Creative Commons License

 

» Tax refund ID theft is a growing epidemic says IRS

More Americans' identities were stolen in tax refund crimes in the first six months of 2013 than in all of 2012, said a U.S. Internal Revenue Service watchdog on Thursday who described the problem as "a growing epidemic."

Tax refund fraud has exploded in recent years. Scammers typically use stolen names and Social Security numbers to file phony electronic tax forms for IRS refunds.

About 1.6 million Americans were victims of ID theft/tax refund crimes this year through June, up from 1.2 million taxpayers in all of 2012, the Treasury Inspector General for Tax Administration (TIGTA) said in a report.

"Identity theft is a growing epidemic," said J. Russell George, TIGTA's chief.

Democratic Senator Bill Nelson of Florida, a hot spot for these crimes, said in a statement that TIGTA's analysis shows the IRS is making progress, but much remains to be done.

TIGTA said that while the number of frauds has risen, the amount of federal revenue lost to these crimes has decreased. In 2011, the government lost $3.6 billion in potentially fraudulent tax refunds, down from $5.2 billion in 2010.

The thieves are increasingly working from abroad, TIGTA found. In 2011, someone using a single mailing address in Lithuania made more tax filings with fraudulent Social Security numbers than any single U.S. address, TIGTA said.

The Lithuanian address received $220,489 in fraudulent IRS refunds; an address in Shanghai received $156,533.

"The constantly evolving tactics used by scammers to commit identity theft continues to be one of the biggest challenges facing the IRS," the IRS said in a statement on Thursday.

TIGTA said the IRS must do more to spot red flags signaling potential fraud in tax filings, such as multiple filings from the same address, and to help victims more quickly.

The IRS said it agreed with TIGTA's recommendations.


Posted on November 14, 2013 at 01:45 PM | Permalink

» 50 Cent, Carmelo Anthony Are Some Celebrity Identity Theft Victims

Federal agents arrested two Hartford residents for allegedly stealing the identities of high-profile celebrities, including rapper 50 Cent and New York Knicks star Carmelo Anthony, and paying for Tiffany & Co. diamonds, Honda Vespa scooters and three used Cadillacs with the victims' credit cards.

According to investigators, the pair defrauded seven high-profile victims across the country including singers and athletes from Farmington, Conn., Miami and Beverly Hills.

Court documents showed Preston and Nunez found the celebrities' personal information on the Internet, and got ahold of their credit card numbers. They are accused of spending more than $500,000 on items that included Tiffany diamonds, dozens of Honda Vespa scooters and expensive cars. Investigators said most purchases were made online and on the phone.


Posted on November 14, 2013 at 01:43 PM | Permalink

» Credit Repair and The Fair Credit Reporting Act

The Fair Credit Reporting Act (known as FCRA) goes back to 1970 as an amendment to the Consumer Credit Protection Act. The FCRA provides consumer protection in the areas of fairness, accuracy, and privacy of the information collected by the credit bureaus. It also governs the credit repair and maintenance processes, verifying that the information in your credit report is correct.

Federal consumer rights under the FCRA include:

  • Access to your credit report. You have the right to know what is in your credit file. The FCRA requires Experian, TransUnion, and Equifax to provide you with a free copy of each report once per year. You are also entitled to receive a free copy of your report if:

    • A potential lender views it
    • You are the victim of identity theft and/or want to place a fraud alert in your credit file
    • You request public assistance
    • You are unemployed and plan to apply for a new job within 60 days
  • Access to your credit score. Your credit score provides potential creditors with a numerical indication of how likely you are to repay borrowed money. Based upon information found within your credit report, this number helps lenders, insurance companies, and other businesses decide whether or not to do business with you. The credit bureaus are required to provide your credit score if you request it, however it may come with a small fee attached.

  • Notification when your credit information is used against you. If your application for insurance coverage, auto loan, mortgage, or other type of credit is denied, the lender must inform you of the decision. They must also provide the contact information of the credit bureau that gave them access to your report.

  • The right to dispute information on your credit report. Incomplete or false information can drag your credit score down. In addition to viewing your credit report, the FCRA allows you to trigger an investigation with the credit bureaus if you spot an error. Once the information is verified as false or inaccurate, it must be deleted or corrected within 30 days. Keep in mind that our service demands that creditors and bureaus uphold two additional reporting standards pursuant to other applicable laws -fairness and substantiation - in addition to simple accuracy.

  • The right to delete outdated information. Negative citations such as collections and bankruptcies can remain on your credit report for a maximum of 7 to 10 years. After this time period has passed, the credit bureaus must remove them from your report. Remember, though, that there is no minimum reporting period, so creditors or credit bureaus can remove information even earlier if they choose to do so.

  • The right to decide who views your credit report. No one can view your credit report without your permission. The FCRA requires lenders, landlords, employers, and other interested parties to obtain consent before viewing your credit report.

  • The right to opt out of unsolicited offers. If you're tired of receiving pre-approved credit applications and insurance coverage offers, you have legal recourse. Businesses that send these offers must include a toll-free number that allows you to remove your name from their solicitation list.

  • The right to legal action. Your credit report is valuable, and the FCRA prevents outsiders from misusing it. For more information, contact a credit repair professional, or visit the Federal Trade Commission website:www.ftc.gov/credit.

We are not experts on the FCRA. The FCRA is a broad and detailed legislation with many areas. FCRA compliance and the details and requirements of the enforcement actions of the government regulators that handle FCRA are outside the scope of our knowledge.

 


Posted on July 3, 2013 at 05:41 PM | Permalink | Comments (0)

» Why is Credit Repair Important?

Credit repair is important because it can help get you "good credit." Maintaining good credit can make your life a lot easier in a number of ways. Poor credit leads to these problems you want to avoid:

  • Poor credit scores. Your credit scores are calculated using your credit report. If your report has errors, you will probably have a lower score than you should.
  • Rejected for a loan and mortgage. Lenders rely on your credit score when deciding whether to give you a mortgage or loan. When your credit score is low, your loan application is often rejected. Mortgage and auto lenders are making it even harder to get a new loan or re-finance, so a better credit score is even more important.
  • Higher interest rates. Even if you do qualify for loans and mortgages, the interest rate you pay is important. This rate is the amount of money you pay to borrow from the lender. The lower your credit score, the higher your interest rate (because the lender thinks you are a higher risk). Repairing your credit and improving your credit scores could save you tens of thousands of dollars over the life of your loan.
  • Higher insurance premiums. Many insurance providers check your credit report and scores. A low credit score is often viewed as a higher risk and can result in higher premiums.
  • Lost job opportunities. Many employers perform credit checks before hiring. Companies do this as a way to gauge an applicant's level of responsibility. A bad credit report can make you appear careless or irresponsible. This could lead to you not getting that job you really want.

 


Posted on June 7, 2013 at 04:56 PM | Permalink | Comments (0)

» What is Credit Repair?

Federal law says that information about you that is reported to the credit bureaus must be accurate and fair. However, the Federal Trade Commission reports that one in four consumers have errors on their credit reports that lower their credit scores.

Credit repair is about fixing these errors so your credit report and credit score are the best they can be. The process, which can be quite challenging, involves disputing the errors in your report directly with the credit bureaus.

What kind of errors might be on your report? Late payments, unknown accounts, collections, foreclosures, charge-offs, liens, judgments, or bankruptcies. Any of these can reduce your credit score by a significant amount. 


