At SmartSecurityPeople.com, we enjoy good humor every now and again. Especially given the subject matter that we cover. The following is a video provided by The Onion in association with Google and it is a parody on how to get “off the grid” and protect yourself from identity theft. Enjoy and Happy Holidays to all our readers at SmartSecurityPeople.com.

Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village

Identity thieves are still up to no good and are as mischievous as ever. With the continued successes in technology, identity thieves are finding more clever ways of apprehending your hard earned identity and laying waste to it as they utilize it to secure credit in your name or utilize your existing credit and financial standing to gain access to material goods.

As you know, we at SmartSecurityPeople.com have already researched and identified the origination of identity theft. You also know that a good number of paid services are available from successful companies such as LifeLock, TrustedID and Equifax to help aide you in keeping your credit and identity safe and secure.

The following are some tips recently provide by Equifax to keep us vigilant and aware of new approaches by identity thieves using the latest and greatest technology. Enjoy!

Gadget Grifters:
One of the growing types of identity theft involves stealing information through our electronic gadgets. As society becomes increasingly “wired,” it’s becoming easier to gain access to sensitive personal information on the go.

Criminals can use cell phones and PDAs to their advantage in a number of ways. If you’re not careful when using your credit card, a thief could easily and discreetly take a picture of your card with his camera phone. Similarly, it is important to watch out for peering eyes if using your computer in public. In general, take steps to safeguard your belongings; the more personal information we store on our electronic devices, the more vulnerable we leave ourselves to identity theft if those devices are misplaced or stolen.

The best way to safeguard against these kinds of crimes is to be discreet when paying with a credit card to prevent any unwanted eyes from seeing it. Additionally, make sure you use secure sites on your wireless devices and clear all personal data from them when you’re finished with your transactions. You could also consider utilizing password protection on your phone and laptop.

Tech Tactics
Identity thieves are always developing new ways to obtain sensitive personal information over the Internet. While you may have heard of phishing (fraudulent e-mails disguised as if they were from trusted sources to obtain personal information) and pharming (redirecting Web traffic to fraudulent sites to obtain information), you should also be conscious of IP spoofing.

IP spoofing, or Internet Protocol spoofing, is a technique used to gain unauthorized access to computers by tricking the computer itself into thinking the hacker’s IP is a “safe” one. Once this is accomplished, the hacker could have full access to your computer - without you even knowing. The best way to avoid this sort of fraud is by making sure your computer’s security programs are up-to-date and utilizing the most secure filter, router, or firewall offered.

New Twists on Old Techniques:
Identity thieves have relied on credit card scams for quite a while, but current economic challenges have allowed them to use new, more successful angles to get the information they need. Due to tightened credit, criminals are advertising fraudulent credit offers to victims who may be strapped for cash but aren’t qualified to apply for credit (poor credit score, lacking a SSN).

They can also obtain sensitive personal information by posing as debt consolidation experts or by offering to obtain lower interest rates for the victims. Make sure that all credit interactions you have are with reputable sources. You can always turn to the Better Business Bureau if you are unsure.

We hope you find this information useful. If you would like additional information about identity theft, please don’t hesitate to view our guide on protecting your identity. We also have some great links in the right hand tab under INFORMATION that are great resources as well.

Ashley Johnson, 24, of Memphis TN was recently arrested by local authorities when she attempted to open a Macy’s credit card account using another woman’s identity. This story starts out pretty simple and sounds like a normal case of identity theft, however, the details of how Ashley got to this point are quite amazing.

It all started when Ms. Johnson went dumpster diving back in December of 2008 to try and locate some moving boxes. She did not find any packing boxes in the dumpster behind McAlister’s Deli but what she did find proved to be much more valuable. The deli had recently tossed a stockpile of old applications (some from over 2 years ago) in the garbage and neglected to shred them before doing so. Ms. Johnson found these applications(hundreds of them) and this is where she was able to turn another person’s trash into her own treasure.

Ms. Johnson began applying for credit cards right away using the information from these applications. She was successful in obtaining over 100 credit cards. Once she received the credit cards, she would go on a shopping spree and purchase merchandise from multiple department stores. Once she had the merchandise, she would take it to other stores and receive store credit (gift cards) for the returned items. She would then sell these gift cards to people off the street for half the value. Authorities estimate that she laundered over $60,000 of merchandise in a 5 month period. (WOW! She certainly did not let grass grow under her feet.) Ms. Johnson’s favorite stores for this scheme were JCPenny, Target, and Macy’s. However, in order to keep up with her social network, she managed to get 4 Verizon phone accounts set up under different names as well.

Johnson is charged with identity theft, forgery and theft. She is being held on a $35,000 bond at Shelby County Jail East. There could be more charges in this case. The Shelby County Sheriff’s Office is working with Memphis Police and Bartlett Police. A full press release from the local Sheriff’s office can be found here.

