At SmartSecurityPeople.com, we enjoy good humor every now and again. Especially given the subject matter that we cover. The following is a video provided by The Onion in association with Google and it is a parody on how to get “off the grid” and protect yourself from identity theft. Enjoy and Happy Holidays to all our readers at SmartSecurityPeople.com.
Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village
Identity thieves are still up to no good and are as mischievous as ever. With the continued successes in technology, identity thieves are finding more clever ways of apprehending your hard earned identity and laying waste to it as they utilize it to secure credit in your name or utilize your existing credit and financial standing to gain access to material goods.
As you know, we at SmartSecurityPeople.com have already researched and identified the origination of identity theft. You also know that a good number of paid services are available from successful companies such as LifeLock, TrustedID and Equifax to help aide you in keeping your credit and identity safe and secure.
The following are some tips recently provide by Equifax to keep us vigilant and aware of new approaches by identity thieves using the latest and greatest technology. Enjoy!
Gadget Grifters:
One of the growing types of identity theft involves stealing information through our electronic gadgets. As society becomes increasingly “wired,” it’s becoming easier to gain access to sensitive personal information on the go.Criminals can use cell phones and PDAs to their advantage in a number of ways. If you’re not careful when using your credit card, a thief could easily and discreetly take a picture of your card with his camera phone. Similarly, it is important to watch out for peering eyes if using your computer in public. In general, take steps to safeguard your belongings; the more personal information we store on our electronic devices, the more vulnerable we leave ourselves to identity theft if those devices are misplaced or stolen.
The best way to safeguard against these kinds of crimes is to be discreet when paying with a credit card to prevent any unwanted eyes from seeing it. Additionally, make sure you use secure sites on your wireless devices and clear all personal data from them when you’re finished with your transactions. You could also consider utilizing password protection on your phone and laptop.
Tech Tactics
Identity thieves are always developing new ways to obtain sensitive personal information over the Internet. While you may have heard of phishing (fraudulent e-mails disguised as if they were from trusted sources to obtain personal information) and pharming (redirecting Web traffic to fraudulent sites to obtain information), you should also be conscious of IP spoofing.IP spoofing, or Internet Protocol spoofing, is a technique used to gain unauthorized access to computers by tricking the computer itself into thinking the hacker’s IP is a “safe” one. Once this is accomplished, the hacker could have full access to your computer - without you even knowing. The best way to avoid this sort of fraud is by making sure your computer’s security programs are up-to-date and utilizing the most secure filter, router, or firewall offered.
New Twists on Old Techniques:
Identity thieves have relied on credit card scams for quite a while, but current economic challenges have allowed them to use new, more successful angles to get the information they need. Due to tightened credit, criminals are advertising fraudulent credit offers to victims who may be strapped for cash but aren’t qualified to apply for credit (poor credit score, lacking a SSN).They can also obtain sensitive personal information by posing as debt consolidation experts or by offering to obtain lower interest rates for the victims. Make sure that all credit interactions you have are with reputable sources. You can always turn to the Better Business Bureau if you are unsure.
We hope you find this information useful. If you would like additional information about identity theft, please don’t hesitate to view our guide on protecting your identity. We also have some great links in the right hand tab under INFORMATION that are great resources as well.
Ashley Johnson, 24, of Memphis TN was recently arrested by local authorities when she attempted to open a Macy’s credit card account using another woman’s identity. This story starts out pretty simple and sounds like a normal case of identity theft, however, the details of how Ashley got to this point are quite amazing.
It all started when Ms. Johnson went dumpster diving back in December of 2008 to try and locate some moving boxes. She did not find any packing boxes in the dumpster behind McAlister’s Deli but what she did find proved to be much more valuable. The deli had recently tossed a stockpile of old applications (some from over 2 years ago) in the garbage and neglected to shred them before doing so. Ms. Johnson found these applications(hundreds of them) and this is where she was able to turn another person’s trash into her own treasure.
Ms. Johnson began applying for credit cards right away using the information from these applications. She was successful in obtaining over 100 credit cards. Once she received the credit cards, she would go on a shopping spree and purchase merchandise from multiple department stores. Once she had the merchandise, she would take it to other stores and receive store credit (gift cards) for the returned items. She would then sell these gift cards to people off the street for half the value. Authorities estimate that she laundered over $60,000 of merchandise in a 5 month period. (WOW! She certainly did not let grass grow under her feet.) Ms. Johnson’s favorite stores for this scheme were JCPenny, Target, and Macy’s. However, in order to keep up with her social network, she managed to get 4 Verizon phone accounts set up under different names as well.
Johnson is charged with identity theft, forgery and theft. She is being held on a $35,000 bond at Shelby County Jail East. There could be more charges in this case. The Shelby County Sheriff’s Office is working with Memphis Police and Bartlett Police. A full press release from the local Sheriff’s office can be found here.