Posted on June 7, 2013 at 04:42 PM | Permalink | Comments (0)

» How fast does your credit score recover from your goofs?

Experts say you can expect a late payment to hurt your credit score for seven years, with your score gradually recovering over that time frame as you make smart borrowing decisions -- though exactly how much and how fast your score recovers isn't entirely clear.

The federal Fair Credit Reporting Act says that negative items can only appear on your credit report for seven years, but it doesn't say how the credit industry should treat the impact of those items after they happen. That vagueness, combined with the secrecy and complexity involved in credit scoring, mean that it's tough to say exactly how a borrower's credit score will recover from a late payment. Still, provided the borrower makes smart decisions following a slip-up, time will heal those credit wounds.

"Every consumer's situation is different, but generally speaking, the impact from a negative item, such as a late payment, will lessen as that item ages" says Steve Katz, spokesman for credit bureau TransUnion.

While FICO, creator of the most-widely used scoring model, largely keeps the details of its scoring model a secret, we do know the approximate damage a late payment will cause. FICO pulled the curtain back a bit on its scoring model recently when it acknowledged just how much certain credit mistakes can hurt a borrower's credit score. For example, in the case of two hypothetical consumers, FICO said that a 30-day late payment would reduce a FICO score of 680 by 60 to 80 points, while an identical late payment would reduce a FICO score of 780 by 90 to 110 points. (For more on this topic, see our story on FICO's damage points.) You can run FICO's credit score simulator to get an idea of how much damage various mistakes, including a late payment, may cause to your own credit score.

Read more


Posted on March 20, 2013 at 11:41 AM | Permalink | Comments (0)

» How your credit utilization ratio is calculated

The calculation of your credit score combines a wide-angle view of your total combined credit utilization -- including any authorized credit card accounts -- with a close-up view of each individual credit card account. 

FICO says it takes that approach in order to get the most accurate view possible of a person's credit utilization, or their existing debt levels compared to their available lines of credit. As you already know, FICO's scoring model -- by far the most widely used in the United States -- pays close attention to that ratio, and you're wise to do the same.

"The utilization rate is an important indicator of lending risk. A person who is charging to the limit on their credit cards is far more likely to suddenly have repayment problems than a person who uses their credit cards sparingly," says Rod Griffin, director of public education with credit bureau Experian. For credit scores, "the lower the utilization rate, the better," Griffin says.

Read more 


Posted on March 20, 2013 at 11:35 AM | Permalink | Comments (0)

» What everyone should know about credit reports and scores

Don't be overly concerned with your credit score. It can be a serious challenge to ever really "know" that number. That's because these scores vary based on when they are calculated (since they originate from a momentary snapshot of your credit report) and the scoring model itself. (There are many scores out there, including FICO, VantageScore, proprietary models and "educational" scores that aren't used by any lenders). Your credit score number can -- and does -- vary from day to day and lender to lender. As a result, at a given moment in time, it's extremely difficult to truly "know" your credit score with any certainty.    

So instead of placing emphasis on that score, focus on your credit reports. Those reports are the basis for lending decisions, regardless of the scoring model used. In some cases, they are even used for hiring decisions. Note that I said "credit reports" -- plural. That's because you've got a report with each of the three major credit bureaus (Equifax, Experian and TransUnion) that maintain a record of individual U.S. consumers' borrowing behavior. Unless lenders tell you, it's difficult to know what report they may be working with. Since the information listed in those bureaus' reports can differ, you need to look at each one for a complete picture of where you stand.

Read more  


Posted on March 20, 2013 at 11:29 AM | Permalink | Comments (0)

» 5 traits that go along with a lower credit score

You know how important good credit is, so you watch your credit-related activity closely. You limit credit inquiries, maintain a respectable debt-to-income ratio and -- of course -- pay the bills on time.

But know this: The credit industry is watching right back. If you've checked your credit report, you can see it tracks your individual behavior, but did you know it tracks how we behave in groups? In search of ways to identify the most creditworthy customers, the industry and academics have studied where we live, who we are, how we behave -- and how these traits relate to credit scores.

So, the studies say, a pack-a-day smoker from Harlingen, Texas, is likely to have a worse credit score than a very patient woman from Wausau, Wis.

Hold the e-mails, though -- these unexpected traits that go along with lower credit scores are just correlations, not causations. It's not cause and effect. "None of these things are factored into your score, but have been studied alongside credit scores," explains Michele Raneri, vice president of analytics for Experian.

Keep reading to learn about five things that tend to go along with a lower credit score.

Read more


Posted on March 20, 2013 at 11:27 AM | Permalink | Comments (0)

» 10 things you should know about identity theft

Identity theft is often in the news, but there are a lot of misconceptions swirling around about how to best protect yourself.

While some identity thieves focus on getting your credit cards and maxing them out before you even realize they're missing, an increasing number are using one piece of information about you -- often a credit card number -- in order to steal your entire identity.

Though many folks worry about keeping their credit card information secure when shopping online, the top methods that identity thieves use to steal personal data are still low-tech, according to Justin Yurek, president of ID Watchdog, an identity theft-monitoring firm. "Watch your personal documents, be careful to whom you give out your data over the phone, and be careful of mail theft," he says.

Read more


Posted on March 20, 2013 at 11:25 AM | Permalink | Comments (0)

» Cybercriminals Recruit Dupes With Bogus Job Offer Emails

It’s not uncommon for users to receive links that point to a shady website that advertises work-from-home jobs. However, this is not the only method preferred by fraudsters and in some cases they’re looking for much more than someone who’s willing to pay a small fee for the key to success. The crooks continue by highlighting the fact that it’s not a scam and present a short list of basic requirements. Finally, they mention the amount of money that can be earned and, as expected, the amount is fairly high for a job that involves typing and making a few calls.

A noteworthy fact is that the emails originate from email addresses hosted at careerin-finance.com, a domain registered at a Chinese registrar that’s known to support shady operations. However, this is not just a regular job scam. In reality, it’s an attempt to recruit money mules – knowing or unknowing individuals who help fraudsters launder money.

So, if you reply to such an offer (we highly recommend against doing so), you shouldn’t be surprised if your “employer” would ask you to transfer some money to and from your bank account, send money via Western Union, or perform other suspicious transactions.

More


Posted on July 8, 2012 at 11:01 PM | Permalink | Comments (0)

» Medical Identity Theft: What it is and How to Protect Yourself

While it's the fastest-growing type of identity theft, a new Nationwide Insurance survey reveals few people know what medical identity theft is or how devastating it can be to your credit and your health.

The national telephone survey commissioned by Nationwide Insurance was conducted by Harris Interactive in February among 2,001 adults with health insurance. It found only 1 in 6 (15%) of insured adults say they are familiar with medical identity theft. Of that 15% only one in three (38 percent) could correctly define "medical identity."

"A stolen medical identity has a $50 street value -- whereas a stolen social security number, on the other hand, only sells for $1*," said Kirk Herath, Nationwide Chief Privacy Officer. "However, while most people are very careful with their social security number to protect their credit and personal information, they tend to be less careful when it comes to their medical information."

What is "Medical Identify Theft?"

Medical ID theft occurs when one person steals another's medical information to obtain or pay for health care treatment. It's a crime that can have a serious impact on your personal, financial and medical well being.

According to the World Privacy Foundation, medical identity theft has affected 1.5 million Americans at a cost of more than $30 billion.

If someone steals your medical information they illegally can use your health care insurance to obtain medical care, buy prescription drugs or submit false insurance claims in your name, all of which can lead to devastating financial results or potentially hazardous changes to your medical records.

