Posts

Identity Theft getting even worse

In 2015, depending on the kind and type of identity theft we are talking about, identity thieves impacted 1.5 million people or more, says the Javelin Strategy & Research report. That’s more than double than for 2014.

The move from stripe cards to chip cards has motivated crooks to fasten their seatbelts and really take off with an accelerated mode of operation. For them, your Social Security Number is the pot of gold at the end of the rainbow. Thieves will use it to set up new accounts in the victims’ names, then go on spending sprees. This kind of identity theft is called new-account fraud.

  • This can go on for months or years before the victim realizes it.
  • Sometimes the victim never finds out.
  • These cases can also slip by the victim’s bank.

A favorite scam is for the thief to create a fake (partially stolen, partially faked) identity morphed from multiple pieces of real—and stolen—data. So we have not only a stolen identity but a fictitious identity—which could be created using your Social Security number and someone else’s home address and name. This is called synthetic ID, and banks see right past it.

Synthetic ID Crimes

  • ID manipulation: The criminal uses a stolen core identity but integrates false pieces of data to avert detection.
  • Quick synthetics: Data pieces from multiple, real victims are compiled into a single identity.

What can banks do?

  • Analyze cellphone account data to see if there’s a predictable pattern of billing details, since many thieves may use a prepaid, discardable VoIP phone.
  • E-mail history is also important to look at; a new e-mail for an old account should be suspicious for fraud.
  • Another red flag is if the e-mail address doesn’t correlate to the mobile device.

What can be done by credit card issuers?

  • Checking a person’s identity needs to be more thorough.
  • For instance, a red flag would be spotting the same address for several different names.
  • Repeat scoring of the applicant’s risk score, one to three days later, to see if there’s a change. A change is a red flag.

What can you do?

No identity theft is OK. But if synthetic identity theft happens you to, meaning some sleaze uses your SSN, but not your name, you may never know about it. And that means it may not actually affect you. But:

  • Check your credit reports at least annually
  • Consider investing in identity theft protection. Identity theft protection monitors your SSN for activity on the dark web and on most new lines of credit.
  • Get a credit freeze. A credit freeze locks down your credit and prevents new account fraud.

The bottom line is that banks and credit card issuers need to employ a multi-layer approach to screening and approving applicants. The more layers, the harder it will be for a fraudster to penetrate. Four layers are significantly better than two layers.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

IRS Identity Theft Prevention Tool hacked

The Identity Protection PIN tool on the IRS.gov site has been temporarily suspended—because it was recently hacked into. The tool provides retrieval of forgotten or lost IP PINs to users who want an extra layer of protection against identity theft.

9DBut some users who received the IP PINs recently via the online tool learned that a thief had used their IP PIN to file tax returns in their name.

So now, for the moment, you cannot use the IRS’s online function to retrieve your IP PIN; meanwhile, the IRS is investigating the hack.

The online tool attracts taxpayers who lost or forgot the six-digit IP PIN they were issued via snail mail. Despite the suspension of the tool, taxpayers are encouraged to file their returns without any qualms. The IP PINs purpose is to add additional protection to the user, but is not required to process a tax return.

Lesson learned: If you ever receive an IP PIN in the future…memorize it or write it down in hardcopy and keep in a safe place.

Tips from the IRS

  • There will always be someone who misplaces or accidentally throws out the letter containing the IP PIN, or who intentionally discards the document but then can’t remember the number and never wrote it down. They should call the IRS in the wake of this suspension.
  • Over the phone, they will need to verify their identity, after which they will receive a letter with the IP PIN.
  • If since the first of this year the taxpayer has moved, they will need to file a paper return, and this will take longer to process if it doesn’t contain an IP PIN.
  • The IP PIN is given out to those at risk or who feel at risk for tax identity theft. But again, it’s not necessary to use it if it’s been lost or forgotten. But for those who managed to retrieve their number, they should include it on their tax return.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Prevent Child Identity Theft

Here’s one for the know-it-alls: Kids are 35 percent more likely to become victims of identity theft than are adults. Betcha didn’t know that! This startling news comes from a 2015 Javelin Strategy & Release study.