We hope this story helps to educate and enlighten our readers at SmartSecurityPeople.com to always guard your private information. You never know when a “Ms. Johnson” will be dumpster diving in your area!

In 2006, a laptop and external drive was stolen from the home of a Veterans Affairs’ data analyst. This person had taken the computer home without permission. The names, dates of birth, and social security numbers of 26.5 million active duty troops and veterans were housed on the machines.

Fortunately, the FBI later found the equipment, the theives were apprehended, and the VA announced with certainty that the information had not been compromised in anyway. The VA released a statement stating: “We want to assure veterans there is no evidence that the information involved in this incident was used to harm a single veteran.”

As for the settlement… the Department of Veteran Affairs has recently earmarked $20 million dollars to help aide any military personel or veteran that can show that they have been harmed by the data loss. Included in covered costs will be expenses for credit monitoring services (LifeLock & TrustedID) and/or physical manifestations of emotional distress. Estimated individual payments are expected to be about $1500. The agency’s spokesperson, Phil Budhan, states that the funds will come directly from the Treasury and will not deplete any resources used for VA programs.

No formal claim process has been identified by the VA as of the time of this article.  However, if you are a military person or a veteran, it is highly recommended that you contact the Department of Veteran Affairs and see about staking a claim on your fair share of these funds.  If you have recently enlisted the services of a credit monitoring agency or have distress from this data breach, you could qualify.

Since identity theft doesn’t normally occur for years after the data has been breached, at the very least it would probably be wise to sign up for a credit monitoring service and let the Treasury foot the bill for a few years. And of course, you can check out SmartSecurityPeople.com’s top ten ways to keep your identity safe and secure…

With this day and age of technology, you find that more and more consumers are doing their Christmas shopping online. In most cases it is a cheaper and more convenient approach to shopping at the brick and mortar retail stores. An extra bonus is that you can shop online at anytime of the day and you can do it in your jammies.  To give you an idea of the magnitude of online shopping that occurs, Forrester Research projects that U.S. consumers will spend $44 billion dollars online this month and next. WOW!

As you can imagine, all of this online purchasing activity does not go unnoticed. Cyber criminals are out in force and ready to prey upon an unsuspecting online shopper. Most cyber criminals are employing malicious programs that act very similar to a virus. They infect your computer like a virus, however, instead of shutting your computer down or corrupting your hard drive, the program lurks behind the scenes and tries to capture your personal information.  Once it has gathered your bank information, social security numbers, and so on.. it will then send that information back to the cyber criminal and they will use it in ways that are sure to hurt your bank account and/or credit report.

So, what can you do to combat these incredulous cyber criminal tactics?

1. Make sure you have some sort of anti-virus software installed on your computer. Any off- the- shelf program should work fine. You may also want to look into downloading AVG’s free virus software or the free version of Avast. Do a search on google and you will find them.
2. Be wary of the sites you are visiting. If it is a site that you have not used before and you question it’s legitimacy, then you may want to steer clear.
3. Stay vigilant even when you are visiting known sites. Unbeknown to them, they may get compromised and in turn compromise your information or data.
4. Never click on any links that are emailed to you (unless you know it to be a secure source) Always go directly to the website that the links imply that they will be taking you to.
5. Make sure your web browsers and plug-ins are up-to-date. Usually you can click on the help button in your browser and it will have a “check for updates” tab

Hopefully this list helps our readers at SmartSecurityPeople.com to become less susceptible to cyber criminals during the holiday season. If you have any other suggestions for our readers, please feel free to share below in comments.

A brother and sister duo (Melissa and Marvin Heggie) from Raleigh managed to defraud JPMorgan of $340,000 in student loans and never had to step foot on a campus or register for a course. You wonder how this can be done given the strict criteria that eduction lenders are adhering to when processing and approving student loans.

The student loan program provided by JPMorgan /Chase allows a student to apply for a private student loan and does not require certification from a school to prove that the student is actually in attendance. Once the loan is approved, the disbursement check goes directly to the student and the school is not involved. Sounds like a great unsecured loan option huh? The Heggie’s thought so. However, they never planned on paying it back.

The Heggies duped 14 other people to give them their social security numbers along with other private identifying information (They made promises of quick cash for the participants.) They then utilized the information to complete bogus student loan applications with a pre-established address set up by the Heggie’s. When the loan was approved and a check sent, the Heggie’s would meet up with the applicant and they would all cash the check together. Each person got their pre-determined amount and parted ways. Apparently the Heggie’s did this for almost a year before getting getting caught.

There are multiple learning points that can be had from this story:

1. Never ever give anyone your social security number or other personal identification information.
2. Always check your credit report to make sure no one is using your information inappropriately. (Check out our guide to protecting your identity)
3. If it sounds to good to be true, then it probably is.
4. If you need approved for a good education loan, it appears that JPMorgan/Chase could be the bank for you. Obviously, they do not overly screen/qualify their applicants.