The three most common ways your medical identity could be compromised are:

-- Financial medical identity theft -- Someone is getting medical help using your name and/or other information.

-- Criminal medical identity theft -- You are being held responsible for the actions of another's criminal behavior.

-- Government benefit fraud -- Your medical benefits are being used by another person.

Devastating Consequences, Difficult Recovery

According to a Nationwide Insurance survey, more than half (56%) of insured adults said it's likely that their credit card or credit card number would be stolen, while only one-third (32%) say they expect their medical identification to be stolen.

About one in five (22%) believe the most likely consequence would be that their health insurance could be cancelled, when in reality hazardous changes could be made to their medical records compromising their health.

"These are warning signs that should not be ignored," Herath said. "The cost and time associated with cleaning up a medical account is sizeable."

The personal expense of resolving a medical identity theft is about $20,000, according to actual victims. The same victims also said they had spent four to six months resolving the theft**.

More than half of the study participants underestimated how long it would take to restore their medical identity. Nineteen percent or about 1 in 5 said it would take less than two weeks. And more than half underestimated or didn't know how much it would cost.

When it comes to taking proactive measures to review their medical records for errors, 75 percent or 3 of 4 study participants "trust" that their medical records are correct.

"Blind faith in a medical record is risky behavior," Herath said. "Nationwide Insurance recommends being as knowledgeable about your medical records as you are about your financial reports."

Tips to protect your Medical Identity

Here are a few things you can do to safeguard your medical identity:

-- Closely monitor any "Explanation of Benefits" sent by health insurers

-- Pro-actively request a listing of benefits from your health insurers

-- Request a copy of current medical files from each health care provider

-- If you are victim, file a police report

-- Correct erroneous and false information in your file

-- Keep an eye on your credit report

-- Request an accounting of disclosures

 


Posted on June 15, 2012 at 12:05 PM | Permalink | Comments (0)

» Merchant personal data may have been stolen from Global Payments

Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.

"We have recently learned of potential unauthorized access to servers containing personal information from a subset of merchant applicants," Paul Garcia, Global Payments' chairman and CEO, said during a conference call with shareholders on Tuesday.

Affected individuals will be offered free credit monitoring services and identity protection insurance of $1 million. The three U.S. major credit reporting agencies have also been advised about the incident, Garcia said.

Garcia declined to share an exact number of individuals potentially affected by the unauthorized access to servers that contained merchant data, citing an ongoing process of analyzing that information.

More


Posted on June 15, 2012 at 12:02 PM | Permalink | Comments (0)

» IRS Tax Return Identity Theft Hotline

If you think someone used your identity to file a fraudulent tax return and snatch your refund, call the new Tax Return Identity Theft Hotline.

Launched today by the IRS criminal investigations division and the U.S. Attorney's Office, the number is 412-395-4973.

Last summer, scam artists set up shop in Erie and began offering people help tapping into a fictitious federal stimulus program, then stole their identities, IRS criminal investigations spokesman Andrew Hromoko said. If anything similar happens this year, calls to the hotline could help the agency to identify the scheme quickly.

Callers who leave a message will receive a return call from a special agent within 24 to 48 hours.

A taxpayer who believes they are at risk of identity theft due to lost or stolen personal information should also contact the IRS Identity Protection Specialized Unit at 800-908-4490 so the agency can secure their tax account.

More


Posted on June 15, 2012 at 11:59 AM | Permalink | Comments (0)

» Hackers more aggressive in attacking bank accounts

A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded.

The total number of attacks to try and break in and transfer money out of hacked customer accounts was up to 314 over the course of 2011, according to the Financial Services Information Sharing and Analysis Center (FS-ISAC), which released findings of its survey of 95 financial institutions and five service providers. That's an increase from 87 attacks against bank accounts in 2009 and 239 in 2010.

FS-ISAC is the group that coordinates on security issues with the Department of Homeland Security. The survey was conducted by the American Bankers Association.

The actual dollar losses taken by the financial institutions last year was $777,064, down from a high of $3.12 million in 2010. Dollar loss for customers was $489,672 in 2011, as compared with $1.16 million in 2010.

More


Posted on June 15, 2012 at 11:57 AM | Permalink | Comments (0)

» Utah CTO takes fall for data breach

The executive director of Utah's Department of Technology Services has resigned over a data breach two months ago that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients.

Utah Governor Gary Herbert announced the resignation of Stephen Fletcher on Tuesday.
In a statement, Herbert also described various initiatives underway that aim to mitigate the risk of similar breaches in the future.

The State's plan includes an independent audit of all IT security systems, the appointment of a new health data security ombudsman and a continuing investigation of the breach by law enforcement personnel.

More


Posted on May 18, 2012 at 03:33 PM | Permalink | Comments (0)

» Banks are complacent about check fraud

Many banks are complacent about check fraud, perhaps because it's been around for so long. And yet, according to the 2012 Faces of Fraud survey, it remains the second-most common form of fraud institutions face.

Another reason for the complacency? Check fraud seems minor, relative to escalating fraud threats posed by emerging e-commerce channels. "Banks perceive the risk to be much higher in the electronic-payment channels," Tubin says. "With check fraud, they've been dealing with it forever, and they're used to it."

But the lines between old-school schemes such as check fraud, and emerging e-commerce scams are blurring. The advent of check images has married the check to the online channel. And financial institutions that continue to rely on manual processes to detect check fraud find themselves challenged by new cross-channel schemes.

More


Posted on May 18, 2012 at 03:30 PM | Permalink | Comments (0)

» BitCoin hacked, More than 18,000 Bitcoins Stolen

Bitcoinica, a Bitcoin exchange started by a 17-year old teenager Zhou Tong, has been shut down for security investigations. It’s believed that at least 18,000 BTC ($90,000 or 68,000 EUR) have been stolen.
 
News of the hack was posted this morning by Bitcoinica's founder, Zhou Tong:"Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

More


Posted on May 18, 2012 at 03:29 PM | Permalink | Comments (0)

» 700,000 CA social services records lost

The California office of In-Home Supportive Services, which provides health support to elderly and disabled people, reported on Friday that the personal records of some 700,000 caregivers and care recipients were either lost or stolen.

But this data loss was not due to a server breach, or some complex phishing attack—instead, the Social Services office said that Hewlett Packard, which manages the data controlled by the office, notified the IHSS of the breach after a physical package containing microfiche with thousands of entries of payroll data went missing from a damaged package shipped by U.S. Postal Service to the State Compensation Insurance Fund in Riverside, CA.

As the package arrived damaged and incomplete, it’s unclear whether the information was lost or stolen, but the state has launched an internal investigation and notified law enforcement in the hopes of resolving the issue, according to the Los Angeles Times. "The possibly compromised information, dating from October to December 2011, for 375,000 workers included names, Social Security numbers and wages. For 326,000 recipients, state identification numbers may be at risk,” the LA Times reports. The In-Home Supportive Services office is also sending out hundreds of thousands of letters to potentially affected parties.


Posted on May 18, 2012 at 03:28 PM | Permalink | Comments (0)

» Your Dead Relative Could be a Victim of Identity Theft

Your lost loved one's financial identity could come back to life in a most unsettling way -- 2.5 million deceased Americans' identities are misused every year, according to ID Analytics, an ID theft risk assessment company. The company's research arm compared the names, Social Security numbers and birthdays listed on applications for credit against the Social Security Administration's master file of deaths to come up with those numbers.

