Posts

Identity Theft — Types, Signs, and Protection for Victims

The internet is an awesome place where you can do things like shop or interact with family and friends you may not see all of the time. For as much fun as it is, though, it can also be quite dangerous.

Identity Theft --- Types, Signs, and Protection for VictimsAccording to the U.S. Federal Trade Commission, in 2020, there were about 2.1 million fraud reports, and many of these were for the purpose of stealing another person’s identity.

Victims of identity fraud may lose a lot of money, and their credit could be damaged for years. They also might have a lot of mental anguish and stress to deal with. There is a threat of identity theft for almost anyone, but if you know how to do your best to avoid it, as well as signs of ID theft, you can help to protect yourself and your family.

The Definition of Identity Theft

Most of us have heard of identity theft, but do you really know the definition? It is when a cybercriminal steals a person’s personal or financial data, generally in order to use the information for financial gain. It means they may try to get information on full names, Social Security numbers, birthdays, address, credit/bank account information, or even driver’s license information. Once they have this information, they can use it to apply for credit cards, open bank accounts, get insurance, or even do things like buy a house or car…all in the name of the victim.

How Does ID Theft Happen?

Before we get into the types of identity theft, it’s important to know how ID theft happens:

  • A Phishing Scam – These days, phishing scams are all over the place, and they often happen via email or websites. Generally, with these scams, a person pretends to be someone you know or trust, such as posing as a customer service worker from your bank, in order to get information and personal data.
  • Data Breaches – Many companies store the information of their customers, including your doctor, your ISP provider, your credit card company, and more. If there is a data breach, criminals will have easy access to this information, and it might even get sold on the dark web.
  • Snooping on Social Media – Criminals often will get information to steal an identity by using social media. Most people, for instance, have their birthday on their Facebook page, and they might even have their home address. That, along with their name, might be all they need to gain access to other accounts. They can also look for things like pet names or kid’s birthdays, as many people use these for passwords or PINs.
  • Hacking – A hacker can easily get into phones, tablets, or computers if they aren’t protected. They use malware and viruses to do this. Having a good antivirus software can help stop this, and it can help to protect your personal information and devices from the bad guys.
  • Theft – Some criminals really go back to basics to steal someone’s identity. They can really just take it. By stealing your wallet, your purse, or even your phone can give them all of the information they need.
  • Dumpster Diving – A criminal might also simply pull your information right out of the trash. If you are throwing away documents that have information such as your name, address, birthday, or other information, a thief can find this right in the garbage. Keep in mind that things like a bank statement or credit card statement can contain your number, and a pay stub may have your Social Security number on it. Always take a couple of minutes to shred any paperwork before you throw it out.

The Five Main Types of ID Theft

 There are a ton of different types of identity theft, but there are five main ones:

Financial ID Theft

 The most common type of identity theft is the financial variety. This is when a scammer uses a victim’s data for financial gain. This type of ID theft may take the following forms:

  • A scammer might use your credit card information to buy things online.
  • A hacker can literally steal money right out of your bank account – they often do this by taking small amounts here and there from unknowing victims. This amount might be so small that you may not even notice it — but when they do this over and over again, they can collect millions.
  • A criminal can open new accounts in your name, too, by simply using your Social Security number and supporting data. For example, a person can open a credit line in your name, and then use all that credit…leaving you with the pay back.

The good news, however, is that it is fairly simple to protect yourself from ID theft by keeping an eye on your bills, your bank account, and credit card statements. If you see something that looks strange, you should immediately notify your bank or credit card company. You should also check your credit report for any changes. A decrease that you were not expecting could mean that there is some type of fraud going on. You can check your credit report in a number of ways, and most credit card providers offer it as a perk for customers.

You can also choose to place a fraud alert on credit reports, so that you can stop anyone from opening any new accounts by using your information. This means that lenders and creditors must take extra steps to verify your identity before they offer a credit increase or loans. A credit freeze might also be a great idea.

Medical ID Theft

Another type of identity theft is medical identity theft. This is when a criminal takes a person’s identity to get health care by posing as the victim. They can use this information to do things like obtain prescription drugs or even get expensive surgery done. This means that you will get the bills for all of this, and it can also negatively affect your health records. This can mean you will have difficulties getting insurance in the future, and it can also mean you won’t get the care you need in a health crisis.

