Creative Commons License

 

» Free credit freezes and fraud alerts - New September 2018

Free credit freezes (security freezes) and year-long fraud alerts are now the law.

How to set the new free credit freeze.

You can now set and lift credit freezes for free. Fraud alerts, also free, now last for one year instead of 90 days as they used to. These changes are effective September 21, 2018.

Credit freezes, also known as security freezes, restrict access to your personal credit file. This makes it harder for identity thieves to open new accounts using your identity. You can freeze and unfreeze your credit file for free. You also can do a free freeze for your children who are under 16. You can get a free freeze on behalf of a person if you are their guardian, conservator or have legal power of attorney.

How do the new freezes work? Contact the three nationwide credit reporting agencies Experian, Equifax and TransUnion (Google or go to websites). If you request a freeze online or by phone, the agency must place the freeze within one business day. If you request to lift the freeze, the credit bureaus must do it within one hour. If you request by mail, the agencies must place or lift the freeze within three business days after it receives your request. You also can lift the freeze temporarily without a fee (this is really useful if you want to apply for credit.)

Important: A credit freeze is NOT the same as a credit lock. They work in similar ways. However locks may have fees and are not governed by law. If you want a free freeze guaranteed by federal law, then choose a freeze, rather than a lock. In our opinion, if you get a lock as free with another service, it's worth using. A freeze is the way to go for the best protection.

TransUnion

https://www.transunion.com/credit-freeze 
888-909-8872
TransUnion LLC
P.O. Box 2000
Chester, PA 19016

Equifax 

https://www.freeze.equifax.com/
800-685-1111
Equifax Security Freeze
P.O. Box 105788
Atlanta, Georgia 30348-5788

Experian

https://www.experian.com/freeze/center.html
888-397-3742
Experian Security Freeze
P.O. Box 9554
Allen, TX 75013

How to use the new year-long fraud alerts

As of September 21, 2018, if you set a fraud alert, it will last one year, rather than 90 days. Fraud alerts will continue to be free. Victims of identity theft can still get a 7 year extended fraud alert. A fraud alert tells anyone that checks your credit that they should contact you before opening a new account. An alert does not mean that the credit bureaus actually send an alert to you. And it doesn't require that the business checking your credit contact you. In practice, most creditors and lenders will not extend credit if you have a fraud alert without contacting you first.

Military members will still have access to special active duty alerts. These let them place a fraud alert for one year, renewable for the time they are deployed. The active duty alert also requires that the credit reporting agencies take their name off their marketing lists for pre-screened offers of credit or insurance for two years.

To place a fraud alert or active duty alert visit the websites of any of the three nationwide credit reporting agencies, Experian, Equifax or TransUnion. You only need to contact ONE. The one you contact must notify the other two of the alert.


Posted on September 21, 2018 at 10:31 AM | Permalink | Comments (0)

» White label credit monitoring

Need white label credit monitoring? Check out Truston, a leader in white label credit monitoring. Along with white label credit reports and white label credit scores. And identity protection.


Posted on September 20, 2018 at 08:51 AM | Permalink

» What is the difference between credit freeze and credit lock?

A credit lock is different from a freeze. A credit freeze (aka security freeze) is governed under state laws, credit locks are not.

These are the bureaus' credit lock services. A lock is one feature that may be included with other product benefits.

http://www.experian.com/consumer-products/creditlock.html

https://www.transunion.com/product/credit-lock

http://www.equifax.com/lockandalert/


Posted on September 28, 2017 at 12:53 PM | Permalink

» Equifax Data Breach - 3 Steps To Protect Yourself

What you can do about the Equifax data breach.

  1. Equifax set up a website, equifaxsecurity2017.com, to help you determine if your data was part of the hack (hint: it probably is). Equifax will be providing free credit monitoring to anyone affected. Whether you want to sign up with them after this hack, is up to you.
  2. Set up a fraud alert, for free, by calling one of the three credit bureaus: Equifax, TransUnion, or Experian. By law, the bureau you contact must share that alert with the other two bureaus. You only need to contact one. The FTC website explains how. An alert does not actually alert you personally! It puts some words on your credit file to inform credit grantors to contact you if anyone applies for credit in your name (including you). They aren't required by law to actually contact you, but most do.
  3. Add a security freeze on your credit file. You may have to pay for this. You must lift it temporarily when you apply for new credit. You have to individually call each of the three nationwide credit reporting companies. You'll need to supply your name, address, date of birth, Social Security number and other personal information. Fees vary based on where you live, but commonly range from $5 to $10. The FTC has complete details on this.
    Equifax — 1-800-349-9960
    Experian — 1‑888‑397‑3742
    TransUnion — 1-888-909-8872

 


Posted on September 8, 2017 at 10:28 AM | Permalink

» Equifax data breach - 143 million US consumers

Equifax reports cybersecurity incident could impact 143 million Americans. It may be one of the few largest breaches in history. Hackers accessed names, Social Security numbers, birth dates, addresses and driver’s license numbers. Also, credit card numbers for over 209,000 consumers were accessed. 

EFX discovered the breach on July 29 and the unauthorized accesses took place from mid-May until July.

More: Atlanta J-C 

Three steps to protect yourself from the Equifax data breach

 


Posted on September 7, 2017 at 02:25 PM | Permalink

» White label credit monitoring - Top provider

Truston is a top provider of white label credit monitoring for businesses that need their clients to provide credit reports and credit scores. They can be reached at 800-960-5512 or mytruston.com.


Posted on June 12, 2017 at 12:19 PM | Permalink

» White label credit monitoring

If you need white label credit monitoring, the market leader is Truston. Reach them at (800) 960-5512 or www.mytruston.com. Truston provides private label credit monitoring, white label credit reports, white label credit scores, white label identity protection. Business partners earn one-time or recurring revenue commission. They have a partner program for affiliates.


Posted on March 13, 2017 at 08:41 AM | Permalink

» Credit bureau fraud numbers

Phone numbers to call for customer service at the credit reporting companies if you suspect fraud or identity theft.
 
