Posts

Identity thieves bombarding Call Centers

One out of 2,900 seems very small, but when there’s a total of 105 million…then this percentage stacks up in the end. It represents the frequency of calls from fraudsters made to call centers in an attempt to get customer account details so they could steal.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Many times these crooks will succeed by conning phone operators into altering personal details. The thieves will then commit ID theft, gaining access to customer information and even changing customer contact information so that the victims cannot receive alerts.

These clever cons spoofed their phone numbers to avoid detection, and used software to alter their voices, even the gender sound.

Research into the 105 million calls also unveiled that the fraudsters keyed in stolen Social Security numbers in succession until they got a bull’s-eye: a valid entry for an unnamed bank. They then tricked the victim into revealing personal data.

One expert says that if contact phone channels were monitored, this could predict criminal behavior two weeks prior to actual attacks. Many companies also believe that most attacks result from malware rather than social engineering: the tricking of victims into revealing sensitive data. The targets include the staff of the call centers, who are often conned into allowing these smooth-talking worms to get under any door.

When businesses focus on the theory that most of these problems are from malicious software, this opens up a huge door for the fraudsters to swagger their way in.

The crooks’ job is made even easier when companies assign fraud detection to a department that fails to effectively communicate with other departments.

Consumers would be smart to check in with various credit card and bank accounts “posing” as themselves to see just how easy or difficult it might be to gain access with what kind of “easy to guess” or ”easily found on social” information/questions that may be used to authenticate the caller. Then change those “out of wallet” or “knowledge based questions”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Identity proofing proves who You are

Identity proofing is proof of whom you are. Proving one’s identity starts with that person answering questions that only they themselves can answer (even if the answers are fictitious), such as their favorite movie, mother’s maiden name or name of their high school. Since most people provide real answers (that can be found online) rather than “Pointy Ear Vulcan Science Academy” as the name of their high school, this technique is on its way to the dogs.

8DMichael Chertoff, the former chief of the Department of Homeland Security, stated, “I’m going to submit to you that in the 21st Century, the most important asset that we have to protect as individuals and as part of our nation is the control of our identity, who we are, how we identify ourselves, whether other people are permitted to masquerade and pretend to be us, and thereby damage our livelihood, damage our assets, damage our reputation, damage our standing in our community.”

New Jersey suffered one of the biggest unemployment frauds, and to date, has identified over 300,000 people who attempted to fraudulently collect benefits via ID theft, among other improper schemes but also honest errors. However, New Jersey is turning things around.

It’s the only state that’s used identity proofing to fight unemployment benefit fraud, which mandates that job applicants verify a number of personal details through a quiz on New Jersey’s labor department’s website.

The use of billions of public records, collected by LexisNexis, verifies the details, to filter out imposters seeking unemployment benefits. The idea is for honest people to provide answers to questions: information that crooks can’t extract from googling.

This approach has rewarded New Jersey well, with nearly 650 cases of potential ID theft prevented. The state has also saved $65 million since May 2012 after blocking foreign IP addresses from gaining access to its unemployment system. Other states are following suit.

Improper payments (including for jobless benefits) have been occurring for years. Over $176 million in grants, to stop this problem, was issued by Washington in 2013 to 40 states. The errors in unemployment benefits payments on a national level have been about 10 percent for the past 10 years.

Businesses and government frequently must take the brunt of the fraud and waste despite an unemployment insurance system in place.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

15 ways to prevent Travel related Identity Theft

See if you’ve been employing the safeguards below to protect your identity while traveling.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813#1 Put snail mail on hold.

Crooks love to scavenge through overflowing mail boxes to seek out personal information to steal an identity. Prevent this by arranging the postal service to put a stop on your mail.

#2 Clean up, thin out.

It’s been said that the laws of physics are defied when a woman empties her purse. Before traveling, dump out anything and everything: drug prescriptions, old memos, business cards, even expired documents. A thief could use this information to steal your identity.

#3 Be cautious with public computers.

