All posts by admin

Jim is the Founder of Identity Theft Wall.

Data Breaches: Will You Stop Using Plastic?

Data breaches have been big news recently.  However, even with some heightened concern about security, it doesn’t appear that many consumers are doing much to change their habits, and they are unlikely to stop using plastic.

According to a poll reported by Daily Finance, it appears that only 37 percent of consumers are increasing their use of cash to protect themselves from the identity theft that can come as the result of a data breach.

credit card information

More people seem to be worried about purchases made online, or made with a cell phone — in spite of the fact that, initially, the Target data breach was only supposed to have affected in-store shoppers.

Why Consumers Still Use Plastic

The only way to completely protect yourself from these types of data breaches is to stop using your credit cards and debit cards. Many consumers, though, don’t want to deal with the inconvenience that often accompanies using cash.

It’s much easier to just carry a thin piece of plastic, rather than a wad of cash. I know that I wouldn’t want to carry around a thick stack of cash. Swiping the plastic is so much more convenient. It’s faster, it’s easier, and you don’t often have to worry about getting caught without enough.

On top of that, even with the data security breaches, plastic is actually more secure than cash. Think about it: If someone steals your credit card or debit card, you can usually get the money back. Fraudulent transactions come with protection. Even though you might not get quite the same protection with debit cards as you would with a credit card, the reality is that you are still protected. As long as you can prove fraud, that money will be returned to you eventually.

With cash, the money is gone. There is no way to track that. If someone steals your wallet and takes the cash, you’re never getting that back. You’re better off having someone make a fraudulent purchase of $100 with a credit card than you are with someone taking $100 from your purse. When you consider this, it doesn’t make sense to stop using plastic.

Using a credit card instead of a debit card offers another layer of protection, since the money isn’t even taken out of your bank account. With a fraudulent debit transaction, you actually lose the money until the bank returns it. With a credit card, you don’t even have to risk your own money.

More Troubling: Few Consumers Checking Their Credit Reports

It’s not all that troubling (and not very surprising) that consumers aren’t making huge strides stop using plastic in the wake of these data security breaches.

What’s worse is the fact that many consumers aren’t taking any steps to protect themselves at all. Only 41 percent have checked their credit reports, according to the Daily Finance article. In spite of the fact that Target is offering credit monitoring services, and it’s fairly easy to use AnnualCreditReport.com and other credit monitoring tools to stay on top of the situation, most Americans are changing anything.

Also problematic is that Daily Finance reports even fewer consumers have changed their passwords at compromised retailer sites, and that they haven’t requested new debit or credit card numbers. Years ago, when the PlayStation Network data breach compromised my credit card information, I called my issuer and immediate got a new number and a new card. It took no more than 10 minutes and was free.

Change Your Behaviors

No, you don’t have to convert to cash in order to protect yourself from identity fraud. However, you do need to make some changes to your behaviors in light of the recent data breaches. For the most part, these changes amount to paying better attention. Here are some things to do:

  • Carefully review transactions on your statements, looking for fraudulent charges.
  • Check your credit report regularly.
  • Notify card issuers and credit bureaus immediately if your information is compromised.
  • Use different username/password combinations for different sites.
  • Change your passwords on occasion.

Just paying attention to what’s happening can help you combat identity theft. It doesn’t have to take a lot of your time. If you are truly concerned about the time investment, you can consider signing up for credit monitoring so that you don’t always have to be on your toes.

Whatever you decide to do, though, it’s important to be aware, and to take steps to do what you can to protect yourself.

Watch Out for Tax Time Identity Theft

Now that April 15 is fast approaching, you probably have a lot on your mind. One of the things probably not on your mind during tax time is identity theft. This makes sense in a lot of ways; after all, what kind of mischief can fraudsters make in terms of your tax return?

Unfortunately, the reality is that tax time is a prime time for identity theft. If you aren’t careful, you could hand your vital personal information over to a scammer. On top of that, you might find that ID theft has resulted in someone else claiming your tax refund.