ID Analytics says crooks intentionally steal the identities of about 800,000 deceased Americans each year. The company says identity thieves also make up Social Security numbers, and inadvertently make matches with about 1.6 million people a year who have died.

In addition, ID Analytics detected a disturbing pattern of theft of financial information belonging to people who were dying. It's easy to see how that could happen, since people who are gravely ill can easily lose track of the details of their finances. When you break it down, ID Analytics says con artists use dead people's identities more than 2,000 times a day.


Posted on May 18, 2012 at 03:26 PM | Permalink | Comments (0)

» UNC-Charlotte Data Breaches Expose 350,000 SSNs

Confidential data, including bank account and Social Security numbers for some 350,000 University of North Carolina-Charlotte students, staff and faculty, were accidentally exposed -- some for almost 15 years -- due to a system misconfiguration and incorrect access settings that made electronic data publicly available.

The school on Wednesday released a statement on an investigation it launched in February after staff discovered the data breach. The investigation revealed two separate incidents exposed data such as names, addresses, Social Security numbers and financial account information provided during university transactions.

One incident involved misconfigurations and incorrect access settings made during a general university system upgrade that left data stored on the university's H: drive exposed on the Internet from Nov. 9, 2011 to Jan. 31, 2012.

More


Posted on May 18, 2012 at 03:20 PM | Permalink | Comments (0)

» Over 300,000 Complaints of Online Criminal Activity Reported in 2011

FBI's IC3 2011 Internet Crime Report Released 

The Internet Crime Complaint Center (IC3) today released the 2011 Internet Crime Report—an overview of the latest data and trends of online criminal activity. According to the report, 2011 marked the third year in a row that the IC3 received more than 300,000 complaints. The 314,246 complaints represent a 3.4 percent increase over 2010. The reported dollar loss was $485.3 million. As more Internet crimes are reported, IC3 can better assist law enforcement in the apprehension and prosecution of those responsible for perpetrating Internet crime.

In 2011, IC3 received and processed, on average, more than 26,000 complaints per month. The most common complaints received in 2011 included FBI-related scams—schemes in which a criminal poses as the FBI to defraud victims—identity theft, and advance-fee fraud. The report also lists states with the top complaints, and provides loss and complaint statistics organized by state. It describes complaints by type, demographics, and state.

“This report is a testament to the work we do every day at IC3, which is ensuring our system is used to alert authorities of suspected criminal and civil violations,” said National White Collar Crime (NW3C) Center Director Don Brackman. “Each year we work to provide information that can link individuals and groups to these crimes for better outcomes and prosecution of cases.”

Acting Assistant Director of the FBI’s Cyber Division Michael Welch said, “Internet crime is a growing problem that affects computer users around the world and causes significant financial losses. The IC3 is an efficient mechanism for the public to report suspicious e-mail activity, fraudulent websites, and Internet crimes. These reports help law enforcement make connections between cases and identify criminals.”
IC3 is a partnership between the Federal Bureau of Investigation, the NW3C, and the Bureau of Justice Assistance. Since its start in 2000, IC3 has become a mainstay for victims reporting Internet crime and a way for law enforcement to be alerted of such crimes. IC3’s service to the law enforcement community includes federal, state, tribal, local, and international agencies that are combating Internet crime.


Posted on May 18, 2012 at 03:17 PM | Permalink | Comments (0)

» Three Reasons Skimmers Are Winning

Banks and credit unions say that losses linked to card-skimming and other sources of debit card fraud are increasingly concerning.

Arrests and financial losses linked to skimming continue to add up. Why do many institutions struggle to thwart attacks waged against ATMs and the vestibules that house them? 

Mike Urban, a financial fraud expert with Fiserv, a core processor that provides security services to financial institutions, says anti-skimming technologies just can't keep up.

Beyond outdated card technology, a number of factors have contributed to ATM skimming's success. Cardholder behavior, outdated or ineffective anti-skimming technology and too many endpoints are the top three, experts say.

More


Posted on May 18, 2012 at 03:14 PM | Permalink | Comments (0)

» Three Keys to Mobile Security

Mobile banking is being adopted by consumers at an increasing rate, but it's just one piece of the overall mobile financial services puzzle. As the mobility trend grows, banking institutions are still figuring out how far ahead they should look, and what strategies make the most sense.

But Paul Smocer, president of BITS, the technology policy division of the Financial Services Roundtable, says most institutions are doing much more than some observers give them credit for doing. Banking/security leaders are very concerned about mobile, and they're doing what they can to anticipate risks.

During this interview, Smocer discusses:

Three key areas that make up mobile financial services: 1) banking, payments and mobilized traditional services, such as remote deposit capture; 2) Why mobile payments poses the greatest security risks; 3) Steps BITS is taking to address mobile concerns, especially as they relate to FFIEC conformance.

 

More


Posted on May 18, 2012 at 03:11 PM | Permalink | Comments (0)

» Five tips for small biz to protect against security threats

The threat landscape on the Web is becoming more perilous. Security software maker Symantec, in its annual "Internet Security Threat Report" released April 30 found that even as the number of vulnerabilities in 2011 fell by 20 percent over the previous year, the number of malicious attacks grew 81 percent. 

The trend is similar to what Hewlett-Packard saw. In its "Top Cyber-Security Risks Report," announced April 19, HP officials also found that the number of vulnerabilities last year fell by 20 percent, but that the risks involved in those vulnerabilities grew. HP also found that the number of cyber-attacks more than doubled in the second half of 2011. And small and midsized businesses (SMBs) are in the thick of it. More than half of the targeted attacks seen in 2011 were aimed at organizations with fewer than 2,500 employees, and almost 18 percent targeted companies with fewer than 250 employees. The Internet has been a boon for SMBs, making it easier than ever before to do business. But it also raises the threats to smaller companies and their IT departments. 

The biggest risk is seeing their intellectual property, customers’ information or financial transaction data fall into the wrong hands. SMBs need to protect themselves, and Symantec has some ideas how.

More


Posted on May 7, 2012 at 12:15 PM | Permalink | Comments (0)

» Insiders played a role in healthcare data breaches

April has been a brutal month for healthcare, with three major breaches disclosed accounting for nearly 1.1 million records lost. The thread woven throughout each has been the role of insiders -- both malicious and inept -- in triggering the incidents.

In one case at the Utah Department of Health, approximately 780,000 Medicaid records were exposed due to the misconfiguration of a server containing these files. Human error also accounted for the loss of 315,000 patient records at Emory Healthcare, when 10 backup disks went missing from a storage facility at Emory University Hospital. Meanwhile at South Carolina's Department of Health and Human Services, an employee sent 228,000 Medicaid patient records to himself via email. The investigation is still ongoing, but already the employee, Christopher Lykes, was fired and arrested by the South Carolina State Law Enforcement Division for his malfeasance.

According to experts, these three incidents are representative of the types of consequences healthcare organizations face when they fail to address insider threats through improved employee screening, monitoring, data controls, and security awareness training. According to Rick Dakin, CEO of the IT security consulting firm Coalfire Systems, more than half of the insider incidents his company investigates involve an insider in some way, shape, or form.

More


Posted on May 7, 2012 at 12:11 PM | Permalink | Comments (0)

» Websites Selling Stolen Cards Shutdown

International law enforcement agencies last week touted the takedown of 36 websites that were used to sell stolen debit and credit data for more than 2.5 million accounts. But how much of an impact will the takedown ultimately have on card fraud?