2DNeedless to say, the bulk of parents aren’t on top of this problem, unaware that thieves go after children’s SSNs like two-year-olds grabbing at candy. Thieves know that kids (and their parents) don’t monitor their credit reports. Thieves know that they can get away with their crime all throughout the victim’s childhood until they start applying for college, credit cards, etc., at age 18 or so. That’s a long time to get away with a crime.

Let’s talk about how to prevent child identity theft.

ID Theft Protection

  • Sign on with an ID theft protection company; many such companies protect the entire family including kids.
  • Get an ID theft protection service. This is not the same as antivirus software. For example, ID theft protection services will monitor your credit report. It will also alert you when an account is opened in your name.

Credit Freeze

  • Put a freeze on your kids’ credit reports; 19 states allow this for the three main credit reporting agencies. Equifax allows a freeze no matter what state you live in.
  • A frozen credit will prevent a crook from opening lines of credit in your child’s name.

Who needs your child’s Social Security number?

  • Put your children’s sensitive documents (birth certificate, SSN card, etc.) in a lockable safe and/or keep it hidden.
  • THINK, before you hand out your child’s SSN. Just because it’s requested doesn’t mean you must blindly give it up. Ask yourself: Why on earth do they need my child’s Social Security number? The gruff coach of your child’s new soccer team may be requesting the number. The child beauty pageant director may be asking for it. Don’t be intimidated.
  • Come on, really. WHY would a sports team, karate tournament entry form or any other child-centered activity need this information?
  • Minimize putting your child’s name and address “out there.” Even if you decide to get a magazine subscription for your tween, put your name on the subscription.
  • Meet with your child’s principal to keep your child’s information from getting out. Schools often share personal information of students with third parties.
  • It’s not cute that your five-year-old can rattle off her Social Security number. Kids don’t need to know this number. They need to know your phone number, how to dial 9-1-1 and their home address. But not their SSN. Geez, if they know their SSN, you just never know when they might leak it out to the wrong ears. When kids are in high school, they may need it, but still, be very cautious about when you decide it’s time to give them this information.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Identity Theft on the rise affecting over 13 Million

13.1 million people were stricken by identity theft last year in America, reports a study by Javelin Strategy & Research which reveals:

  • Many people who don’t trust their banks are unwittingly doing things that make crime easier for crooks. This includes not using the bank’s protection services such as e-mail alerts.
  • Oddly, there are more victims than ever, but the total amount stolen is less. But that hardly matters when you consider that in the past six years, $112 billion have been stolen.
  • 18 percent of U.S. identity fraud involving cards was carried out beyond the U.S.
  • New-account fraud is being driven by EMV.

Javelin Strategy & Research’s Recommendations

  • Every account should have a different password. Every password should be long and strong, not containing keyboard sequences or actual words or proper nouns (sorry, this means no Metallica1), and including a mix of characters.
  • Consider using a password manager.
  • Smartphone protection is a must. This means being vigilant about updates and using all security features offered by the device like passcodes or fingerprint access.
  • Sign up for account alerts. Alerts come in different flavors. For instance, you’ll be alerted for purchases exceeding a specified limit or occurring outside your state. See if your bank or credit card issuer provides alerts for international transactions.
  • Put a freeze on your credit. This will prevent anyone but you from opening an account in your name, and it’s cheap to do. But if you unexpectedly find you must open a new line of credit, the freeze can be lifted.
  • If you suspect any suspicious activity, jump on it immediately. Any delay in notifying the credit card company or bank can make it harder for them to resolve the problem.

In addition, inspect your credit card statements every month. Do not dismiss tiny charges that you’re not familiar with just because they’re tiny. Sometimes, crooks will “test the waters” and make miniscule charges to see if they can get away with it. Their intention is to then escalate and ultimately max out the card.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Bank Tellers stealing Identities

Ever consider the possibility that a person gets a job as a bank teller…for the sole purpose of stealing a patron’s identity?

Do you realize how easy this would be?

  • No techy hacking skills required.
  • No gun required.

So we’ve all been instilled with fear of our bank getting data breached by Russian hacking rings, while that mousy looking teller with the sweet smile could be your greatest threat.

A nytimes.com article points out that a teller from Capital One had gained access to seven accounts and gave information to a co-thief who drew checks on these accounts.