We hope this story helps to educate and enlighten our readers at SmartSecurityPeople.com to always guard your private information. You never know when a “Ms. Johnson” will be dumpster diving in your area!
Officials at the University of Florida just recently announced that an unauthorized intruder gained access to a computer system containing files for over 97,000 people. The files were housing private information (Names & Social Security Numbers) for Faculty, Staff, and Students that had access to the University’s “GROVE” system from 1996 to 2009. The breach was discovered on January 14th during a systems review.
The University states that the “GROVE” system was originally created to provide an online location for faculty to host course materials and class information, and it supported one of the few free email services available to those on campus. Users were required to identify themselves to the database by using their University ID number, which in most cases was the social security number. (Side Note: Most Universities have now gone to great lengths to remove a student’s social security number as the generic identifier for the student. Students are now assigned a system generated ID number that is not related to the social security number.)
The University is now in the process of notifying the 97,000 people impacted by this data breach. They don’t believe that that intruder obtained any of the confidential information but the University urges anyone who believes to have had information housed on this system to take proper precautions.The University has established a toll-free hotline and encourages concerned individuals to drop them a line at (877) 657-9133
Unfortunately, data breaches are not new news for the University of Florida. Back in November of 2008, its College of Dentistry released information stating that the personal information for over 330,000 dental patients were exposed and available to a hacker. Apparently the hacker had gained access to the College’s server and unleashed a program that discretely disseminates information past the University’s firewalls.
University of Florida Facts:
In 2006, a laptop and external drive was stolen from the home of a Veterans Affairs’ data analyst. This person had taken the computer home without permission. The names, dates of birth, and social security numbers of 26.5 million active duty troops and veterans were housed on the machines.
Fortunately, the FBI later found the equipment, the theives were apprehended, and the VA announced with certainty that the information had not been compromised in anyway. The VA released a statement stating: “We want to assure veterans there is no evidence that the information involved in this incident was used to harm a single veteran.”
As for the settlement… the Department of Veteran Affairs has recently earmarked $20 million dollars to help aide any military personel or veteran that can show that they have been harmed by the data loss. Included in covered costs will be expenses for credit monitoring services (LifeLock & TrustedID) and/or physical manifestations of emotional distress. Estimated individual payments are expected to be about $1500. The agency’s spokesperson, Phil Budhan, states that the funds will come directly from the Treasury and will not deplete any resources used for VA programs.
No formal claim process has been identified by the VA as of the time of this article. However, if you are a military person or a veteran, it is highly recommended that you contact the Department of Veteran Affairs and see about staking a claim on your fair share of these funds. If you have recently enlisted the services of a credit monitoring agency or have distress from this data breach, you could qualify.
Since identity theft doesn’t normally occur for years after the data has been breached, at the very least it would probably be wise to sign up for a credit monitoring service and let the Treasury foot the bill for a few years. And of course, you can check out SmartSecurityPeople.com’s top ten ways to keep your identity safe and secure…
With this day and age of technology, you find that more and more consumers are doing their Christmas shopping online. In most cases it is a cheaper and more convenient approach to shopping at the brick and mortar retail stores. An extra bonus is that you can shop online at anytime of the day and you can do it in your jammies. To give you an idea of the magnitude of online shopping that occurs, Forrester Research projects that U.S. consumers will spend $44 billion dollars online this month and next. WOW!
As you can imagine, all of this online purchasing activity does not go unnoticed. Cyber criminals are out in force and ready to prey upon an unsuspecting online shopper. Most cyber criminals are employing malicious programs that act very similar to a virus. They infect your computer like a virus, however, instead of shutting your computer down or corrupting your hard drive, the program lurks behind the scenes and tries to capture your personal information. Once it has gathered your bank information, social security numbers, and so on.. it will then send that information back to the cyber criminal and they will use it in ways that are sure to hurt your bank account and/or credit report.
So, what can you do to combat these incredulous cyber criminal tactics?
Hopefully this list helps our readers at SmartSecurityPeople.com to become less susceptible to cyber criminals during the holiday season. If you have any other suggestions for our readers, please feel free to share below in comments.
A brother and sister duo (Melissa and Marvin Heggie) from Raleigh managed to defraud JPMorgan of $340,000 in student loans and never had to step foot on a campus or register for a course. You wonder how this can be done given the strict criteria that eduction lenders are adhering to when processing and approving student loans.
The student loan program provided by JPMorgan /Chase allows a student to apply for a private student loan and does not require certification from a school to prove that the student is actually in attendance. Once the loan is approved, the disbursement check goes directly to the student and the school is not involved. Sounds like a great unsecured loan option huh? The Heggie’s thought so. However, they never planned on paying it back.