It's easy for cyberthieves to just take their card numbers to new domains, Klein says. "It's so way down on the fraud chain, it won't have a big impact," he says. "What we need is more effort to arrest bot developers, and then we are really hitting them where it hurts."

A U.S. law enforcement source connected to the bust says that while investigators are combing through the details for connections to other ongoing cybercrime investigations, this source does not see this takedown as extremely significant. Even the amount of recovered card data is low, relative to the number of cards compromised in a typical database breach.

More


Posted on May 7, 2012 at 12:10 PM | Permalink | Comments (0)

» Apple mistake exposes passwords for Lion

Apple's latest update to OS X contains a dangerous programming error that reveals the passwords for material stored in the first version of FileVault, the company's encryption technology, a software consultant said.

David I. Emery wrote on Cryptome that a debugging switch inadvertently left on in the current release of Lion, version 10.7.3, records in clear text the password needed to open the folder encrypted by the older version of FileVault.

Users who are vulnerable are those who upgraded to Lion but are using the older version of FileVault. The debug switch will record the Lion passwords for anyone who has logged in since the upgrade to version 10.7.3, released in early February.

More


Posted on May 7, 2012 at 12:08 PM | Permalink | Comments (0)

» Tax refund fraud increasing identity theft

A wave of refund tax fraud is fueling demand for stolen IDs. A year ago I wrote about how one set of Florida-based scamsters had tricked the Internal Revenue Service out of  $12.1 million worth of refunds  using  the stolen names and Social Security numbers of 5,108 dead people–likely taken from the Social Security Death Index.  But that, as they say, is yesterday’s news. The IRS told Congress during recent hearings that it has set up a new computer screen to flag fraud relating to the tax returns of recently deceased taxpayers and Internet genealogy sites like Rootsweb.com have limited free access to the death index. So it appears there’s some progress, at least, on that front.

Meanwhile, the fraudsters are collecting lists of living identity theft victims, either by planting employees in jobs with access to personal data or corrupting employees who already have such jobs. Former federal prosecutor Latour “L.T.” Lafferty, head of the white collar and corporate compliance practice at Florida’s Fowler White Boggs, reports that he  has been hired in the past year by two local employers to investigate employee theft of information. In one case, he found, an employee had used her smart phone to take pictures of records. (The iPhone takes such good pictures that you can actually take a picture of your W-2 with it, and have the information entered into Intuit’s TurboTax app.) “The old identity theft,’’ Laferty observes, “was `may we send you a fake email and find out if you’re dumb enough to give me a Social Security number’ or going through your trash.’’  The new trend, he says, is for employees to steal names and numbers in bulk and then use TurboTax or other software to file large numbers of refund claims. (If they get in a bogus 1040 before the real, live taxpayer, or smartly pick the identity of an American who doesn’t have to file, they may be able to get thousands of dollars back.)


Posted on April 26, 2012 at 05:22 PM | Permalink | Comments (0)

» Man emails identities of 228,435 people to himself

A South Carolina man was arrested yesterday on charges stemming from a data breach that may have leaked personal information on more than 200,000 Medicaid beneficiaries in the state, including their names, phone numbers, addresses, birth dates and Medicare ID numbers according to a report in the newspaper The State.

Christopher Lykes Jr., 36, of Swansea, South Carolina was charged with five counts of violating the confidentiality of the state's Medically Indigent Assistance Act and another count of disclosing confidential information, according to paperwork from South Carolina Law Enforcement uncovered by the newspaper. 

Lykes, a former employee of the South Carolina Department of Health and Human Services (SCDHHS), transferred the personal information of 228,435 South Carolinians to his personal Yahoo! e-mail account from January 31 to April 2.


Posted on April 26, 2012 at 05:18 PM | Permalink | Comments (0)

» Russian hackers take lead in cybercrime

Russian-speaking hackers earned an estimated $4.5 billion globally using various online criminal tactics and are thus responsible for 36% of the estimated total of $12.5 billion earned globally by cybercriminals in 2011, Russian security analyst firm Group-IB said in a report published on Tuesday.

In the report, Group-IB differentiates between cybercriminals living in Russia and Russian-speaking cybercriminals, who include citizens of the countries of the former Soviet Union and other countries. In the 28-page report the researchers estimate that the total share of the Russian cybercrime market alone doubled to $2.3 billion, while the whole Russian-speaking segment of the global cybercrime market also almost doubled, to $4.5 billion. The researchers noted that the Russian-speaking segment of the global cybercrime market traditionally encompasses twice the amount of the Russian segment.

The Group-IB analysts highlighted general trends in the development of online crimes in 2011. The market was embraced by traditional organized crime groups that are trying to control the entire theft process, which led to the merging of two criminal worlds and a refocusing of the Russian mafia's traditional emphasis on crimes such as drug and arms trafficking to cybercrimes, according to the report. This could lead to "an explosive increase of attacks" on the financial sector, the researchers warned. Online banking fraud is one of the fastest growing segments of cybercrime, with a big increase in 2011, Group-IB said.

www.computerworld.com


Posted on April 26, 2012 at 05:05 PM | Permalink | Comments (0)

» Tacoma woman sentenced for ID theft

A Tacoma woman who victimized more than a dozen visitors to Mount Rainier National Park, was sentenced to two years in prison, three years of supervised release and $7,034 in restitution for conspiracy and aggravated identity theft. 

U.S. Attorney Jenny A. Durkan said 25-year-old Pamela Williams and co-defendant Matthew Mortinson broke into vehicles parked at various trailheads, stealing computers, credit cards and other valuables. 

www.kirotv.com


Posted on April 26, 2012 at 05:03 PM | Permalink | Comments (0)

» Man found with 38 credit cards convicted of ID theft

A man who pleaded guilty in January to aggravated identity theft and credit card fraud was sentenced Monday to 75 months in federal prison, the U.S. attorney’s office said.

Sharif John Reid, 37, of League City, also must pay $157,501 in restitution related to his attempts to purchase Apple iPads and iPhones at the Memorial City Apple store on Aug. 7.

He was accused of using unauthorized credit card numbers to buy $200,000 in Apple products in Louisiana and Texas.

Authorities found 38 credit cards in Reid’s possession that were stolen or obtained by Reid with the intent to defraud, the U.S. attorney’s office said in a statement.

galvestondailynews.com

 


Posted on April 26, 2012 at 05:02 PM | Permalink | Comments (0)

» Identity thieves filing phony tax returns

The Indiana Attorney General’s Office announced today it has received more tax-related identity theft complaints this year than in all of 2011.

Indiana Attorney General Greg Zoeller said 20 Indiana taxpayers have filed complaints so far, because they believe their personal information or their children’s information was used to file fake tax returns and claim refunds. In some cases, Social Security numbers were stolen to obtain employment and as a result the victims are seen as not having reported all their income on their returns.

“Identity theft knows no season, but as Hoosiers file their taxes it provides a unique opportunity for thieves to use names and Social Security numbers to claim significant refunds,” Zoeller said. “These complaints underscore the need for all consumers to be proactive in guarding their personal information whether online, at home or on their person.”

In 2011, the office received 19 tax-related identity theft complaints with only two of those submitted during the three-month period leading up to April. Zoeller said the spike in numbers could be because the Internal Revenue Service (IRS) is doing a better job of finding suspicious activity earlier and reporting it to taxpayers.