A public computer is a very fertile area for identity theft, and this includes the computer in your hotel’s lobby. Never save passwords or use the auto-save function for forms. When you’re done, delete the search history. Never visit your financial institutions’ sites either.

#4 Wireless means watch out.

Free public Wi-Fi means anyone can snatch your personal information out of the air because this kind of Wi-Fi does not include encryption (which scrambles data). Use Hotspot Shield on your PC, Mac, tablet and mobile to encrypt your wireless communications.

The ability to snag your private information requires only a basic knowledge of computers plus a simple plugin, and voila—this person can spy on your browser activities. Try to use only WEP, WPA and WPA2 networks. Otherwise, visit only secure websites (they have the “https” in their address).

#5 Keep your phone number private.

Other than giving it to reps for your airline and hotel reservations, keep it to yourself. If it gets out, a fraudster could use it to pull phone scams on you.

#6 Protect your smartphone.

If your mobile device is loaded with personal information, it should have a home-screen-locking password. This can even be a fingerprint scan, depending on the model. Androids need antivirus the same as PCs do.

#7 Beware of ATMs.

ATMs can be fake or skimmers can be installed. A phony ATM kiosk can be set up on a street corner, beckoning for you. You swipe your card, and your card information is stored for later pickup by the thief who put the kiosk there.

If you must use an ATM, use a bank’s during regular business hours. Protect yourself from skimmers by blocking the keypad with your other hand as you enter your PIN. But still check your statements because keypad overlays can be installed too. Shred receipts immediately.

#8 Pay with cash.

Though stolen cash can’t be replaced, it also won’t lead to identity theft. Limit credit card use to secure payment systems found at major retail outlets and airports. Be suspicious of clerks who want to leave your visual range to swipe your credit card. And just plain don’t use a debit card when traveling.

#9 Don’t use your passport for ID.

Instead use your driver’s license or international ID. If you rely only on a passport and it gets stolen, you’ll end up in a bind you’ll never forget. Have backups of both scanned and available online.

#10 Hotel scams

Never give out private information over your hotel room’s phone, even if the caller says they’re from the front desk and need to straighten something out. Instead, deal with them at the front desk so you know it’s not a scam.

#11 Lock up valuables.

This doesn’t just mean jewelry, but use your hotel room’s safe to lock up passports, airline information, credit cards, cash and electronic gadgets unless you’re using them. Better yet, take them with you, or better still only travel with valuables you absolutely need.

#12 Review credit card statements.

Check your statements every month for unauthorized charges so that they don’t pile up.

#13 Encrypt laptop/mobile data.

When traveling with digital devices make sure to use encryption software that makes your data useless to a thief.

#14 Install tracking software.

Mobile devices should have a lock/locate/wipe software that does just that in the even your device goes mobile without you.

#15 Get identity theft protection

Both identity theft protection and a credit freeze should be used by everyone traveling or not.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Medical Identity Theft Can be Deadly

If you feel like you are starting to get the flu, going to the doctor’s office can get you some medicine and get you on the road to recovery. But, there’s no pill or surgery that can protect you from medical identity theft—which can kill you. Literally. The thief who steals your identity doesn’t mean to kill you; he just wants to obtain free medical care on your dime.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813If a thief has access to your personal information, he can pose as you and see doctors and have procedures done—for free or for a nominal copay. The crook uses fake IDs and phony insurance cards to pull off this scam.

The problem really starts kicking in when the imposter’s medical situation gets tacked onto your medical record—since they are posing as you. This can result in a number of harmful outcomes for you. Not only can it potentially cause misdiagnoses, you could be issued a prescription to a drug that you have a fatal reaction to.

Just think about it for a moment: Someone else’s medical condition getting integrated with yours. This can cause a lot of problems. You could be denied medical coverage or lose your current coverage because of false information in your medical records. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) protects your right of access to your medical records. If someone else is pretending to be you and accessing your records, you might not be able to access your own records. That’s a scary thought.