Experian 800-509-8495 option 2, 2, 3
 
TransUnion 855-681-3196 option 3
 
Equifax 877-528-6481 option 1


Posted on February 12, 2017 at 04:40 PM | Permalink

» Medical identity theft tips

Medical ID theft is a dangerous and growing threat. This article provides some tips to protect yourself. more...


Posted on December 31, 2016 at 06:44 PM | Permalink

» Report on the high identity theft rate in DC

There is a new report that describes that the District of Columbia is the area with the most ID theft and fraud in the United States. more...


Posted on December 31, 2016 at 06:41 PM | Permalink

» Mall of America Clerk Busts Identity Theft Ring


Police say an alert clerk at a jewelry store inside Mall of America helped uncover an identity theft ring that involved multiple victims.

The incident happened Wednesday, Jan. 20, at a Mall of America jewelry store. A clerk said a man and woman came into the store and asked to see a $5,000 Rolex for a friend in Hong Kong. They said they wanted to buy it, so the woman provided a Visa card and Connecticut ID, according to the complaint.

More: http://kstp.com/news/stories/s4028548.shtml


Posted on January 27, 2016 at 01:17 PM | Permalink

» Neiman Marcus Data Breach Worse Than Originally Thought

The theft of consumer data from Neiman Marcus appears far deeper than had been disclosed originally, with the luxury retailer now saying that hackers invaded its systems for several months in a breach that involved 1.1 million credit and debit cards.

The malware installed on terminals in Neiman Marcus stores seems to be the same malware that infiltrated Target’s systems and exposed information from as many as 110 million customers, according to a person briefed on the investigations who spoke on the condition of anonymity and is not authorized to speak publicly about the attacks.

Investigators have not revealed whether the same cybercriminals are suspected in both breaches, although investigators and security specialists have described a loose band of hackers from Eastern Europe as the likeliest suspects in the Target theft. Security specialists working with the authorities have said that the hackers were considering several major retailers as potential targets.

In a statement posted on its website Wednesday night, Neiman Marcus said that the malware had been “clandestinely” put into its system and had stolen payment data off cards used from July 16 to Oct. 30. MasterCard, Visa and Discover have told the company that about 2,400 cards used at Neiman Marcus and its Last Call outlet stores have since been used fraudulently.


Posted on January 28, 2014 at 09:28 AM | Permalink

» Protecting your identity in light of so many data breaches

With all of the media surrounding the Target, Neiman Marcus, and, now, Michaels data breaches (and potentially other retail outlets), it can be overwhelming to determine what you should do to protect yourself. Even though you can't prevent a breach, there are steps you can and should take to prevent future headache and harm.

This is an important alert to read even if you weren't a victim of the recent breaches. As privacy and security professionals say on a regular basis, data breaches aren't a question of "if", they are a question of "when." It is best to be prepared and proactive.

1. Monitor your accounts. Check the financial account(s) you used to make your purchase at the breached retailer on a regular basis – preferably online. Don’t wait for the monthly statement. If there is any charge -- including a very small charge -- that you did not make or authorize, call the financial institution immediately.

2. Credit cards are better than debit cards. Always. If you used a debit card at the breached retailer, call your financial institution and request that they issue you a new card (if they haven't already). And in the meantime monitor your account closely and report any loss as soon as you notice it.

3. Take advantage of free credit monitoring services, but realize their limitations. In the cases of Target and Neiman Marcus, they are each offering a single-bureau monitoring service (there are three credit bureaus). This can be helpful if someone gains access to your Social Security number and tries to open a new account in your name, but it does not protect you against other forms of fraud.

Go directly to https://creditmonitoring.target.com to sign up for the service Target is offering. You will find Neiman Marcus' service here: https://www.protectmyid.com/nm.

4. Watch out for fraudsters. If you follow these general rules, you will largely reduce your chances of falling victim to common scams.

Never give sensitive information out to anyone who calls you. Chances are no breached company is going to call everyone whose records were breached—even if your caller ID says otherwise. It's safe to say the same applies with any law enforcement or government agency, bank, or other entity that may have a reason to need sensitive information.

Watch for fraudulent emails. Don't open attachments unless you BOTH trust the sender and are expecting an attachment from them. Don’t respond to an email asking for any sensitive information even if it looks official.

5. Keep up with your credit reports. It doesn't matter if you've been the victim of a data breach, you are entitled to one free credit report per year from each of the three credit bureaus. We recommend spacing them out and ordering one report every four months. Only do this through the official site, https://www.annualcreditreport.com. Don’t fall for websites with similar names.


Posted on January 27, 2014 at 06:43 PM | Permalink

» Target data breach affects at least 70 million customers

The data breach at Target Corp over the holiday shopping season was far bigger than initially thought, the company said today, as state prosecutors announced a nationwide probe into the second-biggest retail cyber attack on record.

Target said an investigation has found that the hackers stole the personal information of at least 70 million customers, including names, mailing addresses, telephone numbers and email addresses. Previously, the No.3 U.S. retailer said the hackers stole data from 40 million credit and debit cards.

The two sets of numbers likely contained some overlap, but the extent was not clear, according to Target spokeswoman Molly Snyder. She also noted that some of the victims did not shop at Target stores during the period of the breach between November 27 and December 15, and their personal information was stolen from a database.

 


Posted on January 21, 2014 at 09:25 AM | Permalink

» Loyaltybuild Data Breach a Security Nightmare

Thousands of people across Europe and, more specifically, in Ireland have had their credit card and personal details stolen after a company which runs reward schemes was hacked.

Investigators have discovered that more than 376,000 people have had their details pilfered after Loyaltybuild's data centre in County Clare, Ireland was breached. It is believed that a further 150,000 potential client records may also have been compromised.

Of this figure some 70,000 or so were SuperValu customers and over 8000 were clients of AXA Leisure Break.

SuperValu is now contacting its customers to advise them that there is a "high risk" that an unauthorised third party has accessed details of cards used to pay for Getaway Breaks between January 2011 and February 2012.

The company said that the Getaway Breaks booking system has now been suspended until further notice. The company also emphasised that only data collected through Loyaltybuild was at risk and that other SuperValu customers would not be affected.

AXA said it will be contacting all of its customers whose data may be at risk and will advise them to check their credit card statements for any unauthorised activity.