Posted on April 3, 2012 at 12:03 PM | Permalink | Comments (0)

» Visa Drops Global Payments Following Data Breach

Visa has dropped Global Payments from its list of companies that are deemed compliant with security policies following a data breach that may have compromised as many as 1.5 million Visa and MasterCard accounts.

Visa’s decision to drop Global Payments from its registry of service providers that meet the credit card company’s data security standards came April 1, two days after the breach became public. During a conference call April 2 to discuss the situation, Global Payments CEO Paul Garcia talked about Visa’s move, and reportedly said he expects his company to be returned to the list after it comes back into compliance with the Visa policies. However, Garcia didn’t say when that may be.

Officials with Visa and MasterCard announced last week that data from credit card accounts was stolen following a data breach at a third-party processor, and stressed that their own servers had not been compromised. The credit card companies initially did not say which transaction processing company was attacked, but it soon leaked out that it was Global Payments.

More


Posted on April 3, 2012 at 11:57 AM | Permalink | Comments (0)

» Mail carrier convicted in massive identity fraud case

A jury in federal district court returned a guilty verdict late yesterday against OPEOLUWA ADIGUN, age unknown, and CHUKWUKA ONYEKABA a/k/a Gabriel Onyekaba, 34, both of Marietta, Georgia on charges of stealing the identities of more than 85 individuals in the Atlanta area and opening credit cards, loans, and bank accounts in their names.  ADIGUN was also convicted of immigration, social security, and passport fraud.

United States Attorney Sally Quillian Yates said of the case, “Identity theft is a growing problem that destroys the lives of innocent citizens, resulting in years of victimization as they try to clear their good names and credit of the damage done by the criminals.  These defendants ran a sophisticated identity theft scheme that included opening multiple accounts in victims’ names, moving the criminal proceeds among different banks in victim names, using fake identifications, and buying ordinary gift cards with stolen credit cards to conceal the source of the proceeds.  The jury’s verdict brings some measure of justice to the many victims of these two defendants’ crimes.”

According to Paul Bowman, Area Special Agent in Charge of the United States Postal Service, Office of Inspector General, “Opeoluwa Adigun reflects just a very small percentage of employees who failed to uphold the trust and integrity placed in them.  The U.S. Postal Service, Office of Inspector General takes these cases very serious and investigates them to the fullest extent of the law.”

“The U.S. Postal Inspection Service is pleased with the jury’s verdict. Identity theft continues to plague the American public. As long as thieves target the U.S. Mail, Postal Inspectors will continue to target those responsible,” said Keith Morris, Postal Inspector in Charge of the Atlanta Division.

“The Paulding County Sheriff's Office, the investigating officer and I are all very happy with the verdict rendered by this jury,” said Paulding County Sheriff Gary Gulledge.  “It is always rewarding to see our justice system work as intended - to hold the guilty accountable and protect the innocent public from further harm. It is also satisfying to see resolution brought to the 85+ victims of the crimes committed by Opeoluwa Adigun and Chukwuka Onyekaba. This case is the perfect example of good police work, inter-agency cooperation, careful prosecuting and an intelligent jury. I commend all involved for the great work and great result.”

“This type of crime is even more egregious when it is conducted by a government employee using his or her position of trust for fraudulent purposes and financial gains,”  said  Brock D. Nicholson, Special Agent in Charge of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (HSI) Atlanta, “HSI will continue to vigilantly investigate any individual who engages in activities that  jeopardize public safety and national security.” Nicholson oversees all HSI activities in Georgia and the Carolinas.

According to United States Attorney Yates, the charges and other information presented at trial:  Between May 2006 and March 2010, ADIGUN and ONYEKABA stole mail, credit cards, and other personal information from individuals in the Atlanta area, and then opened a variety of financial accounts under the victims’ names.  As part of the scheme, ADIGUN obtained a job as a mail carrier in the Hiram Post Office under the name “Mary Afolabi,” an identity she had stolen from another person from Nigeria before ADIGUN entered the United States in 2004.  During ADIGUN’s time with the Hiram Post Office, over 85 victims on her mail route reported that their identities were stolen and used to open multiple financial accounts in their names.

Using the information stolen from the mail route customers, ADIGUN and ONYEKABA applied for credit cards and bank loans in their victims’ names.  They deposited the fraudulent loan proceeds into bank accounts opened under yet other victims’ names and then wrote checks from those accounts to their two fraudulent businesses, GMO Auto Services in Douglasville and Gabmike Limousine Service in Smyrna.  They also used the fraudulent credit cards at their businesses. 

Further, ADIGUN and ONYEKABA purchased gift cards and thousands of dollars of merchandise with the fraudulent credit cards.  In March 2010, law enforcement officers stopped the defendants driving a Lincoln Navigator and found dozens of American Express, Walmart, and Target gift cards that were purchased with stolen credit cards issued to individuals residing on ADIGUN’s mail route in Hiram.

ADIGUN obtained a social security card and a U.S. passport and, in March 2009, was naturalized as a U.S. citizen – all under the assumed name of “Mary Afolabi.”

After a seven day trial, the jury returned guilty verdicts on all 44 counts it considered, including conspiracy, access device or credit card fraud, aggravated identity theft, bank fraud, mail theft, immigration fraud, social security fraud, and passport fraud.  The charges carry maximum sentences that range from five to 30 years in prison each, and fines of up to $1,000,000 per count.  The aggravated identity theft charges require a mandatory minimum sentence of 2 years in addition to any other sentence imposed.  Sentencing has not yet been scheduled before United States District Judge Richard W. Story.  In determining the actual sentence, the Court will consider the United States Sentencing Guidelines, which are not binding but provide appropriate sentencing ranges for most offenders.

This case was investigated by the United States Postal Service, Office of Inspector General; United States Postal Inspection Service; United States Immigration and Customs Enforcement’s Homeland Security Investigations; United States Secret Service; Social Security Administration; Paulding County Sheriff’s Office; Douglas County Sheriff’s Office; Cobb County Sheriff’s Office; Hiram Police Department; and Cobb County Police Department.

Assistant United States Attorneys Stephen H. McClain and Shanya J. Dingle are prosecuting the case.

 


Posted on April 2, 2012 at 03:36 PM | Permalink | Comments (0)

» How to protect personal data on old devices you sell

Thinking of selling or giving away your smartphone or laptop computer? If you have a BlackBerry or an iPhone, go right ahead. But if you have an Android phone or a computer running Windows XP, you may want to hold off.

It turns out that it's almost impossible to get rid of personal information from some devices, even if you follow the manufacturer's directions for wiping the device clean.

Robert Siciliano, identity theft expert for the technology security firm McAfee, found this out in an experiment he conducted over the fall and winter. He bought 30 electronic devices from Craigslist — mostly smartphones and laptops — to see how effective people were at removing personal information from their gadgets before selling them.

More


Posted on April 2, 2012 at 03:21 PM | Permalink | Comments (0)

» MasterCard, Visa Report Data Breach of Card Processor

VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.

In separate non-public alerts sent late last week, VISA and MasterCard began warning banks about specific cards that may have been compromised. The card associations stated that the breached credit card processor was compromised between Jan. 21, 2012 and Feb. 25, 2012. The alerts also said that full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards.

More from Krebs


Posted on March 30, 2012 at 09:42 AM | Permalink | Comments (0)

» Microsoft Founder Paul Allen Victim of Identity Theft

Microsoft co-founder Paul Allen has become the victim of identity theft, with an AWOL U.S. soldier in Pittsburgh charged with changing the address on a Seattle bank account owned by Allen and attempting to redirect funds to a personal account.