Tellers can fake debit cards and wire unauthorized funds. They can also sell personal data to other thieves.

The nytimes.com article says that a teller was part of an ID theft ring that stole $850,000. The idea of tellers committing these thefts is very real. One teller even took photos with a cell phone of account data to cash phony checks. Another thief, who worked at a credit union, took loans out in customer’s names.

There are many ways that tellers can steal, including creating credit cards in customer’s names. Tellers may also be easily bribed by thieves to sell them customer information, as the tellers’ income isn’t that great, averaging about $25,000 a year.

The thieves, who bribe the tellers, don’t necessarily pay them with money. They may offer them luxuries that the teller can only dream of, such as flying in private jets and meeting famous athletes, says the nytimes.com report.

And if you think that banks require rigorous background checks for new teller  hires…think again. Furthermore, continues the article, savvy thief-tellers will keep their fraudulent withdrawals under $10,000, to keep below the detection radar. These sneaks can get away with this for years.

The general rule of thumb is that tellers have way too much access to customers’ data, and banks are lax at correcting this problem beyond simply reimbursing customers with their stolen money. The banks don’t want to invest the money and time in straightening out this problem, though a small number of banks have implemented tighter controls on tellers.

But what can we, the customer, do? We just have to keep our fingers crossed? The most effective way to prevent fraud is to do two things:

  1. Go over your accounts security controls with a bank advisor. Set up limits on transactions, require second signatures for large dollar amounts, and restrict money flow in any way that will cause financial harm.
  2. Set up alerts and notifications, so you, the account holder can become fully aware of every transaction of any kind.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Busted!: Large Identity Fraud Rings Fall Apart

A group of people who are actively collaborating to commit identity fraud is known as an identity fraud ring. These rings are generally made up of two or more career criminals, often including family members or close friends. These rings work by members either stealing a victim’s identity or sharing personal information such as a date-of-birth or Social Security number. Though many fraud rings occur in large cities, there are a surprisingly high number of rings found in rural areas.

According to Bergen County Prosecutor John L. Molinelli, recently, twenty people from Pennsylvania and New Jersey were charged as part of a highly sophisticated identity theft ring. The group used several stolen ID’s to open new bank accounts and then negotiate counterfeit and fraudulent checks.

These new arrests were based on information obtained through an ongoing investigation, which began after a previous arrest of a member of the ring, Miokar B. Wehye. This arrest occurred after a nearly year-long investigation after accusations of fraud and identity theft began coming in from Bergen County business owners.

According to Molinelli, the investigation showed that Wehye created a scheme that allowed his group to steal more than $100,000 from their victim’s bank accounts. The prosecution team alleged that Wehye and his group changed their victim’s addresses, opened new bank accounts in their names, and by using counterfeit checks, made illegal withdrawals from these accounts. The group also applied for business loans in the names of their victims.

Though you may think this will never happen to you, the truth is, it can. Anytime you apply for any type of personal or business loan online, it makes you more susceptible to becoming a victim of identity theft. The system of identification that is currently used has flaws, and the Internet makes it quite easy for criminals to get approval when they are not conducting a face-to-face transaction.

Identity thieves can easily change a mailing address and begin diverting documents away from you and directly to themselves. All it takes is a Change of Address request to the US Postal Service, and your mail can be forwarded to a new destination address, and this change may be permanent or temporary. Currently, anyone can change anyone else’s address simply by filling out a form online or even in person at a local post office.

Fortunately, arrests like Wehye’s help police to breakup these rings, and in this case, it led to fraud charges against almost two dozen people, which means there are 20 people who are off the streets and unable to steal your personal identity, for now. Each of these people have been charged with conspiracy to traffic in the personal identifying information of another, which is a second-degree crime. Wehye, and his accomplice Rachel Horace, were charged with receiving a stolen vehicle, too, as at the time of their arrests they had a 2015 Range Rover which was stolen at gunpoint from its owner in Elizabeth, New Jersey.