 


Posted on November 14, 2013 at 01:49 PM | Permalink

» Tax refund ID theft is a growing epidemic says IRS

More Americans' identities were stolen in tax refund crimes in the first six months of 2013 than in all of 2012, said a U.S. Internal Revenue Service watchdog on Thursday who described the problem as "a growing epidemic."

Tax refund fraud has exploded in recent years. Scammers typically use stolen names and Social Security numbers to file phony electronic tax forms for IRS refunds.

About 1.6 million Americans were victims of ID theft/tax refund crimes this year through June, up from 1.2 million taxpayers in all of 2012, the Treasury Inspector General for Tax Administration (TIGTA) said in a report.

"Identity theft is a growing epidemic," said J. Russell George, TIGTA's chief.

Democratic Senator Bill Nelson of Florida, a hot spot for these crimes, said in a statement that TIGTA's analysis shows the IRS is making progress, but much remains to be done.

TIGTA said that while the number of frauds has risen, the amount of federal revenue lost to these crimes has decreased. In 2011, the government lost $3.6 billion in potentially fraudulent tax refunds, down from $5.2 billion in 2010.

The thieves are increasingly working from abroad, TIGTA found. In 2011, someone using a single mailing address in Lithuania made more tax filings with fraudulent Social Security numbers than any single U.S. address, TIGTA said.

The Lithuanian address received $220,489 in fraudulent IRS refunds; an address in Shanghai received $156,533.

"The constantly evolving tactics used by scammers to commit identity theft continues to be one of the biggest challenges facing the IRS," the IRS said in a statement on Thursday.

TIGTA said the IRS must do more to spot red flags signaling potential fraud in tax filings, such as multiple filings from the same address, and to help victims more quickly.

The IRS said it agreed with TIGTA's recommendations.


Posted on November 14, 2013 at 01:45 PM | Permalink

» 50 Cent, Carmelo Anthony Are Some Celebrity Identity Theft Victims

Federal agents arrested two Hartford residents for allegedly stealing the identities of high-profile celebrities, including rapper 50 Cent and New York Knicks star Carmelo Anthony, and paying for Tiffany & Co. diamonds, Honda Vespa scooters and three used Cadillacs with the victims' credit cards.

According to investigators, the pair defrauded seven high-profile victims across the country including singers and athletes from Farmington, Conn., Miami and Beverly Hills.

Court documents showed Preston and Nunez found the celebrities' personal information on the Internet, and got ahold of their credit card numbers. They are accused of spending more than $500,000 on items that included Tiffany diamonds, dozens of Honda Vespa scooters and expensive cars. Investigators said most purchases were made online and on the phone.


Posted on November 14, 2013 at 01:43 PM | Permalink

» Credit Repair and The Fair Credit Reporting Act

The Fair Credit Reporting Act (known as FCRA) goes back to 1970 as an amendment to the Consumer Credit Protection Act. The FCRA provides consumer protection in the areas of fairness, accuracy, and privacy of the information collected by the credit bureaus. It also governs the credit repair and maintenance processes, verifying that the information in your credit report is correct.

Federal consumer rights under the FCRA include:

  • Access to your credit report. You have the right to know what is in your credit file. The FCRA requires Experian, TransUnion, and Equifax to provide you with a free copy of each report once per year. You are also entitled to receive a free copy of your report if:

    • A potential lender views it
    • You are the victim of identity theft and/or want to place a fraud alert in your credit file
    • You request public assistance
    • You are unemployed and plan to apply for a new job within 60 days
  • Access to your credit score. Your credit score provides potential creditors with a numerical indication of how likely you are to repay borrowed money. Based upon information found within your credit report, this number helps lenders, insurance companies, and other businesses decide whether or not to do business with you. The credit bureaus are required to provide your credit score if you request it, however it may come with a small fee attached.

  • Notification when your credit information is used against you. If your application for insurance coverage, auto loan, mortgage, or other type of credit is denied, the lender must inform you of the decision. They must also provide the contact information of the credit bureau that gave them access to your report.

  • The right to dispute information on your credit report. Incomplete or false information can drag your credit score down. In addition to viewing your credit report, the FCRA allows you to trigger an investigation with the credit bureaus if you spot an error. Once the information is verified as false or inaccurate, it must be deleted or corrected within 30 days. Keep in mind that our service demands that creditors and bureaus uphold two additional reporting standards pursuant to other applicable laws -fairness and substantiation - in addition to simple accuracy.

  • The right to delete outdated information. Negative citations such as collections and bankruptcies can remain on your credit report for a maximum of 7 to 10 years. After this time period has passed, the credit bureaus must remove them from your report. Remember, though, that there is no minimum reporting period, so creditors or credit bureaus can remove information even earlier if they choose to do so.

  • The right to decide who views your credit report. No one can view your credit report without your permission. The FCRA requires lenders, landlords, employers, and other interested parties to obtain consent before viewing your credit report.

  • The right to opt out of unsolicited offers. If you're tired of receiving pre-approved credit applications and insurance coverage offers, you have legal recourse. Businesses that send these offers must include a toll-free number that allows you to remove your name from their solicitation list.

  • The right to legal action. Your credit report is valuable, and the FCRA prevents outsiders from misusing it. For more information, contact a credit repair professional, or visit the Federal Trade Commission website:www.ftc.gov/credit.

We are not experts on the FCRA. The FCRA is a broad and detailed legislation with many areas. FCRA compliance and the details and requirements of the enforcement actions of the government regulators that handle FCRA are outside the scope of our knowledge.

 


Posted on July 3, 2013 at 05:41 PM | Permalink | Comments (0)

» Why is Credit Repair Important?