But even you are lucky enough not to suffer any negative consequences to your health as a result of the medical identity theft, cleaning up the mess can be enough to give anyone a heart attack.

So how can you prevent becoming a victim of medical identity theft?

  • Protect your mail: Install a locking mailbox so no one can access your mail.
  • Keep medical documents secure: Keep all of your hard copy medical documents in a file that locks. If it’s in cyberspace, make sure the files are encrypted and not in folder on your desktop that says “Medical.”
  • Shred all medical documents: Make sure to properly dispose of your medical documents so you don’t become a victim to dumpster-diving thieves. This includes digital files as well.McAfee LiveSafe (put tm in here and links this) service comes with a digital shredder that uses higher than government standard file shredding—don’t rely on simply putting something in the “trash bin” on your computer and then emptying it.
  • Leave medical cards at home: Only take them when you are visiting the doctor. If you’re worried you might need them in the event you have an accident and need immediate medical treatment, memorize your health ID number. If you’re unconscious upon arriving at an ER, you’ll get treated anyways—it’s the law. Simply provide your medical card after the fact. Don’t carry identity cards either: Identification cards or Social Security number cards should also be left at home in a safe place. Since many medical systems use these numbers as your identifier on the policy, you don’t want them falling into the wrong hands. And with access to these cards, a thief could easily create the fake credentials needed to commit medical identity theft.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Graduates beware of Identity Theft

Worried about finding a job after you graduate from college? Worried about paying off your debts? It gets uglier: New college grads need to think about their identities being stolen. One-third of identity theft complaints come from young adults.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813A new college graduate will often have a clean credit history. If the new college graduate discovers, however, that their credit score is inexplicably low, it’s probably because their identity has been stolen. This can be a nightmare.

Compounding the issue is that some businesses will check the job applicant’s credit report and use this information against them by not hiring.

Prior to graduation, the college student should do a credit check; it can be done annually online free of charge. Young adults should never have an “It can’t happen to ME” approach to one of life’s raw realities: the proliferation of identity theft.

College students should always shred all of their bank related statements, credit card statements and all other documents that contain very personal information.

College students should avoid posting their birthdates, phone numbers and addresses on social media.

Additional Tips

  • Ask your parents to explain whatever they know to you about online scams like malicious e-mails (phishing), suspicious pop-up ads, buying apps from third party sellers, etc.
  • Avoid debit cards; use only a credit card because thieves prefer to steal identities through debit cards.
  • Memorize your SSN so you can keep your SSN card in a safe place at all times.
  • Check your credit card statements every month for suspicious charges.
  • Never give out your SSN, even if the clerk at the retail store insists they need it so that they can give you an intro 15 percent off with the store’s credit card.
  • Go to www.annualcreditreport.com to check your credit report every year.
  • Get identity theft protection and a credit freeze.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

The Future of Identity Theft

Identity theft evolves as technology progresses. The Identity Theft Resource Center explains the future of this crime.

11DDefinition of Identity

The definition will swell up to include biometrics and behavior, not just driver’s license number and SSN. So your identity can be defined by how you move a mouse and your keystroke patterns.

Medical Identity

There’s no focal mechanism for the mitigation of medical identity theft, making it easy for thieves to keep getting medical treatment. Many people get their medical identity stolen without knowing it.

Statistics

Crime rate statistics are not telling the whole story. The illusion is that crime rates are on the decline; this is because statistics do not include all fraud activity. The primary indicator in crime statistics reports doesn’t even include identity theft.

Mobile wallets will not take over the world—at least not soon, anyways.

Though mobile wallets seem to be the next big wave in purchase technology, it’s not going to be easy convincing the masses to store every bit of their financial data in their smartphone. In fact, 64 percent of survey participants said they would not convert to a mobile wallet system (Consult Hyperion).

Affordability

All of these cool developments in the world of cyber communication will not necessarily apply to every single person; products cost money. So no matter how much it seems that times are changing or that people are “switching over” to some new technology, there will still be that demographic that’s seemingly left in the dust.