Image source: Philip Taylor via Flickr
Image source: Philip Taylor via Flickr

Tax Preparer Fraud

One of the things that you have to be on the watch for is tax preparer fraud. In these cases, a shady tax preparer promises you a bigger refund. Unfortunately, the methods used to obtain the bigger refund might not be IRS-approved.

A tax preparer might inflate your deductions, or misrepresent your income as lower than it actually is. In some cases, shady tax preparers claim credits that you aren’t entitled to. When the paperwork is done, the preparer shows you how big your refund is, and you are thrilled.

Unfortunately, if the IRS catches out the return, you will be on the hook for the penalties and interest. Plus, an accountant shady enough to resort to these tricks to inflate your refund isn’t likely to represent you to the IRS. You’ll be on your own.

Be especially wary of accountants that offer to prepare your return for “free” in return for a percentage of the refund. You’ll be charged up front, based on the amount you are shown. If you pay based on that wrong information, you will be out even more when the IRS rejects your paperwork.

On top of this, some fraudulent preparers will steal your personal information.

Scams to Get Your Personal Information

Some tax time identity theft scams go beyond just trying to get you to pay a little extra. There are tax preparers that are outright scammers. They tell you they are preparing your return, but really they want your information.

Your tax return is a huge source of sensitive personal information. Your name, address, Social Security number, and other information is shared on the form. If you want to receive your refund via direct deposit, even your bank account and routing information is included.

All a fraudster has to do is get the information for the tax form and then take off with your identity. Your return might not even get filed in this case, and then you’re on the hook for a failure to file on top of everything else. Watch out for tax preparers that approach you at community events, or that are willing to come to your home. Be sure to vet an accountant or tax preparer before entrusting him or her with your most personal information. Otherwise, you could find yourself a victim of identity theft.

How Safe is Your Tax Refund?

Another tax time identity theft scam that might impact you is refund fraud. With this type of identity fraud, the scammer uses your Social Security number and name to claim a refund. He or she simply fills out the Form 1040 using your information, and has the refund sent to his or her address.

When you file your own taxes — legitimately — you end up having your return rejected. The IRS thinks that you have already filed and received your refund. When you find that someone has claimed credits and a refund in your name, you need to act fast. You will need to prove your identity and file a Form 14039. Make sure you do it as quickly as possible.

A Note on Tax Time Phishing

Finally, be aware that phishing is a common way for identity fraudsters to try and get personal information. You’ll receive a scary-sounding email that says that there’s something wrong with your refund, or that you owe taxes and are facing jail time. You’ll be asked to click on a link and provide personal information an ID thief can use.

Realize that the IRS won’t ask for this information via email. If you are to receive an official communication of this nature, it will be via snail mail.

Be on your guard. Tax time identity theft is a very real threat to your finances.

5 Things To Do If You’re a Victim of a Data Security Breach

Recent months have been full of news of data security breaches. The recent spate of security breaches started with Target, but there have been other incidents in recent weeks, including hobby chain Michaels and the upscale retailer Neiman Marcus.

The worst part about these data security breaches is the fact that there isn’t a whole lot you can do — unless you completely stop using your credit cards and debit cards, and you stop shopping online. Even being on a mailing list can result in identity fraudsters getting a hold of your name and address, and then using that information to attempt to steal your identity.

Data Security Breach

Officials are ramping up efforts to force retailers to let consumers know about these data security breaches in a timely manner, so there is a good chance that you will be notified when your information is exposed.

Once you understand that there is a data breach compromising your information, it’s time to take action. Here are 5 things to do if you are a victim of a data security breach:

1. Check Your Statements

You should be checking your statements regularly any way, but it’s especially important after a data security breach. Keep an eye on purchases, and make sure that there are no unexpected transactions.