The Heggies duped 14 other people to give them their social security numbers along with other private identifying information (They made promises of quick cash for the participants.) They then utilized the information to complete bogus student loan applications with a pre-established address set up by the Heggie’s. When the loan was approved and a check sent, the Heggie’s would meet up with the applicant and they would all cash the check together. Each person got their pre-determined amount and parted ways. Apparently the Heggie’s did this for almost a year before getting getting caught.
There are multiple learning points that can be had from this story:
Hope this story helps our readers at SmartSecurityPeople.com. Has anyone ever experienced a similar loan scam not in the educational sector? If so , please feel free to share below in comments. The more we know what to look out for, the better for all of us.
Texas A & M Univeristy, Corpus Christi recently revealed that they incurred another data breach. This is the fourth data breach that they have experienced in the past 2 years. Apparently an admission document was left on an old server and it had 1,440 names of applicants along with their social security numbers. The University states that only 50 of these applicants matriculated into being full fledged students. Does this mean that the other 1,390 people don’t count because they chose to go to school elsewhere? My guess is that they isolated the 50 student records to see what kind of backlash they could be exposed to by violating FERPA (Family Educational Rights and Privacy Act).
Regardless, 4 security breaches in 2 years does show great concern for any current or potential student that may be thinking about attending Texas A&M. The best marketing plan Texas A&M can do now is provide free identity theft protection to all incoming students as an incentive to ensure that they will be safe from future data breaches.
What do you think about an organization that has this many data breaches? Should someone lose their job for what could have been a simple oversight? Would you be concerned about identity theft if you were a student at this University?
Over a year ago, the Federal Trade Commission produced the Fair & Accurate Credit Transaction Act (FACTA). It is also commonly referred to as the Red Flag Rules. As of November 1st 2008, every business that extends credit on an account, pulls consumer reports (credit bureaus), enables background checks for employment, or maintains a “covered account” is required to adhere to this new regulation. In general, this regulation was put into place to protect consumers from identity theft.
Since the inception of the Gramm Leach Bliley act by the FTC, most businesses have already started to incorporate some sort of privacy policies and safety and security measures with their customer’s data. However, identity theft was never really the focus of the GLB act and as identity theft occurrences have grown the FTC recognized the need to address the issue. The Red Flag Rules require organizations to be fully compliant as of November 1st but the FTC has stated that they will not begin enforcement for another 6 months. This came as a great relief for many organizations (especially colleges and universities) that only recently found out that they are required to comply.
So what does this mean for consumers? Hopefully your identity will be better protected in the coming months by the organizations that you do your business with.
What does all this mean for businesses? If you are already in compliance, then you should be in good shape and have nothing to worry about. If you are not in compliance, you will need to draft a Red Flag Policy right away and become compliant before the FTC begins enforcement. The FTC also recently stated that they will not initiate any audits to verify that businesses are complying with FACTA. However, they will follow up on consumer complaints and if you are found in violation, the fines will commence. Here is a sample Red Flag Policy that is more municipality focused but hopefully it can give your business a jump start on drafting your own policy for implementation and compliance.
I believe this to be a great move by the FTC to help with identity theft issues. By no means will it eliminate identity theft but it is certainly a great start.
As consumers, have you recognized any businesses that are already putting measures into place to comply with this policy? Have you had experiences with businesses that are being grossly neglectful with your data and putting your identity at risk and need to be reported to the FTC?
If you are keeping up with the political debates, you will see that Russia briefly came under fire most recently and talk of a potential cold war could become a reality. Quite scary to think that our relationship with Russia could revert back to a pre-Reagan era. So.. back to the topic at hand. Why blame Russia for identity theft? Our society is quick to blame Russia (or any other country for that matter) for the problems of the world but in this instance we have historical proof.
Upon the death of Ivan the Terrible, three imposters all claimed to be the rightful heir to the Russian throne. These men, known as the three Dimitris, went to great lengths to usurp the power and riches that came with assuming a royal identity. This was 400 years ago, and identity theft was already a profitable trade. Back then such a scheme required years of deceitful effort, stores of charisma, and the ability to live every day as a fraud.
In today’s electronic world, however, a fraud need not don the clothes of his mark. An identity can be stolen with nothing more than a stolen string of numbers and malicious intent. With a few pieces of personal identifying information, an identity thief can easily secure an account in someone else’s name. This information can be obtained from a variety of sources, including stolen mail, computer hacking, fraudulent address changes and other nefarious schemes.
My assumption is that identity theft probably occurred long before the days of Ivan the Terrible. So, we really shouldn’t blame the Russians. However, it does give you a good idea of how identity theft has adapted over the years.
© 2008-2010 smartsecuritypeople.com. Powered by Wordpress.
2071 N. Bechtle Ave, Suite 117 Springfield, OH 45504 (937) 969-4530