Credit repair is important because it can help get you "good credit." Maintaining good credit can make your life a lot easier in a number of ways. Poor credit leads to these problems you want to avoid:

  • Poor credit scores. Your credit scores are calculated using your credit report. If your report has errors, you will probably have a lower score than you should.
  • Rejected for a loan and mortgage. Lenders rely on your credit score when deciding whether to give you a mortgage or loan. When your credit score is low, your loan application is often rejected. Mortgage and auto lenders are making it even harder to get a new loan or re-finance, so a better credit score is even more important.
  • Higher interest rates. Even if you do qualify for loans and mortgages, the interest rate you pay is important. This rate is the amount of money you pay to borrow from the lender. The lower your credit score, the higher your interest rate (because the lender thinks you are a higher risk). Repairing your credit and improving your credit scores could save you tens of thousands of dollars over the life of your loan.
  • Higher insurance premiums. Many insurance providers check your credit report and scores. A low credit score is often viewed as a higher risk and can result in higher premiums.
  • Lost job opportunities. Many employers perform credit checks before hiring. Companies do this as a way to gauge an applicant's level of responsibility. A bad credit report can make you appear careless or irresponsible. This could lead to you not getting that job you really want.

 


Posted on June 7, 2013 at 04:56 PM | Permalink | Comments (0)

» What is Credit Repair?

Federal law says that information about you that is reported to the credit bureaus must be accurate and fair. However, the Federal Trade Commission reports that one in four consumers have errors on their credit reports that lower their credit scores.

Credit repair is about fixing these errors so your credit report and credit score are the best they can be. The process, which can be quite challenging, involves disputing the errors in your report directly with the credit bureaus.

What kind of errors might be on your report? Late payments, unknown accounts, collections, foreclosures, charge-offs, liens, judgments, or bankruptcies. Any of these can reduce your credit score by a significant amount. 


Posted on June 7, 2013 at 04:42 PM | Permalink | Comments (0)

» How fast does your credit score recover from your goofs?

Experts say you can expect a late payment to hurt your credit score for seven years, with your score gradually recovering over that time frame as you make smart borrowing decisions -- though exactly how much and how fast your score recovers isn't entirely clear.

The federal Fair Credit Reporting Act says that negative items can only appear on your credit report for seven years, but it doesn't say how the credit industry should treat the impact of those items after they happen. That vagueness, combined with the secrecy and complexity involved in credit scoring, mean that it's tough to say exactly how a borrower's credit score will recover from a late payment. Still, provided the borrower makes smart decisions following a slip-up, time will heal those credit wounds.

"Every consumer's situation is different, but generally speaking, the impact from a negative item, such as a late payment, will lessen as that item ages" says Steve Katz, spokesman for credit bureau TransUnion.

While FICO, creator of the most-widely used scoring model, largely keeps the details of its scoring model a secret, we do know the approximate damage a late payment will cause. FICO pulled the curtain back a bit on its scoring model recently when it acknowledged just how much certain credit mistakes can hurt a borrower's credit score. For example, in the case of two hypothetical consumers, FICO said that a 30-day late payment would reduce a FICO score of 680 by 60 to 80 points, while an identical late payment would reduce a FICO score of 780 by 90 to 110 points. (For more on this topic, see our story on FICO's damage points.) You can run FICO's credit score simulator to get an idea of how much damage various mistakes, including a late payment, may cause to your own credit score.

Read more


Posted on March 20, 2013 at 11:41 AM | Permalink | Comments (0)

» How your credit utilization ratio is calculated

The calculation of your credit score combines a wide-angle view of your total combined credit utilization -- including any authorized credit card accounts -- with a close-up view of each individual credit card account. 

FICO says it takes that approach in order to get the most accurate view possible of a person's credit utilization, or their existing debt levels compared to their available lines of credit. As you already know, FICO's scoring model -- by far the most widely used in the United States -- pays close attention to that ratio, and you're wise to do the same.

"The utilization rate is an important indicator of lending risk. A person who is charging to the limit on their credit cards is far more likely to suddenly have repayment problems than a person who uses their credit cards sparingly," says Rod Griffin, director of public education with credit bureau Experian. For credit scores, "the lower the utilization rate, the better," Griffin says.

Read more 


Posted on March 20, 2013 at 11:35 AM | Permalink | Comments (0)

» What everyone should know about credit reports and scores

Don't be overly concerned with your credit score. It can be a serious challenge to ever really "know" that number. That's because these scores vary based on when they are calculated (since they originate from a momentary snapshot of your credit report) and the scoring model itself. (There are many scores out there, including FICO, VantageScore, proprietary models and "educational" scores that aren't used by any lenders). Your credit score number can -- and does -- vary from day to day and lender to lender. As a result, at a given moment in time, it's extremely difficult to truly "know" your credit score with any certainty.    

So instead of placing emphasis on that score, focus on your credit reports. Those reports are the basis for lending decisions, regardless of the scoring model used. In some cases, they are even used for hiring decisions. Note that I said "credit reports" -- plural. That's because you've got a report with each of the three major credit bureaus (Equifax, Experian and TransUnion) that maintain a record of individual U.S. consumers' borrowing behavior. Unless lenders tell you, it's difficult to know what report they may be working with. Since the information listed in those bureaus' reports can differ, you need to look at each one for a complete picture of where you stand.

Read more  


Posted on March 20, 2013 at 11:29 AM | Permalink | Comments (0)

» 5 traits that go along with a lower credit score

You know how important good credit is, so you watch your credit-related activity closely. You limit credit inquiries, maintain a respectable debt-to-income ratio and -- of course -- pay the bills on time.

But know this: The credit industry is watching right back. If you've checked your credit report, you can see it tracks your individual behavior, but did you know it tracks how we behave in groups? In search of ways to identify the most creditworthy customers, the industry and academics have studied where we live, who we are, how we behave -- and how these traits relate to credit scores.

So, the studies say, a pack-a-day smoker from Harlingen, Texas, is likely to have a worse credit score than a very patient woman from Wausau, Wis.

Hold the e-mails, though -- these unexpected traits that go along with lower credit scores are just correlations, not causations. It's not cause and effect. "None of these things are factored into your score, but have been studied alongside credit scores," explains Michele Raneri, vice president of analytics for Experian.

Keep reading to learn about five things that tend to go along with a lower credit score.

Read more


Posted on March 20, 2013 at 11:27 AM | Permalink | Comments (0)

» 10 things you should know about identity theft

Identity theft is often in the news, but there are a lot of misconceptions swirling around about how to best protect yourself.

