Thursday, May 31, 2007

Identity Thieves in Your Safety Zone?

When I ask people to describe an identity thief I usually end up with a wide array of answers and descriptions. They range from thinking they must be from another country, or are in organized crime rings, or gang members, drug addicts, low income or poverty stricken etc. Truth is, because identity thieves come from many diverse backgrounds, you could say just about anything and not be wrong.

But everyone just about left off a description of a thief they would know best. Someone close to them!

If you’re a victim of identity theft, there is a chance you know the thief. The thief was someone close to you. How close do I mean? Well maybe not intimate close, but close enough for them to be inside your self imposed safety zone. What is that safety zone? Most likely your home, apartment, dorm room, anyplace you call home is your safety zone, the area you feel comfortable in enough to leave personal items lying out in the open because you’re inside your own personal zone.

Ever sit and think who you let into that zone? I’ll create a fictitious, but realistic list for you:

1) Aunts and Uncles plus their spouses
2) Cousins plus spouses
3) Nieces and nephews
4) Brothers and sisters plus Brother and Sister – in Laws
5) Step brothers, step sisters
6) Mother
7) Father
8) Nanny
9) Baby sitter
10) House sitter
11) Painter
12) Plumber
13) Repair Person
14) Friends
15) Co-workers
16) Teenagers friends
17) Housekeeper
18) Maintenance
19) Neighbors
20) Clergy
21) Sales people
22) Parents of your children’s friends

Now that we’ve looked at it in a little more detail, it’s a pretty big list. Probably much bigger than you envision.

Why these people? Why not? They represent a good diverse cross section of society. And in society there are plenty of people with bad and devious habits. Most bad habits are hidden from others and often require funds. Funds they do not have readily available so they have to become creative to get those funds. This new age of identity theft is giving these people easy access to funds.

Because you allow them into your safety zone, you never bother to put up your guard.

By leaving your personal information unlocked or in plain view, you are potentially inviting somebody from that list above to turn you into a victim of identity theft.

The easiest step would be to keep personal information from those people in the first place. Sounds easy but approximately 1.5 – 2 million people last year didn’t think about it and found out the hard way what people from that list were capable of.

Monday, May 28, 2007

Fraud Alert Gives False Sense of Security

Recently in a local community a laptop belonging to a county agency was stolen from a community center that had the names and personal information of 7,000 people who had applied for a state health insurance program dating back from 2003 to the present. It does not sound astonishing, but the community has about 45,000 people in it.

The county did do the right thing by disclosing it immediately; they fell extremely short when offering advice.

They told everyone who may be impacted by this to place a fraud alert on their credit report. They also mentioned providing credit monitoring.

Did they really understand what a fraud alert meant? Do they recognize that credit monitoring is an after the fact service?

A fraud alert is a notice you place on your credit report that technically REQUESTS additional verification by the lender with you personally when new credit is applied for.

Go into a store and request a store credit card, the lender who transacts credit for the store will check your credit report for viable credit. If there is a fraud alert on your account they have the OPTION of contacting you to verify that you have actually applied for credit at this store. Note the word OPTION, not mandatory nor legally required. If the lender cannot reach you at the phone numbers they have on file, they can go ahead and issue credit at their discretion.

So if everything works correctly for a thief they could obtain credit in your name despite a fraud alert. Remember it is at the lenders option and they want to issue credit, that is what they do. It only adds an optional extra step, but doe not guarantee a thief will not be able to open up an account in your name.

The name used for this notification is misleading. Local county officials thought it sounded like worthy all encompassing advice to offer to 7,000 victims.

Thursday, May 24, 2007

P2P Networks Significantly Increase Risk of Identity Theft

Ask someone who has a child in middle school up through college what P2P is and chances are you’ll get a look of uncertainty. Chances are they will not know what you are talking about and if they do the details will be scant.

If they do know what P2P is, do they truly understand the dangers of it outside of the fact the kids are likely using it to obtain copyrighted material for free and most likely illegally. There are legal ways to use P2P networks for sharing photos and video clips and other homemade material, but it is used mainly for illegal downloading of copyrighted material without paying for it.

P2P is an abbreviation for Peer to Peer networking. How it works in simple terms, you expose folders on your PC to other peoples PC’s on a network, and you copy anything you find in their folder back to your PC, generally music files. But anything else in that folder is fair game to anyone on the network who wants to look at your PC. And depending on how the PC user allows others to view files, your entire hard drive could be read like an open book to anyone on the internet. Nothing scary there! You might just as well go post files of last years tax returns in a chatroom of identity thieves and set a timer to see how quick someone becomes you.

The network is set up by a third party service who just acts as a hub that all the users pass through to get to other PC’s on the network. They are everywhere and becoming harder to shut down due to ruling in court cases and the ability to operate in a manner that cannot be easily detected.

P2P has been around for a long time, remember the name Napster in the news a few years back? They brought P2P file sharing to the mainstream. The recording industry got them shut down because of the massive losses in music sales all blamed on illegal P2P usage.