Finally…

It looks as though federal data breach notification laws will at last become a reality. Or so it seems.

Extra Layers

The dual and even multi-step authentication system will become more common, as more industries pick this up, to verify a user’s identity. And even consumers seem to be warming up to this.

Can’t have it both ways:

That is, security and convenience. With all the big data breaches lately, looks like privacy and security will win over convenience for the consumer.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Kim Kardashian’s Identity Theft Case cracked

Never underestimate the brains of a young guy who still lives with his mother—at least not the case of 19-year-old Luis Flores, Jr., who was smart enough to steal the identities of Kim Kardashian and even the head of the FBI, and assume their financial accounts.

11DOf course, he wasn’t smart enough not to get caught.

Flores’ weapon was a flash drive loaded with private data from celebrities and politicians; he got into their credit card accounts and transferred thousands of their dollars to his bank account. He got nabbed finally.

Red flags raised when American Express reported some suspicious activity on a number of accounts, causing the Secret Service to investigate Flores and his mother.

Someone had phoned American Express claiming to be Kim Kardashian, knew her private information, then changed the account’s SSN to that of Flores’. The snail mail address was changed to Flores’ apartment’s. The caller then requested replacement cards.

The Secret Service questioned Flores and Kyah Green, his mother, about the cards but they didn’t cooperate. The Secret Service also discovered that Flores had a history of fraudulent behavior. Additionally, Flores had wired money from Kris Jenner’s account into his own.

It gets better: Authorities linked Flores to fraudulent activity involving Ashton Kutcher, Paris Hilton, U.S. Marshals Service Director Stacia Hylton and former FBI director Robert Mueller.

The flash drive was discovered in Flores’ apartment by the Secret Service. In it was the bank and credit card accounts, credit reports and SSNs of all the victims named prior, but also those of Bill Gates, Michelle Obama, Joe Biden, Beyoncé Knowles, plus other politicians.

How could Flores’ have gotten this sensitive information? A web site that was launched last year by hackers. It is believed the hackers got the data from legitimate sources such as information brokers who didn’t realize their clients were criminals.

The search of Flores’ apartment by agents didn’t stop him; he contacted American Express in an attempt to access the accounts of Gates, Kutcher and Tom Cruise.

Flores and his mother were charged federally; both pleaded guilty. This is one more reason to invest in identity theft protection or get a credit freeze.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Consumers worried about Identity Theft over Privacy

A recent poll of 1,000 Internet users reveals that they’re very concerned about security threats to their personal and financial information. Users also believe that the feds should step up more to protect them.2P

  • 80% are concerned that hackers will get into information they share.
  • 16% are on edge that businesses will use data they share online to send out unsolicited ads to them.
  • 75% are nervous their personal data will be hocked by hackers.
  • 54% worry their browsing history will be monitored for targeted advertising.
  • 57% have signed up for a two-step sign-in process.
  • 83% have required a password to unlock their devices at some point.

This small survey is indicative of the awareness that users have over security and their belief that the federal government needs to take more action.

Nevertheless, the respondents showed a proactive approach to protection, e.g., 73% don’t allow services to retain their credit card information; 65% set their browsers to disable cookies; 68% adjust privacy settings for online accounts; and 76% use a different password for different services.

But consumers give up privacy for “free”.

“The poll also shows that respondents have a lower level of concern about targeted online advertising as evidence by the fact that most would rather have a free Internet with targeted advertising than a paid service but with no advertising.  Twice as many say they prefer free online services supported by targeted ads (61%) over online services that they pay for but come with no targeted ads (33%)”

This is good news for companies providing free identity theft protection to their customers. On one hand customers want security; on the other hand they want “free”. So when offering up free identity theft protection, a consumer is getting their cake and eating it too!

