statements daily, too, right? Once a week is sufficient, and even once every two weeks is acceptable. Just be sure to refute any unauthorized withdrawals or transactions within the time limit stipulated by your bank. For most credit cards, it’s 60 days, and for debit cards the limit can be 30 days or less.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures