Christmas time for identity thieves is now upon us. W-2's, tax forms, financial statements, all come out this special time of year for just about every person in the country.
Many will think very little about putting all of their personal records in a folder and taking them to a preparer sitting in a kiosk or booth at the mall or at a store that has set up this temporary area to capitalize on tax season.
I was observing one such place recently and was shocked at what I saw.
For starters there was no shredder anywhere to be found and I saw papers just tossed in a garbage can close by. I was not about to sift through it but I am sure there were worksheets and other discarded items from the preparer that should have been shredded. Items that contained plenty of personal information and enough for a savvy thief to use.
I saw her and her clients leave the "booth" and documents were left out in the open on the desk for anyone to walk up sit down pretend to be waiting and with a simple pen and paper copy social security numbers down.
If you feel compelled to have your taxes completed in such an environment, try to be aware of your surroundings and who can see. Take all your papers with you when you leave, even the scraps and worksheets. Be sure the preparer has not left any of your information laying around.
Most importantly, keep in mind that many of these temporary stations are staffed by temporary workers. You may be providing your personal information to someone who has just been hired. While I have to believe that there was some screening process, that is no guarantee that your information will be kept safe.
These people are hired and trained to complete tax returns, collect a fee and do it as quickly as possible. Information safety and security is probably not very high on the list. I'm sure they were told about it, handed a sheet of paper on it, and technically speaking "trained" to handle it properly, but if the goal is something other than that, one has to keep in mind how diligent are they really going to be.
You really need to decide if this is the environment you want to have your personal information exposed too.
Tuesday, January 13, 2009
Friday, April 4, 2008
$10 Million Guarantee against Identity Theft
I think it is truly starting to get out of control. Everyone has jumped on the $1 Million Dollar guarantee as a standard offering for identity theft services.
The value of what you really would get out of that is somewhat questionable. But now I recently noticed that one of the service companies has stepped up the guarantee to $2 Million Dollars.
Well count me in then! I was on the fence for the $1 million, but if they are offering $2 million, that is the ticket. How can I resist?
Are people out there really that foolish? Is upping the artificial "air in a bottle" service guarantee going to suck people in or away from the competition?
I wonder who will be the first to hit the $10 million guarantee mark.
At that point why not just up it to $100 million?
Are you worth a million dollars, how about $2 million? If you are, you most likely have that kind of coin in a brokerage account. Most of them now after E-trade started the trend, cover any fraud losses to your account.
The average loss or theft is in the low thousands with much of that being covered. Our company research has shown that many end up with minimal actual out of pocket expenses.
Their biggest loss is time, effort, anxiety, frustration, in cleaning up the mess left behind. We suggest people start placing a dollar value on that and collect from those companies.
If you receive a fraud alert no matter what is says, this is what it means:
" SOMEONE HAS YOUR PERSONAL INFORMATION......we stopped them from opening up a credit account....... since a thief already has stolen your info, we really can't tell you what else they may do with it"
The value of what you really would get out of that is somewhat questionable. But now I recently noticed that one of the service companies has stepped up the guarantee to $2 Million Dollars.
Well count me in then! I was on the fence for the $1 million, but if they are offering $2 million, that is the ticket. How can I resist?
Are people out there really that foolish? Is upping the artificial "air in a bottle" service guarantee going to suck people in or away from the competition?
I wonder who will be the first to hit the $10 million guarantee mark.
At that point why not just up it to $100 million?
Are you worth a million dollars, how about $2 million? If you are, you most likely have that kind of coin in a brokerage account. Most of them now after E-trade started the trend, cover any fraud losses to your account.
The average loss or theft is in the low thousands with much of that being covered. Our company research has shown that many end up with minimal actual out of pocket expenses.
Their biggest loss is time, effort, anxiety, frustration, in cleaning up the mess left behind. We suggest people start placing a dollar value on that and collect from those companies.
If you receive a fraud alert no matter what is says, this is what it means:
" SOMEONE HAS YOUR PERSONAL INFORMATION......we stopped them from opening up a credit account....... since a thief already has stolen your info, we really can't tell you what else they may do with it"
Tuesday, April 1, 2008
Public becoming more Savvy to Identity Theft Services
A recent story on ABC 7 in San Francisco pointed out the value or lack thereof for services by an identity theft service that charges over $100 a year and pointed out to their viewers how to perform the same services yourself easily and free.