While some identity thieves focus on getting your credit cards and maxing them out before you even realize they're missing, an increasing number are using one piece of information about you -- often a credit card number -- in order to steal your entire identity.

Though many folks worry about keeping their credit card information secure when shopping online, the top methods that identity thieves use to steal personal data are still low-tech, according to Justin Yurek, president of ID Watchdog, an identity theft-monitoring firm. "Watch your personal documents, be careful to whom you give out your data over the phone, and be careful of mail theft," he says.

Read more


Posted on March 20, 2013 at 11:25 AM | Permalink | Comments (0)

» Cybercriminals Recruit Dupes With Bogus Job Offer Emails

It’s not uncommon for users to receive links that point to a shady website that advertises work-from-home jobs. However, this is not the only method preferred by fraudsters and in some cases they’re looking for much more than someone who’s willing to pay a small fee for the key to success. The crooks continue by highlighting the fact that it’s not a scam and present a short list of basic requirements. Finally, they mention the amount of money that can be earned and, as expected, the amount is fairly high for a job that involves typing and making a few calls.

A noteworthy fact is that the emails originate from email addresses hosted at careerin-finance.com, a domain registered at a Chinese registrar that’s known to support shady operations. However, this is not just a regular job scam. In reality, it’s an attempt to recruit money mules – knowing or unknowing individuals who help fraudsters launder money.

So, if you reply to such an offer (we highly recommend against doing so), you shouldn’t be surprised if your “employer” would ask you to transfer some money to and from your bank account, send money via Western Union, or perform other suspicious transactions.

More


Posted on July 8, 2012 at 11:01 PM | Permalink | Comments (0)

» Medical Identity Theft: What it is and How to Protect Yourself

While it's the fastest-growing type of identity theft, a new Nationwide Insurance survey reveals few people know what medical identity theft is or how devastating it can be to your credit and your health.

The national telephone survey commissioned by Nationwide Insurance was conducted by Harris Interactive in February among 2,001 adults with health insurance. It found only 1 in 6 (15%) of insured adults say they are familiar with medical identity theft. Of that 15% only one in three (38 percent) could correctly define "medical identity."

"A stolen medical identity has a $50 street value -- whereas a stolen social security number, on the other hand, only sells for $1*," said Kirk Herath, Nationwide Chief Privacy Officer. "However, while most people are very careful with their social security number to protect their credit and personal information, they tend to be less careful when it comes to their medical information."

What is "Medical Identify Theft?"

Medical ID theft occurs when one person steals another's medical information to obtain or pay for health care treatment. It's a crime that can have a serious impact on your personal, financial and medical well being.

According to the World Privacy Foundation, medical identity theft has affected 1.5 million Americans at a cost of more than $30 billion.

If someone steals your medical information they illegally can use your health care insurance to obtain medical care, buy prescription drugs or submit false insurance claims in your name, all of which can lead to devastating financial results or potentially hazardous changes to your medical records.

The three most common ways your medical identity could be compromised are:

-- Financial medical identity theft -- Someone is getting medical help using your name and/or other information.

-- Criminal medical identity theft -- You are being held responsible for the actions of another's criminal behavior.

-- Government benefit fraud -- Your medical benefits are being used by another person.

Devastating Consequences, Difficult Recovery

According to a Nationwide Insurance survey, more than half (56%) of insured adults said it's likely that their credit card or credit card number would be stolen, while only one-third (32%) say they expect their medical identification to be stolen.

About one in five (22%) believe the most likely consequence would be that their health insurance could be cancelled, when in reality hazardous changes could be made to their medical records compromising their health.

"These are warning signs that should not be ignored," Herath said. "The cost and time associated with cleaning up a medical account is sizeable."

The personal expense of resolving a medical identity theft is about $20,000, according to actual victims. The same victims also said they had spent four to six months resolving the theft**.

More than half of the study participants underestimated how long it would take to restore their medical identity. Nineteen percent or about 1 in 5 said it would take less than two weeks. And more than half underestimated or didn't know how much it would cost.

When it comes to taking proactive measures to review their medical records for errors, 75 percent or 3 of 4 study participants "trust" that their medical records are correct.

"Blind faith in a medical record is risky behavior," Herath said. "Nationwide Insurance recommends being as knowledgeable about your medical records as you are about your financial reports."

Tips to protect your Medical Identity

Here are a few things you can do to safeguard your medical identity:

-- Closely monitor any "Explanation of Benefits" sent by health insurers

-- Pro-actively request a listing of benefits from your health insurers

-- Request a copy of current medical files from each health care provider

-- If you are victim, file a police report

-- Correct erroneous and false information in your file

-- Keep an eye on your credit report

-- Request an accounting of disclosures

 


Posted on June 15, 2012 at 12:05 PM | Permalink | Comments (0)

» Merchant personal data may have been stolen from Global Payments

Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.

"We have recently learned of potential unauthorized access to servers containing personal information from a subset of merchant applicants," Paul Garcia, Global Payments' chairman and CEO, said during a conference call with shareholders on Tuesday.

Affected individuals will be offered free credit monitoring services and identity protection insurance of $1 million. The three U.S. major credit reporting agencies have also been advised about the incident, Garcia said.

Garcia declined to share an exact number of individuals potentially affected by the unauthorized access to servers that contained merchant data, citing an ongoing process of analyzing that information.

More


Posted on June 15, 2012 at 12:02 PM | Permalink | Comments (0)

» IRS Tax Return Identity Theft Hotline

If you think someone used your identity to file a fraudulent tax return and snatch your refund, call the new Tax Return Identity Theft Hotline.

Launched today by the IRS criminal investigations division and the U.S. Attorney's Office, the number is 412-395-4973.

Last summer, scam artists set up shop in Erie and began offering people help tapping into a fictitious federal stimulus program, then stole their identities, IRS criminal investigations spokesman Andrew Hromoko said. If anything similar happens this year, calls to the hotline could help the agency to identify the scheme quickly.

Callers who leave a message will receive a return call from a special agent within 24 to 48 hours.

A taxpayer who believes they are at risk of identity theft due to lost or stolen personal information should also contact the IRS Identity Protection Specialized Unit at 800-908-4490 so the agency can secure their tax account.