Hope this story helps our readers at SmartSecurityPeople.com. Has anyone ever experienced a similar loan scam not in the educational sector? If so , please feel free to share below in comments. The more we know what to look out for, the better for all of us.

Texas A & M Univeristy, Corpus Christi recently revealed that they incurred another data breach.  This is the fourth data breach that they have experienced in the past 2 years. Apparently an admission document was left on an old server and it had 1,440 names of applicants along with their social security numbers. The University states that only 50 of these applicants matriculated into being full fledged students. Does this mean that the other 1,390 people don’t count because they chose to go to school elsewhere? My guess is that they isolated the 50 student records to see what kind of backlash they could be exposed to by violating FERPA (Family Educational Rights and Privacy Act).

Regardless, 4 security breaches in 2 years does show great concern for any current or potential student that may be thinking about attending Texas A&M. The best marketing plan Texas A&M can do now is provide free identity theft protection to all incoming students as an incentive to ensure that they will be safe from future data breaches.

What do you think about an organization that has this many data breaches?  Should someone lose their job for what could have been a simple oversight? Would you be concerned about identity theft if you were a student at this University?

Over a year ago, the Federal Trade Commission produced the Fair & Accurate  Credit Transaction Act (FACTA). It is also commonly referred to as the Red Flag Rules. As of November 1st 2008, every business that extends credit on an account, pulls consumer reports (credit bureaus), enables background checks for employment, or maintains a “covered account” is required to adhere to this new regulation. In general, this regulation was put into place to protect consumers from identity theft.

Since the inception of the Gramm Leach Bliley act by the FTC, most businesses have already started to incorporate some sort of privacy policies and safety and security measures with their customer’s data.  However, identity theft was never really the focus of the GLB act and as identity theft occurrences have grown the FTC recognized the need to address the issue. The Red Flag Rules require organizations to be fully compliant as of November 1st but the FTC has stated that they will not begin enforcement for another 6 months. This came as a great relief for many organizations (especially colleges and universities) that only recently found out that they are required to comply.

So what does this mean for consumers? Hopefully your identity will be better protected in the coming months by the organizations that you do your business with.

What does all this mean for businesses? If you are already in compliance, then you should be in good shape and have nothing to worry about. If you are not in compliance, you will need to draft a Red Flag Policy right away and become compliant before the FTC begins enforcement. The FTC also recently stated that they will not initiate any audits to verify that businesses are complying with FACTA. However, they will follow up on consumer complaints and if you are found in violation, the fines will commence. Here is a sample Red Flag Policy that is more municipality focused but hopefully it can give your business a jump start on drafting your own policy for implementation and compliance.

I believe this to be a great move by the FTC to help with identity theft issues. By no means will it eliminate identity theft but it is certainly a great start.

As consumers, have you recognized any businesses that are already putting measures into place to comply with this policy? Have you had experiences with businesses that are being grossly neglectful with your data and putting your identity at risk and need to be reported to the FTC?

If you are keeping up with the political debates, you will see that Russia briefly came under fire most recently and talk of a potential cold war could become a reality. Quite scary to think that our relationship with Russia could revert back to a pre-Reagan era.  So.. back to the topic at hand. Why blame Russia for identity theft? Our society is quick to blame Russia (or any other country for that matter) for the problems of the world but in this instance we have historical proof.

Upon the death of Ivan the Terrible, three imposters all claimed to be the rightful heir to the Russian throne. These men, known as the three Dimitris, went to great lengths to usurp the power and riches that came with assuming a royal identity. This was 400 years ago, and identity theft was already a profitable trade. Back then such a scheme required years of deceitful effort, stores of charisma, and the ability to live every day as a fraud.

In today’s electronic world, however, a fraud need not don the clothes of his mark. An identity can be stolen with nothing more than a stolen string of numbers and malicious intent. With a few pieces of personal identifying information, an identity thief can easily secure an account in someone else’s name. This information can be obtained from a variety of sources, including stolen mail, computer hacking, fraudulent address changes and other nefarious schemes.

My assumption is that identity theft probably occurred long before the days of Ivan the Terrible.  So, we really shouldn’t blame the Russians. However, it does give you a good idea of how identity theft has adapted over the years.

Smart Security People recognizes that Identity Theft is a growing trend in our nation and around the world. That is why we are pleased to provide you with the top ten most effective methods to protect your identity from unscrupulous characters.