But what we found to be the best comment was followed by a person who pointed out that any alert to fraudulent activity is NOT PREVENTION. If you are alerted to anything by any service you have already been compromised .
Finally, people are seeing the light and recognizing that being alerted does not equal being protected . The damage has been done. You will need to scramble to figure out what the thieves who already have your information are going to do with it next.
This is why defending your identity first and foremost is much more beneficial and easier than finding out you've been alerted.
But what we found to be the best comment was followed by a person who pointed out that any alert to fraudulent activity is NOT PREVENTION. If you are alerted to anything by any service you have already been compromised .
Finally, people are seeing the light and recognizing that being alerted does not equal being protected . The damage has been done. You will need to scramble to figure out what the thieves who already have your information are going to do with it next.
This is why defending your identity first and foremost is much more beneficial and easier than finding out you've been alerted.
Friday, March 28, 2008
The value of one Social Security Number in ID theft
People need to understand how valuable that simple 9 digit social security number really is to an identity thief.
A Chicago area man racked up just under under $300,000 in debt with one womans Social Security number. His purchases included a Range Rover and a home.
Apparently this has been going on since June 2005.
An unfortunate event like this points out how far one person can go with one very crucial piece of information. While most studies point out that losses are generally much smaller, those numbers are averages and will be meaningless to this victim.
She is left picking up the pieces of this man's crime spree. Will she be out the $300,000? Definitely not, but she will be required to file numerous complaints and documents to prove she was not involved or had nothing to do with this crime. She has to exonerate herself first before any financial institution will release her from these debts.
She will spend many hours with various agencies clearing the debris from this. In the end it will cost her time, energy, anxiety, and frustration. She will likely need to take time off from work to handle certain situations.
Will she be out any money? To a large extent no, but what about time from work especially if she is self employed, gas money to travel to a police station to file an affidavit, a trip to a attorneys office, possibly a bank visit, cost of parking an so on. It can add up. Every step of the way will be filled with anger and frustration that she has to go through all this for something that she had nothing to do with.
What she should realize somewhere along this journey, is that people can do things to either avoid this, or prevent it from getting out of control.
This thief obtained her number from somewhere. The fact that he used this one for so long indicates it was likely the only one he had and found it somewhere, either in the mail, trash, on an old document, maybe in a wallet he found or stole.
Where she went wrong was allowing this to go on for 30 months. If she had been actively checking her credit reports, or had a credit freeze placed on her accounts, or fraud alerts put in place, much of this would have been avoided. She should also reflect back on where she may have provided her SSN or lost any personal information.
A little bit of prevention or mitigation would have gone a long way. It is up to you to defend your identity. This unfortunate circumstance with one person and one SSN is why.
A Chicago area man racked up just under under $300,000 in debt with one womans Social Security number. His purchases included a Range Rover and a home.
Apparently this has been going on since June 2005.
An unfortunate event like this points out how far one person can go with one very crucial piece of information. While most studies point out that losses are generally much smaller, those numbers are averages and will be meaningless to this victim.
She is left picking up the pieces of this man's crime spree. Will she be out the $300,000? Definitely not, but she will be required to file numerous complaints and documents to prove she was not involved or had nothing to do with this crime. She has to exonerate herself first before any financial institution will release her from these debts.
She will spend many hours with various agencies clearing the debris from this. In the end it will cost her time, energy, anxiety, and frustration. She will likely need to take time off from work to handle certain situations.
Will she be out any money? To a large extent no, but what about time from work especially if she is self employed, gas money to travel to a police station to file an affidavit, a trip to a attorneys office, possibly a bank visit, cost of parking an so on. It can add up. Every step of the way will be filled with anger and frustration that she has to go through all this for something that she had nothing to do with.
What she should realize somewhere along this journey, is that people can do things to either avoid this, or prevent it from getting out of control.
This thief obtained her number from somewhere. The fact that he used this one for so long indicates it was likely the only one he had and found it somewhere, either in the mail, trash, on an old document, maybe in a wallet he found or stole.
Where she went wrong was allowing this to go on for 30 months. If she had been actively checking her credit reports, or had a credit freeze placed on her accounts, or fraud alerts put in place, much of this would have been avoided. She should also reflect back on where she may have provided her SSN or lost any personal information.
A little bit of prevention or mitigation would have gone a long way. It is up to you to defend your identity. This unfortunate circumstance with one person and one SSN is why.