Though these people are off the streets, there are still dangerous people out there, so make sure you remain vigilant about your identity.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Indiana Is a Big Target for Identity Theft

As the holiday shopping season quickly approaches, identity thieves are quickly looking for their next victims. In Indiana, government officials are taking steps to stop these thieves in their tracks. Just recently, the state’s Attorney General Greg Zoeller was in Fort Wayne to announce the launch of “Freeze Identity Thieves.”

2PThis program, which is designed to protect consumers who may become victims of identity theft, allows people to freeze their credit online, for free. And it’s been around since 2008. He just figured it out.

This past year, there were reports of more than 400 data breaches in the state, which allowed for the exposure of financial and personal information. In addition, there were more than 1,000 identity theft complaints filed. Zoeller does not want this number to get any higher.

Why is Indiana such a big target? I suspect it’s due to a couple of reasons. First, I think they may simply be a bit behind on the available security upgrades. This is a simple fix, fortunately, as long as the state begins to improve their security policies. Another reason is that there could be an individual or even an identity theft ring that is wreaking havoc on residents of the Hoosier state.

Zoeller urges every resident in Indiana to assume that their information has been compromised. Agreed. Actually, if you are a US citizen, with the billion plus records breached, consider your identity stolen. Though you may not be a victim of identity theft at this point, it may be a good idea to freeze your credit information now, so you do not become a victim of identity theft later.

You may be wondering if this action will work, or if freezing your credit reports is enough to prevent identity theft. The answer is yes. This type of credit freeze is something that all states adopted in February 2008 and in my opinion, and it will lock down your credit report, which will prevent fraud.

Brief FAQ About Credit Freezing

When is it a good idea to freeze my credit?

If you are 18 years old or older and have a credit report, you should freeze your credit. You should also freeze it if you are under the age of 18 and your identity has been stolen in the past.

What should I consider before ordering a freeze on my credit?

Don’t consider anything, just do it. Your credit should be frozen across the board, even though lenders have been trying to prevent this. Why? Because they would be unable to give out instant credit, and it would “gum up” the lending system.

What does it cost to freeze a credit report?

Depending on where you live, it costs between $0 and $15 to freeze your credit report. To apply for a new line of credit, you will pay between $0 to $5 to thaw the report.

Where can I freeze my credit report?

You can freeze your credit report by contacting the three main credit bureaus by following the links, below:

Equifax

Transunion

Experian

Credit freezing stops an identity theft from using stolen information, such as a Social Security number, from accessing and racking up credit in your name. Once the freeze begins, you can lift it at any time, such as when you need a new loan or want to apply for a new credit card. Also, just because your credit report is frozen, it does not mean that you cannot use your present credit.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Business Identity Theft: Beware of Identity Thieving Employees

Wow, a lawyer in Memphis got scammed by his secretary—she embezzled over $362,000 from him, says an article on wreg.com. Attorney Jerry Schatz hired Teresa Sumpter, 48, in July of 2013.

10DLittle did he know that his assistant would end up stealing checks from his trust account, forging her signature on them, and opening three credit cards—all in his name. And she named herself as an authorized user.

And what did this conniving little pill do with the stolen money? Sumpter bought several vehicles, paid some bills and purchased some miscellaneous things.

After her arrest she was charged with six counts of identity theft, two counts of forgery and two counts of theft of property.

So you see, the “bad guy” is sometimes a woman. It happens more often than you think, too. An article at sacbee.com tells the case of Natashia Adams Lugo, 31, whose dirty deeds of identity theft got her a sentence of almost 15 years in a state prison.

Lugo had been employed by Job Journal LLC. Then she was fired. So she decided to get some revenge by using her former employer’s bank checking and routing numbers to polish off $40,000 of personal debt. How could she not have known that her criminal act would easily be traced back to her?

Lugo also stole $17,200 from the Job Journal’s bank account to fund her child support account. Once again, the question blares: How could she have been dumb enough to commit a crime so traceable back to her? Some times these criminals aren’t so savvy, other times they are. Regardless, the employers usually never see the money again.

Prior to the Job Journal employment, Lugo had worked for Balanced Body, which fired her. You guessed it: After being fired, she used the company’s personal identifying information, as well as that from some of its patrons, to steal over $11,000.