More


Posted on June 15, 2012 at 11:59 AM | Permalink | Comments (0)

» Hackers more aggressive in attacking bank accounts

A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded.

The total number of attacks to try and break in and transfer money out of hacked customer accounts was up to 314 over the course of 2011, according to the Financial Services Information Sharing and Analysis Center (FS-ISAC), which released findings of its survey of 95 financial institutions and five service providers. That's an increase from 87 attacks against bank accounts in 2009 and 239 in 2010.

FS-ISAC is the group that coordinates on security issues with the Department of Homeland Security. The survey was conducted by the American Bankers Association.

The actual dollar losses taken by the financial institutions last year was $777,064, down from a high of $3.12 million in 2010. Dollar loss for customers was $489,672 in 2011, as compared with $1.16 million in 2010.

More


Posted on June 15, 2012 at 11:57 AM | Permalink | Comments (0)

» Utah CTO takes fall for data breach

The executive director of Utah's Department of Technology Services has resigned over a data breach two months ago that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients.

Utah Governor Gary Herbert announced the resignation of Stephen Fletcher on Tuesday.
In a statement, Herbert also described various initiatives underway that aim to mitigate the risk of similar breaches in the future.

The State's plan includes an independent audit of all IT security systems, the appointment of a new health data security ombudsman and a continuing investigation of the breach by law enforcement personnel.

More


Posted on May 18, 2012 at 03:33 PM | Permalink | Comments (0)

» Banks are complacent about check fraud

Many banks are complacent about check fraud, perhaps because it's been around for so long. And yet, according to the 2012 Faces of Fraud survey, it remains the second-most common form of fraud institutions face.

Another reason for the complacency? Check fraud seems minor, relative to escalating fraud threats posed by emerging e-commerce channels. "Banks perceive the risk to be much higher in the electronic-payment channels," Tubin says. "With check fraud, they've been dealing with it forever, and they're used to it."

But the lines between old-school schemes such as check fraud, and emerging e-commerce scams are blurring. The advent of check images has married the check to the online channel. And financial institutions that continue to rely on manual processes to detect check fraud find themselves challenged by new cross-channel schemes.

More


Posted on May 18, 2012 at 03:30 PM | Permalink | Comments (0)

» BitCoin hacked, More than 18,000 Bitcoins Stolen

Bitcoinica, a Bitcoin exchange started by a 17-year old teenager Zhou Tong, has been shut down for security investigations. It’s believed that at least 18,000 BTC ($90,000 or 68,000 EUR) have been stolen.
 
News of the hack was posted this morning by Bitcoinica's founder, Zhou Tong:"Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

More


Posted on May 18, 2012 at 03:29 PM | Permalink | Comments (0)

» 700,000 CA social services records lost

The California office of In-Home Supportive Services, which provides health support to elderly and disabled people, reported on Friday that the personal records of some 700,000 caregivers and care recipients were either lost or stolen.

But this data loss was not due to a server breach, or some complex phishing attack—instead, the Social Services office said that Hewlett Packard, which manages the data controlled by the office, notified the IHSS of the breach after a physical package containing microfiche with thousands of entries of payroll data went missing from a damaged package shipped by U.S. Postal Service to the State Compensation Insurance Fund in Riverside, CA.

As the package arrived damaged and incomplete, it’s unclear whether the information was lost or stolen, but the state has launched an internal investigation and notified law enforcement in the hopes of resolving the issue, according to the Los Angeles Times. "The possibly compromised information, dating from October to December 2011, for 375,000 workers included names, Social Security numbers and wages. For 326,000 recipients, state identification numbers may be at risk,” the LA Times reports. The In-Home Supportive Services office is also sending out hundreds of thousands of letters to potentially affected parties.


Posted on May 18, 2012 at 03:28 PM | Permalink | Comments (0)

» Your Dead Relative Could be a Victim of Identity Theft

Your lost loved one's financial identity could come back to life in a most unsettling way -- 2.5 million deceased Americans' identities are misused every year, according to ID Analytics, an ID theft risk assessment company. The company's research arm compared the names, Social Security numbers and birthdays listed on applications for credit against the Social Security Administration's master file of deaths to come up with those numbers.

ID Analytics says crooks intentionally steal the identities of about 800,000 deceased Americans each year. The company says identity thieves also make up Social Security numbers, and inadvertently make matches with about 1.6 million people a year who have died.

In addition, ID Analytics detected a disturbing pattern of theft of financial information belonging to people who were dying. It's easy to see how that could happen, since people who are gravely ill can easily lose track of the details of their finances. When you break it down, ID Analytics says con artists use dead people's identities more than 2,000 times a day.


Posted on May 18, 2012 at 03:26 PM | Permalink | Comments (0)

» UNC-Charlotte Data Breaches Expose 350,000 SSNs

Confidential data, including bank account and Social Security numbers for some 350,000 University of North Carolina-Charlotte students, staff and faculty, were accidentally exposed -- some for almost 15 years -- due to a system misconfiguration and incorrect access settings that made electronic data publicly available.

The school on Wednesday released a statement on an investigation it launched in February after staff discovered the data breach. The investigation revealed two separate incidents exposed data such as names, addresses, Social Security numbers and financial account information provided during university transactions.

One incident involved misconfigurations and incorrect access settings made during a general university system upgrade that left data stored on the university's H: drive exposed on the Internet from Nov. 9, 2011 to Jan. 31, 2012.

More


Posted on May 18, 2012 at 03:20 PM | Permalink | Comments (0)

» Over 300,000 Complaints of Online Criminal Activity Reported in 2011

FBI's IC3 2011 Internet Crime Report Released 

The Internet Crime Complaint Center (IC3) today released the 2011 Internet Crime Report—an overview of the latest data and trends of online criminal activity. According to the report, 2011 marked the third year in a row that the IC3 received more than 300,000 complaints. The 314,246 complaints represent a 3.4 percent increase over 2010. The reported dollar loss was $485.3 million. As more Internet crimes are reported, IC3 can better assist law enforcement in the apprehension and prosecution of those responsible for perpetrating Internet crime.