So what has changed since then? P2P is growing among younger PC users and exposing their own or their parents personal information to identity thieves. The thieves scour P2P networks looking for personal information in folders that your 9th grader has exposed unknowingly.

According to a recent study released by Dartmouth business school researchers, P2P users have increased from 4 million in 2003 to approximately 10 million today.

So no surprise that along with it, identity theft has also been on the rise. It is an epidemic in this country. Is P2P responsible for that? It sure has added to the ease in which the thieves are obtaining information.

So now what? Any sensible adult who has any child engaged in P2P file sharing of any sort, particularly illegal music, should shut it down and close that door immediately. The lure of free (illegal) music for the kids will pale in comparison if you bank account get drained by an identity thief. There are plenty of safe and secure site to buy music from at extremely reasonable prices.

It is up to individuals to protect themselves and keep tabs on what is happening on the family PC. Go take a look before it’s too late.

Friday, May 18, 2007

Medical Identity Theft Can be a Killer

Financial identity theft is in the news all over. It is an epidemic in this country and is showing no real signs of letting up any time soon.

But medical identity theft and how it can impact someone is not a common topic and gets under reported by the media.

Medical identity theft occurs when someone steals your identity for any medical service ranging from prescriptions to full blown surgery.

While the number of victims for this crime is estimated to be low on a yearly basis in the range of 400,000 to 800,000 (compared to the 8-10 million financial thefts) the financial impact is much greater and the impact to personal lives can be deadly.

The theft can occur from an individual to the office staff member or by an actual practitioner. A doctor or psychiatrist may create an unfounded diagnosis in order to inflate bills and steal from your insurance. So how does this affect someone? Try getting a job if an employer does a medical background check on you and finds in your record you are diagnosed as psychotic and suffer from delusions when you really don’t. And then try getting something like that changed. Sure, the keepers of that information are going to let a psychotic person change their record! That can damage you for life! It makes financial identity theft look like a prank.

Someone could get medical treatment in your name for a serious heart condition and then you apply for life insurance. The letter will read “ We are sorry but we cannot offer life insurance to a 38 year old male who has had 3 massive coronaries and bypass surgery.”

The ramifications on a personal life can be horrific. And then try getting it changed. It is not a simple as sending a protest letter to the 3 credit agencies and telling them there is an error.

Can it get worse? Absolutely! You go to the hospital for a major medical issue and find out your health insurance has been maxed out and you are not covered for a treatment that you need. Are you going to jump out of that hospital bed and straighten out the error then come back to get the treatment in a month or two?

The killer issue is if you go in for surgery and someone has received treatment in your name prior to you but your records now reflect the identity thief, including things like blood type, medications and may not reflect your current medications. You receive the wrong blood type, a drug that interacts, or the wrong dose of anesthesia , all that will kill you in a heartbeat.

So now you need to start looking at your medical records before you receive treatment to be sure your true records are reflected.

More on this soon

Monday, May 14, 2007

The Hidden Costs of Identity Theft

Recently I read a news article written about a seminar recently given on identity theft by an attorney from the Federal Trade Commission. While I will save my opinion of his stated facts about the cost of identity theft for another post, he said 99 percent of identity theft victims pay nothing, and if there is any cost vendors pay for it! WHAT? Did he just fall out of the sky and crash land on planet earth, head first?

Just think about all the other costs, the unseen, uncalculated, or unaccounted costs, we could be referring to a value that in some instances would be unbelievable.

Let’s look at time alone. Depending on what statistical survey you refer to, the time spent per victim usually averages in the range of 500 hours to clear all the hurdles to restore their name and credit and obtain any restitution. When do they do this? Many during normal business hours. An employer of a victim, and many are employed, will lose thousands in lost time and productivity due to phone calls, paperwork, making copies, faxing information and police reports. Also time off for trips to court, an attorney’s office, or police department. Think of the time loss and cost to the self employed.

Emotional costs are also not included in his figure. I was at an event recently and spoke with many individuals about identity theft, and I was truly amazed at how many had been victims or knew a victim directly. One woman had the most emotionally charged story about a close relative who stole her identity. She was forced to press police charges against that close relative, otherwise she could not get the $6,000 in theft cleared from her name and she did not have the funds to cover it either. She was extremely distraught because she knew the negative impact it would have on her if she did not press charges, but she also knew the lifelong damage the close relative would endure for this one event.

Others feel violated, hurt, constantly suspicious, untrusting and the list goes on.

So what impact do those feelings that now have on the economy? Many of these people will stop using credit or debit cards, will not buy online, will not do many things that will impact the economy much like a recession.

And for the cost to the vendors that do actually pay for or cover losses, where does he think that money will ultimately come from? We all bear the burden of paying for the costs of identity theft. Much in the same manner we share the costs for insurance when a major hurricane hits even a majority were never impacted by it.

So in the grand scheme of identity theft the impact of the actual dollar amount may only be a small part of the total cost, but everyone who gets hit with identity theft pays a price.

Thursday, May 10, 2007

Homeland Security Department Not So Secure

Last week the Transportation Security Administration had lost a computer hard drive containing data and payroll information for about 100,000 employee records. They use the term lost, but seeing who is involved in looking for it, stolen is probably the better word choice. They may find it being used as a bookend somewhere.