Thursday, March 20, 2008
HealthNow New York Shows How to Mishandle a Data Loss
Healthow a healthcare claims provider in upstate New York has earned a spot on our office identity theft "Wall of Shame" this month for totally blowing how to handle a data loss then offering a service they will do next to nothing and the high cost will ultimately be passed on to their employers or members directly.
Last week the Buffalo, New York claims provider sent letters to 40,000 members alerting them to a possible loss of personal information. An employee downloaded patient information and then apparently lost the laptop. Apparently this happened many months ago and they first “spent an exorbitant amount of time” to try and locate the laptop, which they still believe is in the company’s building.
This company is responsible for keeping track of medical and health records of thousands and they want people to believe that they are just sitting on a laptop they cannot find. Maybe when they clean their room it will turn up. What are they, a 10 year old? It does not give me much confidence and points to pure lack of control on their part.
Then they make a second attempt at pacification by stating they are not even sure what information it contained. Teenagers deploy keyloggers, governors get their text messages exposed, malware can track every click of a mouse, and parents can track and view everything a child does on a computer for $39, but a healthcare organization of this magnitude has not a clue what their employee downloads from their database.
The employee is now a former employee but apparently they are still in contact with him. Another vote of confidence.
And the final nail in the coffin is this statement: “With all of the factors and orchestrating credit monitoring, we do believe our response time has been reasonable. Reasonable? For who? Around 4 months has passed and any chance of giving the people a heads up to potential fraud is all but vanished.
If you read between the lines....the laptop has sensitive information on it, they know it, that is why they looked for it for months. Better to not have to be exposed. The former employee who left for another job, fired within a week of the loss or theft. That laptop with sensitive information is long gone, they know it. Now, backed into a corner and options have run out, time to air the dirty laundry.
And to throw out a useless bone, free credit monitoring for a year. When you get alerted by the agency that someone tried to open an account in your name, you'll sleep better knowing a stranger definitely has your personal information and is trying to use it. Credit monitoring will alert you right away that a thief has opened up and used $10,000 of credit in your name. That way you can start the mop up and recovery process.
But wait, the thief may not be done with your information. They will use it for draining existing bank accounts, or for a criminal arrest and then the patient or victim get s warrants issued against them for not appearing in court. It will be useful when medical services are provided to the thief, or prescriptions are obtained then sold illegally on the street. It is handy for a disability claim , or sell to an illegal immigrant to get a job. So much for the monitoring bone, won't help with any of this.
There are pro-active ways to defend yourself against many of these pitfalls, but knowing about them in a timely manner is key.
Last week the Buffalo, New York claims provider sent letters to 40,000 members alerting them to a possible loss of personal information. An employee downloaded patient information and then apparently lost the laptop. Apparently this happened many months ago and they first “spent an exorbitant amount of time” to try and locate the laptop, which they still believe is in the company’s building.
This company is responsible for keeping track of medical and health records of thousands and they want people to believe that they are just sitting on a laptop they cannot find. Maybe when they clean their room it will turn up. What are they, a 10 year old? It does not give me much confidence and points to pure lack of control on their part.
Then they make a second attempt at pacification by stating they are not even sure what information it contained. Teenagers deploy keyloggers, governors get their text messages exposed, malware can track every click of a mouse, and parents can track and view everything a child does on a computer for $39, but a healthcare organization of this magnitude has not a clue what their employee downloads from their database.
The employee is now a former employee but apparently they are still in contact with him. Another vote of confidence.
And the final nail in the coffin is this statement: “With all of the factors and orchestrating credit monitoring, we do believe our response time has been reasonable. Reasonable? For who? Around 4 months has passed and any chance of giving the people a heads up to potential fraud is all but vanished.
If you read between the lines....the laptop has sensitive information on it, they know it, that is why they looked for it for months. Better to not have to be exposed. The former employee who left for another job, fired within a week of the loss or theft. That laptop with sensitive information is long gone, they know it. Now, backed into a corner and options have run out, time to air the dirty laundry.
And to throw out a useless bone, free credit monitoring for a year. When you get alerted by the agency that someone tried to open an account in your name, you'll sleep better knowing a stranger definitely has your personal information and is trying to use it. Credit monitoring will alert you right away that a thief has opened up and used $10,000 of credit in your name. That way you can start the mop up and recovery process.