1. Move to the Ozarks! - not really.. The upstanding citizens living in the Ozark Mountains are just as much at risk for identity theft as someone living in New York city. What they have going for them though is that they are “off the grid”. Living in a remote area of the country with little to no access to technological advances certainly makes it harder for someone to have their identity stolen. Statistics actually show that North Dakota is the best place to live and avoid identity theft. If you are curious as to how your state ranks, give this map a whirl.
2. Get Your Free Credit Reports Now! - Seriously.. right now!!  However, please don’t go to freecreditreports.com. The service that they provide is far from free. You need to go to annualcreditreport.com This site is maintained by the FTC (Federal Trade Commission) and it allows you to get a free credit report from each of the three credit bureaus (Experian, Equifax, Trans Union) every 12 months. What you want to do is get your free credit reports but spread them out throughout the year so that you always have a good snapshot of what is going on with your credit file. For example, get the free credit report from Experian in April, Trans Union in August, and Equifax in December.
3. Pay in Cash! - This is a really antiquated approach to protecting your identity and Smart Security People only recommends this tactic if you are truly worried about the security and safety of your identity. Did you know that every time you pay someone with a check you give them everything they need to know to steal your identity? Each paper check you write has your bank routing number, your bank account number, the check number (lets identity thieves know how established your account is), and usually your address (with phone number). That is why Smart Security People recommends that you…#4
4. Use A Credit Card - Did you know that when you use your debit card, you are giving everyone direct access to your checking account? When you use a credit card, you are giving everyone access to your credit account which carries fraud protection and allows you to dispute and not pay for charges that you did not authorize. If someone fraudulently uses your debit card account, you can still dispute the charges with the bank but it can take weeks for them to research your account before replacing your money. Pay with credit card and make one transaction out of your checking each month to pay it off.
5. Never Mail Anything From Your Home - Identity thieves love to go through your mail. They especially like to snag your outgoing mail which may include private information from credit card applications or checks that you are paying your mortgage and utilities with. They drive around neighborhoods and see the little red flags popped up on your mailboxes and think it is Christmas time. To combat this, you should always drop your outgoing mail in one of those blue R2D2 shaped USPS receptacles on the corners that you pass while going to or from work. If your financial institution offers a free bill pay service, you may want to enroll in this. It will keep less of your paper checks from circulating through the mail system.
6. Bring In The Experts - If you find that your schedule is hectic and you have very little to no time to dedicate to the protection of your identity, then you will want to sign up with someone that does have time and can help you. Two top ranked companies that provide this type of service are LifeLock and TrustedID. These companies can keep a close watch on your identity and alert you immediately when someone attempts to apply for credit using your good name.
7. Don’t Go Phishing! - More importantly though, don’t be a target of phishing. By now everyone has already gotten the “Your PayPal Account is under review for suspicious transactions, please log in to confirm the status of your account”.  PayPal is a popular target for phishing but it is not uncommon to get similar phishing emails under another bank name. The emails are coming from people that have set up databases in third world countries and are hoping that you will click on the link in their email and supply them with your user name and password. Fortunately, if you quickly realize that your account has been compromised, you can change that information before they have a chance to sell it out on the identity theft black market.  If you don’t remember anything else about phishing scams or questionable emails, please remember these 2 things. DO NOT CLICK ON ANY OF THE SUPPLIED LINKS IN THE EMAIL & ALWAYS OPEN UP A NEW BROWSER WINDOW AND LOG INTO THE ACCOUNT IN QUESTION USING YOUR OWN BOOKMARKS OR BY TYPING THE WEB ADDRESS.
8. Log out. Log Out. Log Out - Computer labs are a pretty common occurrence now-a-days. You can find them at cyber cafes, public libraries, college campuses, airport terminals, etc… If you ever find yourself using one of these(which we hope you don’t!), please make sure that you log out of any accounts that you were accessing during your session. A lot of web browsers remember your data and unless you hit the LOGOUT button, your account will remain open and accessible just by someone hitting the BACK BUTTON on the web browser.
9. Invest In A Shredder!  - Dumpster Diving has taken on new form. It used to be that people would lurk through the trash of others to try and find something of value. What is the old adage “One man’s trash is another man’s treasure”? That same saying still rings true. However, the dumpster divers of today are looking for a different kind of treasure. They are looking for your personal and private information. Anything you throw away that contains this type of information should be shredded first. Ideally you want a cross-cut shredder for the best impact but any shredder will do. Even just ripping stuff in half or quarters would be better than throwing whole documents away.
10. Be Aware Of Your Financial Activities - Keep track of your bank and credit card statements. You should know when these come to you each month. If for some reason you stop getting these, it is possible that your account has been taken over and diverted to go somewhere else. When you do get your statements, take a few moments to quickly look over the transactions and make sure that everything is as it should be. If you keep your receipts you should be able to do a quick reconciliation to confirm each transaction.

Smart Security People understands that there are more than ten approaches to helping protect your identity. However, we have come up with this list to help jumpstart your path to maintaining your identity as your own. If you have any other suggestions to share with our readers, please feel free to share. The more we know, the better prepared we will all be.