CCIA

The Computer & Communications Industry Association is nonprofit and represents a large cross section of communications, computer and Internet industry businesses. CCIA promotes innovation and the preservation of fair competition throughout industry. Over 600,000 people are employed by CCIA, and yearly revenue exceeds $200 billion.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Identity Fraud: Stolen Puerto Rican IDs Filter In The Workplace

In the U.S. identity brokers allegedly sold Social Security cards and corresponding Puerto Rico birth certificates for prices ranging from $700 to $2,500 per set, since it can be used to hide illegal immigrants and gain employment. Puerto Rican stolen identities have surfaced in workplace immigration raids all over the country. “Birth certificates have become legal tender,” said Puerto Rico’s secretary of state.

Fifty individuals were recently charged in an indictment unsealed in Puerto Rico with conspiracy to commit identityfraud in connection with their alleged roles in a scheme to traffic the identities of Puerto Rican U.S. citizens and corresponding identity documents. The charges are the result of an extensive identity theft investigation led by U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), in partnership with other federal, state and local law enforcement agencies.

According to the indictment, from at least April 2009 to December 2011, conspirators in 15 states and Puerto Rico, a U.S. territory, trafficked the identities of Puerto Rican U.S. citizens, corresponding Social Security cards, Puerto Rico birth certificates and other identification documents to undocumented aliens and others residing in the United States.

Businesses hiring illegal immigrants with stolen IDs face possible insider fraud among other legal and liability issues.  One way too effectively vet whether the person being hired is who they say they are, regardless of what documentation they produce is to pull their credit report. Often a credit report will have current and previous addresses. If the job candidate can’t tell you the last few places they lived that’s a red flag. You can also ask them various “knowledge based questions”. The credit report might also help the employer to track down a current phone number and simply call the person whose identity is associated with the credit report.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Identity Theft – Common Consumer Errors

The major problem that consumers face today is a fundamental lack of understanding of what identity theft actually is. Most people think of identity theft as when someone uses your credit card without your permission. Fraudulent credit card use is certainly a multibillion dollar problem, but it’s only one small part of the identity theft threat. A comprehensive understanding of what identity theft and what it is not empowers citizens to make informed decisions about how they should protect themselves.

People who have been victimized by identity theft often have a difficult time functioning as a result of their circumstance. Some deal with minor administrative annoyances whiles others suffer financial devastation and legal nightmares.

No one is immune to identity theft:

A woman contacted me who was previously a very successful real estate agent and the president of her local real estate group. She had climbed the ranks from sales to broker/owner and oversaw dozens of employees. A former boyfriend stole her Social Security number and his new girlfriend used it to assume her identity. Over the course of five years the ex-boyfriend and his new girlfriend traveled the world on stolen credit and destroyed the real estate agent’s ability to buy and sell property. Her real estate license was suspended and her life was turned upside down.

Awareness is key:

Do you carry your Social Security number or a Social Security card in your wallet? Do you provide this number to anyone who asks for it? The most commonly dispensed advice in response to these questions is: don’t carry the card and don’t give out the number. But in reality, there are many times when you have to use your Social Security number. Because this number is our primary identifier, we have to put it at risk constantly. Refusing to disclose your Social Security number under any circumstances is like refusing to eat because the food might be bad for you. There are always risks. The key is managing those risks and making smarter decisions.

Do you know what ATM skimming is? Have you seen a skimmer? Have you been phished? Would you know what a fraudulent auction looks like? Do you put your name on a “stop delivery list” when you travel? Do you know how to update the critical security patches in your computer’s operating system? Do you know if the doctor’s office your child just went to has done background checks on all the employees who handled your and your child’s Social Security number? Most people struggle to answer questions like these.

We live in a technologically dependant time and we rely on all these tools and modes of communication, and most people do not understand the risks. The good news is, I do. And McAfee does. And what we do is keep you informed of your options, so that you know how to protect yourself and your family.

The most important thing you can do right now is not worry about this stuff. But you do need to take some time to educate yourself.

Download McAfee’s eGuide,“What You Need to Know to Avoid Identity Theft.”

Take five minutes to assess your risk of identity theft. Fill out the Identity Theft Risk Assessment Tool to get your “risk profile.”