You can help to minimize the risk of medical identity theft by taking the time to review any and all medical claims you might get in the mail. If you see anything that doesn’t look right, such as a prescription you didn’t get, you should immediately contact your doctor’s office and your insurer. You should also contact the U.S. Department of Health and Human Services to make a claim.

Criminal ID Theft

This type of identity theft occurs when a person is arrested for a crime, but then they use the name of someone else. They might be able to do this by using a fake or stolen ID, such as a driver’s license, to show the cops.

This can be a difficult type of ID theft to notice if you are a victim until some type of consequence happens, such as –

  • You get a court summons for a crime you didn’t commit
  • You get a bench warrant for your arrest
  • You get information that someone is performing a background check on you

One of the things that you can do to protect yourself against criminal ID theft is to protect your ID. If your driver’s license or state-ID is stolen or lost, you should immediately report it to law enforcement or the DMV. Also, you should make an effort to limit the type of information you share online.

Synthetic ID Theft

 This is the fastest growing type of ID theft in the US, and it is the practice of people creating a fake ID using the real information of the victim. The bad guys might, for instance, use information such as the Social Security number, birthday, and address of three different people, and then combine this information to create a new ID. They can then use this information to commit fraud.

The most important thing to know about synthetic ID theft is that you may be able to stop it by knowing that it’s happening, and then acting quickly. For instance, if you get a piece of mail that has your address on it, but a different name, or you get a phone call to your number asking for someone you don’t know over and over again, this could be an issue. Again, you should be checking your credit reports for anything strange, which could indicate that there is an issue. An identity monitoring service may also help to catch this type of ID theft.

Child ID Theft

Finally, we have child ID theft. In this case, a scammer steals the information from a child to open a new account or credit line in that child’s name. Then, they can use that information to do things like apply for benefits, get a driver’s license, or even purchase a home. It is easier for a scammer to get away with this than with an adult’s information, as most children don’t have any type of credit nor financial accounts.

A sad fact, here, is that the ID theft of a child is often done by their own family or family friend, as they will have easy access to the child’s information. Most of the time, they can get away with it for years, as a minor typically won’t even realize that they are a victim until they try to do something like take out a student loan for college.

The best way to check on this is to see if your child has any type of credit report with TransUnion, Experian, or Equifax. If they do, look at the report, and then let authorities know if there is anything suspicious. You also might consider placing a freeze on your child’s report to help to minimize any type of fraud from occurring.

Signs that You are a Victim of ID Theft

None of us want to be left in the cold when it comes to ID theft, so by knowing the signs you can use to spot it, you can get ahead of it quickly.

Finally, here are some of the signs you should look for:

  • Fraud alerts from a bank or other financial institution – most banks have some type of security in place to notify them and the customer if there is something weird going on. For instance, if you are in Chicago, and your credit card is used in Tokyo, there could be a big problem.
  • Your credit score changes unexpectedly – A credit score that rises unexpectedly could mean that someone is attempting to extend your credit, and a strong dip in your score might mean that someone is trying to get a loan in your name or there is a bill in your name that has gone to collection.
  • Your financial accounts have changes – It is important to check your bank statements at least every few weeks and look for anything that seems unfamiliar to you. You should also look to see if there are any new credit accounts or lines of credit in your name.
  • You apply for credit, and you are denied – if you have a decent credit score, and you apply for credit, you probably think that you are going to get approved…. if you don’t, you should check your credit report, as someone could be up to something.
  • You get strange phone calls from a collection agency – If you start getting phone calls from a debt collector or collection agency that you don’t owe, there could be an account open in your name that you don’t know about. Check your credit report, immediately.
  • You get mail that is odd – You may also get some mail that is sent to your address that seems strange. This might be medical bills or other bills that you do not recognize.
  • Your tax filing is rejected – Additionally, you may notice that when you try to file your taxes that they are rejected. This could mean that someone has already filed in your name. If this happens to you, contact the IRS immediately.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Medical Identity Theft: 12 Million Patients Breached

Quest Diagnostics is a US-based company that provides medical testing services, and announced that it used third-party billing collection companies that were hit by a severe data breach. In fact, about 11.9 million Quest customers were affected.

The compromised information could include personal data of the patients, including Social Security numbers, as well as medical and financial information. However, laboratory test results aren’t included in the breach.

What Happened?