If you don’t want to wait for your statement, go ahead and log on to your online account management to keep up with new transactions. The faster you identify fraudulent charges, the faster you can move on to step two.

2. Report Fraudulent Transactions

When you notice transactions that shouldn’t be there, you need to report them ASAP. Realize that your $0 fraud liability might be different with a debit card than with a credit card. Your reporting window might be smaller with a debit card, so you really need to be on top of it.

The faster you report fraudulent transactions, the sooner you can get things cleared up, and get your money back.

3. Get a New Account Number

If you’ve been a victim of identity fraud, it’s time to get a new account number so that the transactions can stop. Most issuers will give you a new account number — and a card to go with it free of charge — as soon as you report a fraudulent transaction.

Even if you haven’t noticed fraudulent activity on your card, it might be worth it to get a new account number anyway if you have been involved in a security breach. Sometimes, fraudsters will wait a few months before using the information obtained. It’s better to just get a new account number now, rather than be forced into it later. Getting it over with can be one way to proactively avoid problems later.

4. Check Your Credit Report

In some data security breaches, card information isn’t taken. Instead, information that can be used to open new accounts is taken. This means that you need to check your credit report to find out if someone has been opening fraudulent credit accounts in your name.

You can check your credit report from each bureau for free once a year with the help of AnnualCreditReport.com.  It’s also possible to pay for your credit report from the bureaus. All of them offer three-in-one products that can allow you to look at everything all at once.

You should dispute any fraudulent accounts immediately so that they can be removed from your report. If you are really concerned, you can also place a freeze on your credit report in order avoid more accounts being opened without your consent.

5. Sign Up for Credit Monitoring

Target is offering free credit monitoring for a year following its data breach. If this is offered to you, it makes sense to accept. You will receive alerts when something new happens with your credit, so you can take care of it quickly.

Even if you aren’t offered free credit monitoring, it might make sense to sign up for credit monitoring services. While you can monitor your own credit without the help of these services, the reality is that you are likely to forget. Signing up for a service can provide you with peace of mind, without the need for you to constantly check your situation.

Is your child a victim of identity theft?

Credit: Vince Alongi
Credit: Vince Alongi
If you’ve ever been a victim of identity theft, you know how much of a pain it can be to fix. The longer it goes on, the harder it is to unwind all the problems a thief has created.

It’s probably why you monitor your credit report every few months.

But if you have kids, you might not think to monitor their credit reports too. It seems silly, since they should have no credit, but child identity theft is a huge problem. It’s reported that 5% of the identity theft complaints to the Federal Trade Commission were from minors under the age of 18. It’s becoming a go-to for identity thieves because parents don’t think to check their kids’ credit reports on a regular basis.

Many people discover identity theft because they apply for something, like a credit card or a loan, and discover something is amiss. Maybe it’s a recent credit card application they don’t remember or a missed bill they don’t have. Kids don’t apply for loans or credit cards. In fact, they’re underage, so they can’t even apply for those things because minors can’t enter into contracts (you would have to co-sign!).

This is why thieves are turning towards kids. It’s an easy target.

Since your child won’t be applying for anything, most warning signs will come from the government. If your child should receive government benefits of some kind but the agency reports that the benefits have already been paid, someone might be stealing your childs’ checks. That’s a subtle warning sign that something bad is happening.

Some other more obvious ones are if your child starts getting collections notices or you are told his or her Social Security Number is being claimed on another return. Anything out of the ordinary should be grounds for investigaion.

How can you prevent child identity theft?

Remember to check their credit reports.

It really is as simple as that. Contact Experian, Equifax, and TransUnion and request a credit report for your child’s name and Social Security Number. You’ll have to prove you are their parent or guardian, so be ready to provide your child’s birth certificate, Social Security card, your ID card, and proof of address.

Once you get the report, review it as you would your own. It should be pretty simple and straightforward but you never know if you’re (or rather your child) a victim until you get the report.

Good luck and remember to review this as often as you review your own.