The data was on employees who worked at the agency between January 2002 and August 2005 and included Social Security and bank account numbers, names, dates of birth, salaries, benefit deductions, and bank routing information.

In case you don’t recall, the TSA is a part of the Homeland Security Department. That does not sound reassuring at all. The agency that was chartered after 911 to protect us is not even protecting itself.

But if you look at a short chronology from the last 3 weeks you could not make up this entire string of events that has just rolled out of our elected government.

- April 23, 2007 The President’s Identity Theft Task Force – Combating Identity Theft a Strategic Plan – 120 pages of what Washington wants everyone to do

- April 2007 Government Accountability Office – Privacy – Lessons Learned about Data Breach Notification – 78 pages of how and when to notify people the next time it happens! They were planning on it!

- May 4, 2007 TSA notifies 100,000 of a lost hard drive

- May 9, 2007 The American Federation of Government Employees (AFGE), along with four security screeners, charged that the TSA had recklessly violated the Privacy Act and also violated the Aviation and Transportation Security Act. The class action suit was filed in U.S. District Court in Washington on Wednesday 5/9/07.

President Bush has to be in the White House banging his head on the oval office walls. He would ask Attorney General Gonzales, but he has his own issues to worry about, and he issued that 120 page report, so he’s off the hook. So who else can take responsibility for this? Typical reaction is to roll a head or two in the management ranks. What does that solve? It only keeps the same inept individuals still guarding the data, which they didn’t do so well to start with.

What really needs to happen is people who are truly responsible for this, at the office level, get fired, loose their pensions drain their 401’s. If you were handed information and told your financial future depended on keeping it safe, you can be sure there would be people keeping better track of that data better than their wallet.

Lack of accountability breeds lack of responsibility.

Monday, May 7, 2007

What’s missing from your mailbox today?

A habit that we are all used to doing since we had our first apartment, or first went away to college, is get the mail before we walk in the door. Every day we expect to get something when we open that box. Mail is a way of life in our society. It is woven into the thread of our daily lives.

Will physical mail ever go away? No, but it will evolve into a different service than what we see today. Email, estatements, online billpay, are all eroding at a service that has been in existence for ages. But what online taketh away, online giveth back in another form. Ecommerce has opened up the marketplace for any item you want with a click of a mouse.

So who still uses this age old system of antiquated origins? All of us do! There must be something about still receiving items in that box that keeps us attached to this extremely vulnerable system. Ever think about how vulnerable it is? Most don’t.

According to the US Postal Service they arrested 6000 people last year for mail theft! If it doesn’t sound like many, just think of how many they have not arrested. Then add in the ones who will start doing it. The number of mail thieves is growing as identity theft continues to grow year after year.

There is also the occurrence of “volume thefts”, that is prevalent in a number of states. The postal service does not specify what a “volume theft” is, but I would guess it is in the range of a bulk airline cargo hold shipment (ever look out the airplane window and see bulk bags of US mail being loaded with your luggage) to an entire truckload. I doubt they are looking for Ebay packages either. The thefts are occurring everywhere that mail is readily available, from collection boxes, apartment mailbox panels, postal trucks, your curbside box etc.

So what is missing from your mailbox today? A quick off the cuff answer is nothing, because you picked up your mail and it was there….so you thought. But were you there when it was delivered? Did it sit all day waiting for you to get it after work? And are those 2 credit card offers the only ones you received today or did the mailperson leave 4? You just don’t know what is missing from your mail because you never see it to start with.

You need to defend yourself from mail theft by eliminating the use of mail for all critical and essential information. Only use the mail for catalogs and advertisements and coupons, the thieves can have that.

Thursday, May 3, 2007

President’s Identity Theft Task Force

Last week Washington released a 120 page manifesto about all the ways identity theft is affecting all of us. A little late to the table? The Bush administration made mention of it briefly in 2003 and I believe they became preoccupied with a bigger fish called Saddam.

Well now that he’s fertilizer, they can get back to what’s on the minds of the American people. So it took them four years, and significant year over year increases in this crime ever since, for them to return to the topic.

This action is a result in the uproar being made by the public and this being covered by media all of the time, especially when a major data breach occurs.

Lost in all this public reaction is the fact that people are still engaging in high risk behavior when it comes to protecting their identity, and many still feel it will never happen to them. No amount of legislation will help them until people start helping themselves. At the end of the day the best defense is self defense.

We can’t expect the government to stop all of the gaps so we can continue as in the past leaving ourselves wide open. They can only protect you so much, the rest is up to you. You must realize that it is individuals (not the government or businesses) who will lose the most and suffer the biggest hardships financially and emotionally from this type of crime.

If Identity Theft continues to grow, as it has in the past few years, it will eventually start to have a major economic impact and the federal government is foreseeing this as very real possibility in the very near future. Statistically we all stand a good chance of getting impacted by identity theft; it will be the ones who have built up the best defense who will be impacted the least.

Don’t wait for it to happen to you!