The AMCA (American Medical Collection Agency) is a billing collection service provider and informed Quest Diagnostics that it had an unauthorized user who gained access to the AMCA system, which contained personal information that AMCA got from a variety of entities, including Quest. AMCA provides its collections services to Optum360, which is a Quest contractor. Both Optum360 and Quest are working with experts to investigate the issue.

The company also noted that it still doesn’t have much information about the data security incident at AMCA, and it doesn’t know for sure what data was compromised. However, the company no longer sends its collection requests to AMCA and won’t do so until the issue is resolved.

Quest filed an SEC filing, which revealed that the attackers gained access to the AMCA system between August 2018 and March 2019.

According to one data breach website, Gemini Advisory analysts first discovered the breach. The analysts noticed a CNP (Card Not Present) database, which had posted for sale on the dark web’s market. It figured out the data could have been stolen through the AMCA online portal. Gemini Advisory attempted to contact AMCA but received no response, so it contacted the US federal law enforcement agency.

A spokesperson for AMCA says that, upon receiving the information that there was a possible data breach from a compliance company that worked with other credit card companies, it conducted an internal investigation and took down its payments page online. The company also said it was investigating the breach with the help of an unnamed third-party forensics company.

The Quest breach targeted primarily financial data with personal information (SSNs). That kind of information is significantly more lucrative than health information, which isn’t really marketable by criminals, at least not yet. The financial information disclosed was comprehensive and included bank accounts and credit card numbers. Therefore, victims could get their identities stolen and have financial transactions completed in their name.

Users of the website or the company need to get a credit freeze and monitor their bank accounts and credit cards for any unusual activity and might want to freeze their credit reports so that no new credit lines can be taken out in their name.

Action needs to be taken now to freeze your information with the credit bureau and warn the credit bureaus that your financial information might have been compromised. Along with such, financial institutions usually have programs available to take corrective action, which can prevent your credit card or account from being used without permission if your account has been compromised.

The issue is that insurance and healthcare information doesn’t have such a centralized process, which makes it extremely tough to prevent the use of this information from someone who doesn’t have permission to use it.

The Cybersecurity evangelist of Thales, Jason Hart, chimed in with the fact that multi-factor encryption and authentication of the collected data might have saved the companies and victims from having problems.

The VP of innovation and global strategy at ForgeRock, Ben Goodman, noted that this is the second known breach for Quest in just three short years. As a public company, it could lead to a variety of serious repercussions with respect to brand reputation, shareholder trust, and stock prices. He also said that the exposed data might result in litigation. When First American Financial Corporation was breached, it took just a few days for the company to get hit with a class-action lawsuit when it exposed 885 million documents full of sensitive information just last week.

The CISO and Senior Director for Shared Assessments, Tom Garrubba, wants to see just how quickly the Office of Civil Rights (an overseer of HIPAA compliance), rushes in to get information about the breach and to determine if any negligence was there and if Quest is to blame (partially or fully).

Through the HIPAA Omnibus Rule, business associates must handle any data with the care provided to covered entities (outsourcers). Those business associates have to provide due diligence to the covered entity.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon.com author, CEO of Safr.Me, and the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Why you want a Copy of your Medical Records

After receiving medical treatment, many people never look over the paperwork (save for bill total) and just shove it into some folder in a file cabinet. But medical identity theft is very much out there; know the signs:12D

  • You’re denied coverage because you allegedly have a condition you were never diagnosed with.
  • A collection agency is hounding you about unpaid medical bills you never had.
  • Your credit report shows medical collection notices.
  • The bill is for treatment you didn’t receive.
  • Your health care provider says you’ve reached your coverage limit.

Thieves steal identities to use the victim’s medical coverage, and this could prove life threatening to the victim depending on the victim’s health status. This is why you should keep records for all medical visits and treatments. Read everything carefully as though you’re searching for mistakes or mis-matched information. Keep records of all associated phone calls and e-mails.

But remember this: You always have a right to all of your records, so don’t let any resistance from the carrier make you give up.

  • If you run into problems getting any records, learn about your state’s health privacy laws.
  • Obtaining copies may require a fee.
  • Request a copy of “accounting of disclosures.” This tells who has ever received copies of your medical records, and when and why.
  • Look for mistakes and request corrections from the provider via certified mail.
  • If someone has stolen your medical identity, the provider may not want to turn over the records to you. Check the provider’s Notice of Privacy Practices and appeal to the contact person listed there.
  • With all that said, you should get the records within 30 days. If not, report this to the U.S. Department of Health and Human Services Office for Civil Rights.