In 2011, IC3 received and processed, on average, more than 26,000 complaints per month. The most common complaints received in 2011 included FBI-related scams—schemes in which a criminal poses as the FBI to defraud victims—identity theft, and advance-fee fraud. The report also lists states with the top complaints, and provides loss and complaint statistics organized by state. It describes complaints by type, demographics, and state.

“This report is a testament to the work we do every day at IC3, which is ensuring our system is used to alert authorities of suspected criminal and civil violations,” said National White Collar Crime (NW3C) Center Director Don Brackman. “Each year we work to provide information that can link individuals and groups to these crimes for better outcomes and prosecution of cases.”

Acting Assistant Director of the FBI’s Cyber Division Michael Welch said, “Internet crime is a growing problem that affects computer users around the world and causes significant financial losses. The IC3 is an efficient mechanism for the public to report suspicious e-mail activity, fraudulent websites, and Internet crimes. These reports help law enforcement make connections between cases and identify criminals.”
IC3 is a partnership between the Federal Bureau of Investigation, the NW3C, and the Bureau of Justice Assistance. Since its start in 2000, IC3 has become a mainstay for victims reporting Internet crime and a way for law enforcement to be alerted of such crimes. IC3’s service to the law enforcement community includes federal, state, tribal, local, and international agencies that are combating Internet crime.


Posted on May 18, 2012 at 03:17 PM | Permalink | Comments (0)

» Three Reasons Skimmers Are Winning

Banks and credit unions say that losses linked to card-skimming and other sources of debit card fraud are increasingly concerning.

Arrests and financial losses linked to skimming continue to add up. Why do many institutions struggle to thwart attacks waged against ATMs and the vestibules that house them? 

Mike Urban, a financial fraud expert with Fiserv, a core processor that provides security services to financial institutions, says anti-skimming technologies just can't keep up.

Beyond outdated card technology, a number of factors have contributed to ATM skimming's success. Cardholder behavior, outdated or ineffective anti-skimming technology and too many endpoints are the top three, experts say.

More


Posted on May 18, 2012 at 03:14 PM | Permalink | Comments (0)

» Three Keys to Mobile Security

Mobile banking is being adopted by consumers at an increasing rate, but it's just one piece of the overall mobile financial services puzzle. As the mobility trend grows, banking institutions are still figuring out how far ahead they should look, and what strategies make the most sense.

But Paul Smocer, president of BITS, the technology policy division of the Financial Services Roundtable, says most institutions are doing much more than some observers give them credit for doing. Banking/security leaders are very concerned about mobile, and they're doing what they can to anticipate risks.

During this interview, Smocer discusses:

Three key areas that make up mobile financial services: 1) banking, payments and mobilized traditional services, such as remote deposit capture; 2) Why mobile payments poses the greatest security risks; 3) Steps BITS is taking to address mobile concerns, especially as they relate to FFIEC conformance.

 

More


Posted on May 18, 2012 at 03:11 PM | Permalink | Comments (0)

» Five tips for small biz to protect against security threats

The threat landscape on the Web is becoming more perilous. Security software maker Symantec, in its annual "Internet Security Threat Report" released April 30 found that even as the number of vulnerabilities in 2011 fell by 20 percent over the previous year, the number of malicious attacks grew 81 percent. 

The trend is similar to what Hewlett-Packard saw. In its "Top Cyber-Security Risks Report," announced April 19, HP officials also found that the number of vulnerabilities last year fell by 20 percent, but that the risks involved in those vulnerabilities grew. HP also found that the number of cyber-attacks more than doubled in the second half of 2011. And small and midsized businesses (SMBs) are in the thick of it. More than half of the targeted attacks seen in 2011 were aimed at organizations with fewer than 2,500 employees, and almost 18 percent targeted companies with fewer than 250 employees. The Internet has been a boon for SMBs, making it easier than ever before to do business. But it also raises the threats to smaller companies and their IT departments. 

The biggest risk is seeing their intellectual property, customers’ information or financial transaction data fall into the wrong hands. SMBs need to protect themselves, and Symantec has some ideas how.

More


Posted on May 7, 2012 at 12:15 PM | Permalink | Comments (0)

» Insiders played a role in healthcare data breaches

April has been a brutal month for healthcare, with three major breaches disclosed accounting for nearly 1.1 million records lost. The thread woven throughout each has been the role of insiders -- both malicious and inept -- in triggering the incidents.

In one case at the Utah Department of Health, approximately 780,000 Medicaid records were exposed due to the misconfiguration of a server containing these files. Human error also accounted for the loss of 315,000 patient records at Emory Healthcare, when 10 backup disks went missing from a storage facility at Emory University Hospital. Meanwhile at South Carolina's Department of Health and Human Services, an employee sent 228,000 Medicaid patient records to himself via email. The investigation is still ongoing, but already the employee, Christopher Lykes, was fired and arrested by the South Carolina State Law Enforcement Division for his malfeasance.

According to experts, these three incidents are representative of the types of consequences healthcare organizations face when they fail to address insider threats through improved employee screening, monitoring, data controls, and security awareness training. According to Rick Dakin, CEO of the IT security consulting firm Coalfire Systems, more than half of the insider incidents his company investigates involve an insider in some way, shape, or form.

More


Posted on May 7, 2012 at 12:11 PM | Permalink | Comments (0)

» Websites Selling Stolen Cards Shutdown

International law enforcement agencies last week touted the takedown of 36 websites that were used to sell stolen debit and credit data for more than 2.5 million accounts. But how much of an impact will the takedown ultimately have on card fraud?

It's easy for cyberthieves to just take their card numbers to new domains, Klein says. "It's so way down on the fraud chain, it won't have a big impact," he says. "What we need is more effort to arrest bot developers, and then we are really hitting them where it hurts."

A U.S. law enforcement source connected to the bust says that while investigators are combing through the details for connections to other ongoing cybercrime investigations, this source does not see this takedown as extremely significant. Even the amount of recovered card data is low, relative to the number of cards compromised in a typical database breach.

More


Posted on May 7, 2012 at 12:10 PM | Permalink | Comments (0)

» Apple mistake exposes passwords for Lion

Apple's latest update to OS X contains a dangerous programming error that reveals the passwords for material stored in the first version of FileVault, the company's encryption technology, a software consultant said.