Brandon Lee Price allegedly changed the address on a Citibank account owned by Allen from Seattle to Pittsburgh, and then had a debit card sent to his home in Pittsburgh. According to a report by the AP, Price attempted to wire $15,000 to the new account and to make a $658.81 payment on an Armed Forces Bank loan. He then allegedly attempted to make purchases at a GameStop and Family Dollar store.

One of the stupider headlines or memes around this news is that if a billionaire's identity isn't safe, then how can anyone elses be? There is nothing about a billionaire that makes his or her identity any more protected than anyone elses. If you think there is than by all means name it. Just being rich doesn't inherently give you protections against ID theft.


Posted on March 27, 2012 at 03:51 PM | Permalink | Comments (0)

» Debit card fraud up, while check fraud declines

No surprise here. The use of debt cards are way up, so of course fraud increased. The opposite is true for paper checks.

During a year that saw a record rise in financial crime reports, one scam that has plagued banks and consumers for decades is fading away: check fraud.

Reports of suspected counterfeiting, check fraud, and check kiting were among the financial crimes that saw declines during 2011, dropping 7.5 percent from 2010.

The drop in check fraud came as the Financial Crime Enforcement Network (FinCEN) had a record number of suspicious activity reports (SARs) in 2011 throughout the financial industry.

The number of check-related suspected crimes peaked in 2008, with banks sending 152,874 suspicious activity reports to FinCEN. From there, the cases are investigated by federal, state, or local authorities, depending on the amount of money involved in the crime.

Since 2008, the number of check-related crimes has dropped to 107,041.

The drop in check fraud numbers points to a trend many Americans are familiar with, the slow disappearance of checks.

The use of checks as a form of payment has been declining in recent years. Personal check use has dropped by 12 percent among consumers between 2008 and 2010, according to the American Bankers Association.

Meanwhile, the use of debit cards has increased, and with it, debit card-related crime.

From 2006 to 2009, the use of debit cards as a form of payment rose 14 percent among Americans, while debit card crimes rose 41 percent, according to data from the Federal Reserve and FinCEN.


Posted on March 27, 2012 at 09:31 AM | Permalink

» Children 51 times more likely to be ID theft victim

Why are kids so vulnerable? Because they have unused, unblemished credit profiles. Richard Power, Distinguished Fellow, Carnegie Mellon CyLab, recently published the first ever child identity theft report based on identity protection scans of over 40,000 U.S. children. It is extremely alarming that 10.2% of the children in the report had someone else using their Social Security numbers. That figure is 51 times higher than the rate for adults of the same population.

Most people can't imagine a child's identity would be valuable. That comes from a lack of understanding of how the credit system works in the US.

Because children have untouched and unblemished credit records, they are highly attractive targets. More importantly, their credit reports are usually never looked at for years and years, so the thief can get away with the crime for longer. Child identity theft is profitable, hard to detect and a nightmare to recover. Thieves steal a child’s identity early on, nurture it until they have a solid credit score, and then abuse and discard it. If it’s not discovered in time, fraudulent use of your child’s identity could mean the loss of educational and job opportunities and starting off adulthood at a serious disadvantage with someone else’s bad credit in her name. All an identity thief needs to ruin your child’s bright financial future is her name and Social Security Number.


Posted on March 27, 2012 at 09:27 AM | Permalink

» Social media use leads to increase in identity theft

Big users of social networks and smartphones have a higher risk of ID theft.

About 12 million Americans got hit by identity fraud in 2011, a 13% increase from a year earlier, thanks to consumers' growing use of social-media websites and smartphones, plus a sharp jump in security breaches, according to a recent report from Javelin Strategy & Research.

"The new ways in which people can communicate with each other create new risks," says Joel Winston, chief privacy officer at ID Analytics, a consumer risk-management company.
Some 7% of smartphone owners became identity-fraud victims in 2011, the Javelin survey of 5,000 consumers found. Smartphone users are about one-third more likely to fall prey to identity fraud than the general public, the report found.

Why? Because smartphones are minicomputers that store vast quantities of personal information, yet many users don't protect their smartphones the way they do laptops and PCs.

WSJ


Posted on March 25, 2012 at 04:00 PM | Permalink

» Facebook pushes back against employers demanding passwords

Is it legal or even fair for prospective employers to request -- or in some cases demand -- your Facebook password?

Facebook, perhaps anxious to avoid public controversy as it prepares for a much-publicized initial public offering, is moving to squelch a widely reported practice of employers asking job applicants for their Facebook passwords.

“If you are a Facebook user, you should never have to share your password, let anyone access your account, or do anything that might jeopardize the security of your account or violate the privacy of your friends,” Erin Egan, Facebook’s chief privacy officer, wrote in a March 23 note. “As a user, you shouldn’t be forced to share your private information and communications just to get a job.”

Egan also hinted at the legal repercussions: “If an employer sees on Facebook that someone is a member of a protected group [e.g., over a certain age, etc.], that employer may open themselves up to claims of discrimination if they don’t hire that person.”

Employers also may not “have the proper policies and training for reviewers to handle private information,” Egan added. “If they don’t—and actually, even if they do—the employer may assume liability for the protection of the information they have seen.” That information may also incur certain responsibilities, such as reporting the possible commission of a crime.

EWeek


Posted on March 25, 2012 at 03:23 PM | Permalink

» FTC report says credit bureaus upsell ID theft victims

A new report by the Federal Trade Commission slams the nation's credit bureaus for upselling identity theft prevention services when victims call looking for help.

The report found that consumers face frustrating voice mail systems that often make it hard to reach a live operator, are confused about their rights and face unnecessary hurdles fixing credit report errors caused by identity thieves. It also pointedly raises the possibility that the new Consumer Financial Protection Bureau could initiate enforcement actions against the bureaus -- Equifax, Experian and TransUnion.

The report comes as that new agency is about to take on regulation of the credit bureaus, a major shift in the way they are policed. The bureau’s new powers will kick in this summer.

More from MSNBC


Posted on March 23, 2012 at 10:46 AM | Permalink

» Armenian Mobsters Convicted in LA for Identity Theft

WASHINGTON – After a five week trial, four defendants have been convicted for their roles in one of the largest bank fraud and identity theft schemes in California history, with dozens of victims in four states and millions of dollars in losses.

The convictions were announced by Assistant Attorney General Lanny A. Breuer of the Justice Department’s Criminal Division, U.S. Attorney Andre Birotte Jr. of the Central District of California, Assistant Director in Charge of the FBI’s Los Angeles Field Office Steven Martinez and Special Agent in Charge of the U.S. Secret Service (USSS) Joseph Beaty.

Arman Sharopetrosian, Karen Markosian, Artush Margaryan and Kristine Ogandzhanyan were found guilty of conspiring to commit bank fraud, attempted bank fraud and various counts of aggravated identity theft.  Sharopetrosian, Markosian and Ogandzhanyan waived a jury trial and consented to trial by the judge, and Margaryan proceeded with a jury trial.  