But wait, the thief may not be done with your information. They will use it for draining existing bank accounts, or for a criminal arrest and then the patient or victim get s warrants issued against them for not appearing in court. It will be useful when medical services are provided to the thief, or prescriptions are obtained then sold illegally on the street. It is handy for a disability claim , or sell to an illegal immigrant to get a job. So much for the monitoring bone, won't help with any of this.
There are pro-active ways to defend yourself against many of these pitfalls, but knowing about them in a timely manner is key.
Saturday, February 23, 2008
FTC Identity Theft Data Causes Skewed Views
The FTC has issued the latest report for 2007 on Consumer Fraud and Identity Theft Complaint Data. With no great shock or surprise identity theft is still the number one complaint by a long shot being 32% of the reported 813,899 total complaints reported. The next closest category was Shop at Home/ Catalog Sales with a mere 8%. There were 20 categories in all and the bottom 13 categories were each 2% or less.
This is a good report as it paints many pictures but at the same time skews the reality due to how the information is collected.
Certain areas of the
Because the reporting is entirely voluntary lends more of an explanation as to why some states have more incidences than others. The reality of identity theft crime statistics goes much deeper than the simplistic overview of the charts of this report.
A Skewed View
I have read a number of articles from various states that have had a decrease in the number of incidences reported to the FTC are feeling incredibly good about it. They are utilizing this information to pat themselves on the back. In
But kudos goes to the Wisconsin Bankers Association who says the FTC information does not reflect what they are seeing.
Take a state such as
No signs of abatement
One thing can be said with certainty is that identity theft is not showing any significant signs of abatement.
With all of the services available to stop this, and alert you of that, and the thousands that are paying monthly fees, one would expect this number would be dropping dramatically, or at least see a slight dent in the numbers.
But then again if you rely on some reporting agency with a subscription service you pay monthly to tell you someone has your information and tried to open some type of account in your name, the theft has already happened and is likely eligible to be reported to the FTC anyway. Paying money each month to have someone tell you a theft has occurred will not change the fact that a thief already has your information.
Reporting to the Police
What is still shocking in this report is the number of people who did not report the crime to a police agency which was 65% or 158,535. Why they chose not to is a mystery that we are looking into, but even more disturbing was the revelation that of the 35% that did take the time to report the crime 8% of those did not get a report taken from the police.
The reality of what was going on at the time is the police are looking around the precinct when a victim calls or shows up. They see they have 2 muggers, a car thief, and an arsonist all waiting to be booked and processed. An identity theft victim comes in declaring a theft that by appearances likely occurred across state lines or out of the country. The probability of an arrest is remote, but the headache of the extra paperwork 100% guaranteed.
The message sent is this is a crime to be treated lightly by consumers and the some (not all) police agencies are not be doing enough to encourage or educate people in how to protect themselves. If thousands are turned away and led to believe the police can do nothing, then a feeling of helplessness will likely prevail.
The best defense is self defense. A majority of identity theft starts with people leaving the gates to their identity open and allowing the fraud to occur.
Wednesday, February 6, 2008
Is your W-2 missing from your mailbox this week?
This really is about the golden ticket for an ID thief, your W-2. It has everything they need to get started being you. That form is your link between your employer, you, and the federal government. It is the one item in your mailbox this time of year that the thieves know is coming and has your vital social security number on it.
The beauty of that golden ticket is they are sitting in millions of mailboxes this week waiting for you to save it from the grasp of an identity thief. Didn’t get yours yet? Did your employer mail it out already to an unlocked curbside ID thief treasure chest, also known as a mailbox? You might want to start inquiring now.
What makes this so easy for the thieves is you have been receiving it in this manner forever and it has never been a problem. You know it is coming; you wait for it almost, especially if you are anticipating a refund. Many also know that their employer is required to issue them no latter that the last day of January. For those who choose not to hand it directly to the employees, they use the always reliable, United States Postal Service.
The safety net ends there. Once it is placed in that old trusted receptacle on your house, by the curb, at the end of a long driveway, or in a communal type apartment system, it is fair game to anyone who happens by.
That’s what makes you so vulnerable. An old system that seemed stable and reliable is now being exploited on a grand scale by identity thieves who rely on you to think that it will not happen. Ask 1 out of every 30 Americans last year who thought the same way. They will beg to differ.
Subscribe to:
Posts (Atom)