Some preventative steps can save you serious time should you become victim.

How to Identify a Phishing Attack

Phishing is when someone tries to “fish” out information from you by pretending to be someone else. Have you ever gotten an email from your bank or credit card that looked suspicious? They usually say something ominous like “there’s been a security breach, we will need you to log into your account and provide your social security number to prevent account closure.” They’re designed to get you to panic and unwittingly click on the link, which takes you to their fake website to collect your information.

Once you try to log into their site with your legitimate credentials, you’re screwed. You’re screwed because they will have captured all the information they need to pretend to be you for just long enough to either steal your money or set up their systems in order to steal your money.

What’s unfortunate is that we’re usually pretty aware of this type of stuff when it comes to banking. A strange email from “Bank of America” is going to set off our fraud radar but a similar one from Twitter or Facebook might not. A lot of social sites send a barrage of notification emails for when people send you a message, when someone adds you as a friend, or when you need to do something in a game. The deluge of email can lower our guard and someone trying to steal your Facebook account might sneak through. While losing your Facebook account is not as bad as losing your bank account, there are still costs to losing it as the thief might pretend to be you and ask your friends for money (the classic “I was traveling in London and was mugged, please wire me money!”).

How do you identify a phishing attack? First, use an email service that has the ability to identify the sender of emails. Gmail, which is 100% free, will tell you if they think the sender’s information (who the emailer says he is) doesn’t match the email header’s information (which computers the email has passed through). Alternatively, if you are computer savvy, you can view the headers yourself for anything strange.

Next, never click on a link in an email. If it’s from Bank of America, go to the Bank of America website. If it’s Citi, go to the Citi website. You might have to jump through a few hoops to find the source but it’ll be worth it.

Finally, phishing goes beyond emails, thieves are also known to call or text you. If someone does call you, the best option is to call them back through the company’s Customer Service number. Ask them for a transaction ID or a call ID number they can reference to speed up the process (if it’s fraud, they usually assign some number). If you think it’s really them, make them authenticate themselves with your information. If they really are with the company, they will have that information. If they aren’t, they’ll probably hang up (remember, it’s a volume business).

In the end, the safest way to interact with a company is to call them directly yourself. If you suspect something is wrong, give them a call and you can sort it out. This will take some extra time but it’s far less than what you would spend if you were the victim of a phishing attack.

http://computer.howstuffworks.com/phishing.htm

Are Identity Theft Protection Services Worth the Money?

It depends.

Identity theft protection services usually have two components – theft prevention services and theft repair services.

When it comes to theft prevention services, they aren’t doing anything you could do yourself. The question becomes whether or not the service fees, which can run $20-30 a month at some places, is “worth it.” If it takes you several hours to complete the same tasks, including setting up reminders, it might be worth it to pay someone else to do it. If it takes you an hour and it’s an hour you’d be spending watching television, then it might not be. In order to really do the tradeoff, let’s see what you would have to do to get similar results.

Do It Yourself Protection

The main thing that id theft services do on your behalf is freeze your credit reports. By freezing your report, no company can access your report and, subsequently, make a credit decision. This stops all credit card offers in their tracks because they know nothing about you. You can freeze your credit report yourself and it won’t be free (neither will “thawing” it), but it’ll be cheaper than the id services.

This stops new offers from coming along but it won’t stop offers from your existing relationships (if you have a Citi card, Citi might send you more offers since it has your payment history with the first card). To stop those, you need to call the company and ask to be removed from their marketing lists.

Finally, it might not come as much of a surprise but companies will offer you credit cards even if they know nothing about you (surprise!). To stop those offers from happening, you can register at OptOutPrescreen.com.

Now that you’ve stopped incoming offers, it’s time to “monitor.” You can use a combination of free credit score services like Credit Karma (TransUnion partnership) and Credit Sesame (Experian partnership) to keep tabs on your credit report. They give you credit bureau scores, not FICO scores, but you can use it as a way to monitor any changes to your credit report. A sudden drop or rise might indicate a need to review it in greater detail. Both are free.