Yesterday, U.S. District Judge David O. Carter found Ogandzhanyan, 28, of Burbank, Calif., guilty of one count of bank fraud conspiracy, two counts of attempted bank fraud and four counts of aggravated identity theft.  On March 16, 2012, the judge found Sharopetrosian, 33, of Burbank, guilty of one count of bank fraud conspiracy, four counts of bank fraud and seven counts of aggravated identify theft.  On March 16, 2012, the judge also found Markosian, 39, of Glendale, Calif., guilty of one count of bank fraud conspiracy, one count of attempted bank fraud and two counts of aggravated identity theft.  A jury convicted the fourth defendant, Artush Margaryan, 28, of Van Nuys, Calif., on March 16, 2012, of one count of bank fraud conspiracy, one count of attempted bank fraud and three counts of aggravated identity theft. 

Evidence was presented at trial that Sharopetrosian is a member of the Armenian Power organized crime group, and Margaryan, Markosian and Ogandzhanyan are Armenian Power associates.

According to evidence presented at trial, Sharopetrosian directed the massive fraud scheme along with co-defendant Angus Brown, while the two were incarcerated at Avenal State Prison.  Using cellular telephones that were smuggled into the prison, Sharopetrosian and Brown worked from behind bars to coordinate with others, including Ogandzhanyn, Markosian and Margaryan, to obtain confidential bank profile information and steal money from victim account holders.  Often targeting high-value bank accounts, the defendants used account holders’ personal identifying information – including names, Social Security numbers and dates of birth – to impersonate victims in phone calls to the bank.  The defendants gathered account information, transferred funds between victims’ accounts and placed unauthorized check orders for the accounts.  They then stole the checks, obtained the victims’ signatures from public documents and paid conspirators to cash the forged checks.  Over the course of the six-year conspiracy, the defendants and their co-conspirators caused more than $10 million dollars in losses to victims in Southern California, Nevada, Arizona and Texas.

“These defendants, including two individuals who were operating from a prison cell, perpetrated a massive fraudulent scheme on behalf of a dangerous criminal enterprise,” said Assistant Attorney General Breuer.  “As members and associates of Armenian Power, they stole sensitive personal and financial information from innocent consumers and caused millions of dollars in losses.  Whether organized criminal groups traffic in drugs, commit financial fraud or wreak other havoc to keep themselves going, they must be stopped.  We are doing everything possible to shut down dangerous gangs like Armenian Power.”

“The safety and sanctity of confidential financial information is paramount in today’s society,” said U.S. Attorney Birotte.  “Identity theft is a fundamental invasion of consumer privacy that cannot be tolerated.  These convictions demonstrate that violators, whoever and wherever they may be, will be caught and will be prosecuted to the fullest extent of the federal law.”

“The defendants were convicted in a trial that uncovered a sophisticated and lengthy scheme that targeted victims in multiple states, and included disturbing details, such as orders made from within prison walls and assistance from bank insiders enlisted by the defendants,” said FBI Assistant Director Martinez.  “This case is also indicative of the growing trend of gang or organized crime-affiliated groups now engaging in identity theft and other financial crimes in furtherance of their enterprise.”    

 

These defendants are four of 20 defendants who were charged with operating the bank fraud and identity theft scheme in one of a series of federal indictments unsealed on Feb. 16, 2011.  The indictments allege various federal crimes against members and associates of the Armenian Power criminal organization.  To date, 19 of the 20 defendants charged in the bank fraud indictment have been convicted, including Brown.  One defendant, Faye Bell, was arrested earlier this year and is still awaiting trial.

Sharopetrosian, Margaryan, Markosian and Ogandzhanyan face maximum sentences of 30 years in federal prison for each count of bank fraud, 30 years for each count of conspiracy to commit bank fraud and additional mandatory two year sentences for each count of aggravated identity theft.

 Sentencing for all four defendants is scheduled for Aug. 6, 2012, before Judge Carter.

The case is being prosecuted by Assistant U.S. Attorneys Martin Estrada and Joseph McNally of the Central District of California and Trial Attorney Cristina Moreno of the Organized Crime and Gang Section in the Justice Department’s Criminal Division.  The case was investigated by the Eurasian Organized Crime Task Force, which includes the FBI, the USSS, the Los Angeles Police Department, the Glendale Police Department, the Burbank Police Department, the Internal Revenue Service and the U.S. Immigration and Customs Enforcement.


Posted on March 23, 2012 at 10:44 AM | Permalink

» University of Tampa Data Breach

A breach at the University of Tampa may have exposed the sensitive information of thousands of students, faculty and staff members, including their names, identification numbers, social security numbers and birth dates, according to a press release posted to their the University's Web site over the weekend.

The information of approximately 6,800 students from fall semester 2011 was discovered online by students in a UT class who were searching online. A subsequent investigation turned up two more files containing roughly 30,000 more records from between January 2000 and July 2011.

More from ThreatPost


Posted on March 22, 2012 at 06:04 PM | Permalink

» Unidentified hackers behind Stuxnet and Duqu still at work

The still-unidentified group of attackers behind Stuxnet and Duqu have drawn quite a bit of attention to themselves in the last couple of years with their creations. Researchers, law enforcement and some particularly angry governments all would like to have a long talk with the crew. But that attention apparently hasn't persuaded the group that it's time to tone down their pursuits, as evidenced by the fact that researchers have discovered a newly compiled driver for Duqu within the last couple of days.

One of the unique things about Duqu is that the malware appears to be specifically tailored to each new victim. Rather than writing one piece of malware and spreading it out to a large potential victim base, the crew behind Duqu had a small, specially selected group of targets, each of which got its own specifically crafted components and drivers. Researchers say that the number of known victims of Duqu is quite small, perhaps fewer than 50.

More from ThreatPost


Posted on March 22, 2012 at 06:02 PM | Permalink

» NASA Data Breach Discovered by Hackers

Members of two hacker collectives, Team r00tw0rm and Team inj3ct0r, identified an SQL injection vulnerability on one of the subdomains owned by NASA and hosted on the domainnasa.gov. By leveraging the security hole, the hackers obtained a 6 gigabyte database, but refused to disclose the name of the flawed subdomain to give the agency time to patch it up.

A sample of the database reveals information such as usernames, email addresses, names, IDs, login dates, passwords, and other data.“Complete Database is in GB’s, well we aren’t leaking it. We may keep all parts in our private home! Yet only little bit dump or few columns data is released just to inform NASA that being National Aeronautics and Space Administration you must also keep your servers up to date!”the hackers said.

They claim they informed NASA a few days ago, but since the organization failed to respond, they leaked part of the database to attract the agency’s attention.

More from ITN


Posted on March 22, 2012 at 05:59 PM | Permalink

» When to Consider Bankruptcy

Filing for bankruptcy is a process that many debtors turn to once they realize that they need help with a large debt load. Bankruptcy is a legal procedure that you can use to have your debt discharged right away. While there are some times that bankruptcy is not your best option, there are a few times where bankruptcy is definitely the best option to pursue. Read more...


Posted on March 8, 2012 at 06:10 PM | Permalink

» Data breaches take months or years to be discovered

Over 90 percent of data breaches are the result of external attacks and almost 60 percent of organizations discovered them months or years later, Verizon said in a report released at the RSA security conference on Wednesday.

Called the Verizon 2011 Investigative Response Caseload Review, it compiles statistics from 90 data breach cases investigated by the company's incident response team last year, and provides a preview of Verizon's larger annual report that will contain data collected from additional sources like national CERTs and law enforcement agencies.

The report concludes that 92 percent of data breach incidents have had an external cause, which conflicts with the findings of other security vendors, according to whom most data breaches are the result of internal threats.

More from IDG


Posted on March 8, 2012 at 05:48 PM | Permalink | Comments (0)

IMPORTANT LEGAL NOTICES