Businesses need to beware of firing employees. But the logistics of protecting themselves from these kinds of crimes can be enormous. Big companies can’t close out their bank accounts and open new bank accounts every time someone is fired. Maybe small companies can, that hardly ever fire anyone, but the bottom line is that businesses just have to keep their fingers crossed whenever they give someone the pink slip.

The big thing is to hire forensics accountants to look at your books, frequently. Especially in family owned businesses. Sad, but true.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

15 Ways to protect your Identity

There are tried and true ways to protect yourself from identity theft—ways that you may not have even considered. Check them out (no specific order): PSH

  1. Evaluate your passwords. Does every online account have a different password or are you using the same one for multiple accounts? Fix this problem immediately.
  2. However, make the new passwords at least eight characters ideally, and include symbols, not just letters and numbers. Avoid using actual words or names, or keyboard sequences. Password-cracking software will easily find shorter passwords that contain words, names and keyboard sequences.
  3. Never post anything personal on social media. Yes, this includes your pet’s name, name of your kids’ school or teacher, where you’re going on vacation, the town your parents live in, etc. I don’t, why do you?
  4. Would you open your door to strangers knocking on it all day long? Of course not. So why would you “answer” e-mails from strangers? Ignore e-mails whose senders you don’t know. If the sender appears to be from a company you do business with, but you never gave them your e-mail, delete it. If they DO have your e-mail but there’s no reason they should be sending you a message, just ignore it.
  5. If that all sounds too confusing, then follow this simple rule: Never click links in e-mails or open attachments you’re not expecting.
  6. If you’re not using Bluetooth on your phone, turn it off.
  7. Set your phone up with a password. If it’s lost or stolen, you’ll have no worries.
  8. Shred all your credit card offers, medical records, billing information and other personal information before tossing.
  9. Memorize your Social Security number. Never give it out unless it’s absolutely mandatory like for a job application. However, just because someone says they can’t process your request without your SSN doesn’t mean you must hand it over. For instance, a major retail chain may tell you they need your Social Security number to issue you a charge card for their store. It’s best to just forego the charge card. The objective is to minimize how much your SSN is “out there.”
  10. Request your free credit report every year from the three major credit reporting bureaus. Refute unauthorized accounts immediately.
  11. Inspect your credit card and banking statements every month for suspicious activity.
  12. Use a locking mailbox or have your mail delivered to the post office and pick up.
  13. Before taking any trips have the post office put a stop on your mail delivery.
  14. Consider getting a credit freeze. Thgis is a no brainer to protect you from new account fraud.
  15. Invest in identity theft protection. There is no cure for identity theft. But with a protection plan in place, the restoration component will fix most of what goes wrong.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to prevent your Pics from being lifted: Part 2 of 2

There are many reasons someone might right-click on your image and “Save image as…”

Porn, Sex and Dating Sites

  • A woman might steal your blog headshot and use it for her dating site profile.
  • A perv might take the picture of your child off your Facebook page and put it on a porn site.
  • A person who runs a racy dating site might take your image and use it to advertise his service.

Scams

  • Someone might use, without your knowledge, a photo of your house for a rental scam.
  • Your motorcycle, jet ski, boat, puppy…you name it…could be used for scam for-classified sale ads.
  • Your avatar may be used for a phony Facebook account to then be posted in the comments section of news articles pitching some get-rich-quick scheme.

Fantasy Lives

  • Your image could be used by a lonely person to create a fictitious Facebook account.
  • A person with a real Facebook account may be so desperate for friends that they use your photo to create a fake account to then add as a friend.
  • Someone you know may steal your photo (such as an ex-lover) and create a social media account in your name, then post things on it that make you look really bad.

How can you protect your digital life?

  • For your social media accounts, make sure your privacy settings are on their highest so that the whole world can’t see your life.
  • Watermark your images so that they have less appeal to image thieves, but keep in mind that they’ll have less appeal to you too.
  • It’s one thing when an image of your house was stolen for a rental scam, but it’s a whole new animal if an image of your naked body or you engaged in a sex act was stolen. So don’t put racy images online. Never.
  • Explain to your kids about the risks of stolen images.
  • Make sure their social media privacy settings are high.
  • It’s possible your smartphone automatically stores pictures you take online. Turn off this feature.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing identity theft prevention.