Medical identity theft can result in you not receiving coverage for major treatment. Here are tips from vitals.lifehacker.com for prevention of this crime:

  • Never reveal your Medicare number to anybody in public, even if it’s a person inside a medical clinic lobby approaching you and offering a free service for Medicare users.
  • Never give your Medicare number over the phone. No exceptions, even if the caller is claiming to be from Medicare.
  • Check all medical bills for any odd charges, duplicate charges or errors.
  • If a charge appears unauthorized, promptly report it to the provider. If that doesn’t help, escalate it to Medicare if you’re on Medicare.
  • Contact the Federal Trade Commission if you suspect medical identity theft.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Medical Identity Theft can be deadly

Every time you have a medical procedure done, including routine checkups and treatment for minor issues, paperwork is generated. You should have copies of every single paper. This is one line of defense against medical identity theft.

Review your paperwork thoroughly for unauthorized or duplicate charges, mistakes with diagnoses, dates, names, anything that looks odd. Signs of medical identity theft include:

  • Being billed for treatment or diagnostics you never received.
  • Being told you’ve maxed out your coverage limit when you haven’t.
  • A collection agency claiming you owe a debt that you don’t owe.
  • Being denied coverage for a “pre-existing” condition that you don’t have.
  • Paperwork showing you saw a doctor you never did or were prescribed a drug you never were is a red flag.
  • An e-mail from your provider that requests you reveal sensitive information like your Medicare number is a big red flag. The subject line may be urgent, such as “Your Medical Coverage May Be Terminated.” Never click links inside these e-mails or fill out forms in them; instead contact your provider via phone. However, e-mails like these are scams; the thief knows if he sends 50,000 such e-mails out with his special software, a predictable percentage of recipients will “see” themselves in the message.
  • A one-ring phone call may be a thief who just obtained your medical records to see if your number is legitimate. Never call back.

Be Vigilant

  • If you suspect medical identity theft, keep strict records of all associated correspondence.
  • Immediately obtain all records if you already haven’t, including the “accounting of disclosures”; you have this legal right, even if you get flack from the provider. Contact the provider’s patient representative or ombudsman for assistance.
  • If you spot mistakes, even small, insist they be corrected.

Nevertheless, it’s usually not easy to detect medical ID theft. So let’s look at this in more detail:

  • If a collection agency contacts you, request they provide information immediately; promptly contact your provider and carrier.
  • Examine your credit report to see if it’s plummeted due to unpaid medical bills. The three major credit reporting agencies issue the reports free.
  • If your provider offers online access to your files, sign up for this service, then inspect it for mistakes.
  • Request records of imaging procedures.
  • If no online access is available, have your doctor read the results or send a snail mail copy.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Medical Identity Theft Protection And Prevention

Identity theft can be fatal to the victim — if it’s of the medical kind. Medical ID theft can result in getting the wrong blood type during a transfusion, the wrong diagnosis or the wrong prescription — all because the thief’s medical history gets integrated with the victim’s.

4DI hope you’re scared, because that’s my goal.

Up to 43 percent of ID theft is medical, says the Identity Theft Resource Center. The nonfatal fallout of medical identity theft can be quite dastardly, like the crook using your private data to commit other forms of ID theft.

Prevent Medical ID Theft

  • Always review your medical bills. Is a bill for service your child never received?
  • Never give your health insurance card to anyone for their use.
  • Shred medical documents you no longer need, including prescription information.
  • Every year, examine your credit report from the big three outfits.
  • Give your health insurance card the same protection you’d give a credit card. Contact your insurance company asap if it gets lost. In police reports, include it as a loss if it’s stolen.
  • If news breaks of a data breach involving a company you use, inquire about this.
  • Be especially alert to reviewing documents if you’ve been receiving extensive medical treatment.

Suspicious Activity

  • Call the provider and insurance carrier if you spot an unfamiliar charge on a medical bill.
  • Save all relevant documents and record the names of every person you connect with and the dates.
  • Contact the big three credit reporting agencies.
  • Filing a police report may be necessary.
  • If you’ve already been the victim of medical ID theft, inquire about the accuracy of your records with your provider, and request a copy of the records.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.