Theft Repair Services

Here is where it gets tricky because theft repair services only come into play after your identity has been stolen. I’ve never had my identity stolen but I have had to repair erroneous listings on my report (there was an extra social security number, address, and cell phone account) and that took a couple hours to fix. I had to contact the bureau, they had to tell me what documentation I needed to refute the listing, I had to collect that information and fax it to them. All told it was about two hours plus the waiting time for them to review the documents – and it was a minor case (I wouldn’t even call it theft).

You can think of the id theft protection service plans as insurance, since in theory they will handle the clean up. Is an insurance policy worth the monthly service price?

Prevent Identity Theft and E-File Your Taxes

TaxesThere are many reasons why you should e-file your taxes. By e-filing your taxes, you get your tax refund faster. By e-filing your taxes, you avoid the post office. But in terms of importance, there probably isn’t any reasons better than avoiding identity theft. Think about all the information you need to include on your tax return and how that information, if you mail your return, is being sent unsecured through the mail system.

Your tax return contains all the personal information a thief would need to steal your identity – your address and your social security number. It also contains information about your family, such as your spouse and any dependents, as well as their social security numbers. If includes the names of the banks and brokerages you use, those are included as 1099s, as well as roughly how much is in each of those accounts (they can assume an interest rate and calculate your balances based on the reported interest). They will know if you own or rent where you live, as well as several other details based on the deductions you claim.

Your tax return contains a frightening amount of information about you and while mailing your return is 99.999% safe, why take the risk when you can e-file and get all the other benefits? E-filing is smart on a number of levels and with the scary statistics involving identity theft, you might as well reduce your risk when it’s as simple as this.

(Photo: davidreber)

How Much is a Stolen Credit Card Worth?

Back in 2008, Jacob Leibenluft of Slate did a story about how credit card numbers were for sale in “data supermarkets” online. You might find it surprising but credit card numbers aren’t worth very much. Symantec reported in 2008 that the cost ranges from 40 cents to $20, with the higher values going to European or smaller card companies because they’re harder to find. Bank account numbers go for a little more, $10 to as much as $1,000.

It’s amazing how little stolen credit card information is worth but it’s a sign that fraud protections in the United States are very strong. Kaspersky Lab analysts found a price listing, back in 2009, which listed US Visa cards were worth only $2, whereas German credit cards were valued at $6. (link)

Amazing right?

Buy a Cross Cut Paper Shredder

Fellowes Cross Cut Paper ShredderOne of the most important tools you can buy to help you prevent identity theft is a cross cut paper shredder. A cross cut paper shredder does exactly what it says it does – cross cuts paper. Cross cutting means the shredder cuts vertically and horizontally to turn a regular sheet of paper into a hundred pieces of confetti-like bits. Traditional paper shredders, which cut only vertically, result in long strands that are easier to put back together. While a traditional shredder is better than ripping it up, a cross cut paper shredder is much better because it’s a lot harder to put the tiny pieces together.
Continue reading Buy a Cross Cut Paper Shredder

Review Your Children’s Credit Reports

Just this week we learned of a new way that identity thieves are stealing identities – scanning for inactive Social Security numbers of children and selling them to other people. One of the weaknesses of the credit reporting system is that there’s no way to determine the applicant’s age from their report. If you think back to your own report, there isn’t a birthday listed because, presumably, your age is not a reliable factor on your credit risk.

Thieves are able to get away with it because children never apply for credit, children don’t review their credit reports once every twelve months, and it’s typically not discovered until the family starts receiving collection notices for debts they never knew about!

The Identity Theft Resource Center has a fact sheet to help explain the problem and how you can fix it. Ultimately, the best solution is to review your children’s credit reports regularly, as you do your own, to detect it as early as possible.