David I. Emery wrote on Cryptome that a debugging switch inadvertently left on in the current release of Lion, version 10.7.3, records in clear text the password needed to open the folder encrypted by the older version of FileVault.

Users who are vulnerable are those who upgraded to Lion but are using the older version of FileVault. The debug switch will record the Lion passwords for anyone who has logged in since the upgrade to version 10.7.3, released in early February.

More


Posted on May 7, 2012 at 12:08 PM | Permalink | Comments (0)

» Tax refund fraud increasing identity theft

A wave of refund tax fraud is fueling demand for stolen IDs. A year ago I wrote about how one set of Florida-based scamsters had tricked the Internal Revenue Service out of  $12.1 million worth of refunds  using  the stolen names and Social Security numbers of 5,108 dead people–likely taken from the Social Security Death Index.  But that, as they say, is yesterday’s news. The IRS told Congress during recent hearings that it has set up a new computer screen to flag fraud relating to the tax returns of recently deceased taxpayers and Internet genealogy sites like Rootsweb.com have limited free access to the death index. So it appears there’s some progress, at least, on that front.

Meanwhile, the fraudsters are collecting lists of living identity theft victims, either by planting employees in jobs with access to personal data or corrupting employees who already have such jobs. Former federal prosecutor Latour “L.T.” Lafferty, head of the white collar and corporate compliance practice at Florida’s Fowler White Boggs, reports that he  has been hired in the past year by two local employers to investigate employee theft of information. In one case, he found, an employee had used her smart phone to take pictures of records. (The iPhone takes such good pictures that you can actually take a picture of your W-2 with it, and have the information entered into Intuit’s TurboTax app.) “The old identity theft,’’ Laferty observes, “was `may we send you a fake email and find out if you’re dumb enough to give me a Social Security number’ or going through your trash.’’  The new trend, he says, is for employees to steal names and numbers in bulk and then use TurboTax or other software to file large numbers of refund claims. (If they get in a bogus 1040 before the real, live taxpayer, or smartly pick the identity of an American who doesn’t have to file, they may be able to get thousands of dollars back.)


Posted on April 26, 2012 at 05:22 PM | Permalink | Comments (0)

» Man emails identities of 228,435 people to himself

A South Carolina man was arrested yesterday on charges stemming from a data breach that may have leaked personal information on more than 200,000 Medicaid beneficiaries in the state, including their names, phone numbers, addresses, birth dates and Medicare ID numbers according to a report in the newspaper The State.

Christopher Lykes Jr., 36, of Swansea, South Carolina was charged with five counts of violating the confidentiality of the state's Medically Indigent Assistance Act and another count of disclosing confidential information, according to paperwork from South Carolina Law Enforcement uncovered by the newspaper. 

Lykes, a former employee of the South Carolina Department of Health and Human Services (SCDHHS), transferred the personal information of 228,435 South Carolinians to his personal Yahoo! e-mail account from January 31 to April 2.


Posted on April 26, 2012 at 05:18 PM | Permalink | Comments (0)

» Russian hackers take lead in cybercrime

Russian-speaking hackers earned an estimated $4.5 billion globally using various online criminal tactics and are thus responsible for 36% of the estimated total of $12.5 billion earned globally by cybercriminals in 2011, Russian security analyst firm Group-IB said in a report published on Tuesday.

In the report, Group-IB differentiates between cybercriminals living in Russia and Russian-speaking cybercriminals, who include citizens of the countries of the former Soviet Union and other countries. In the 28-page report the researchers estimate that the total share of the Russian cybercrime market alone doubled to $2.3 billion, while the whole Russian-speaking segment of the global cybercrime market also almost doubled, to $4.5 billion. The researchers noted that the Russian-speaking segment of the global cybercrime market traditionally encompasses twice the amount of the Russian segment.

The Group-IB analysts highlighted general trends in the development of online crimes in 2011. The market was embraced by traditional organized crime groups that are trying to control the entire theft process, which led to the merging of two criminal worlds and a refocusing of the Russian mafia's traditional emphasis on crimes such as drug and arms trafficking to cybercrimes, according to the report. This could lead to "an explosive increase of attacks" on the financial sector, the researchers warned. Online banking fraud is one of the fastest growing segments of cybercrime, with a big increase in 2011, Group-IB said.

www.computerworld.com


Posted on April 26, 2012 at 05:05 PM | Permalink | Comments (0)

» Tacoma woman sentenced for ID theft

A Tacoma woman who victimized more than a dozen visitors to Mount Rainier National Park, was sentenced to two years in prison, three years of supervised release and $7,034 in restitution for conspiracy and aggravated identity theft. 

U.S. Attorney Jenny A. Durkan said 25-year-old Pamela Williams and co-defendant Matthew Mortinson broke into vehicles parked at various trailheads, stealing computers, credit cards and other valuables. 

www.kirotv.com


Posted on April 26, 2012 at 05:03 PM | Permalink | Comments (0)

» Man found with 38 credit cards convicted of ID theft

A man who pleaded guilty in January to aggravated identity theft and credit card fraud was sentenced Monday to 75 months in federal prison, the U.S. attorney’s office said.

Sharif John Reid, 37, of League City, also must pay $157,501 in restitution related to his attempts to purchase Apple iPads and iPhones at the Memorial City Apple store on Aug. 7.

He was accused of using unauthorized credit card numbers to buy $200,000 in Apple products in Louisiana and Texas.

Authorities found 38 credit cards in Reid’s possession that were stolen or obtained by Reid with the intent to defraud, the U.S. attorney’s office said in a statement.

galvestondailynews.com

 


Posted on April 26, 2012 at 05:02 PM | Permalink | Comments (0)

» Identity thieves filing phony tax returns

The Indiana Attorney General’s Office announced today it has received more tax-related identity theft complaints this year than in all of 2011.

Indiana Attorney General Greg Zoeller said 20 Indiana taxpayers have filed complaints so far, because they believe their personal information or their children’s information was used to file fake tax returns and claim refunds. In some cases, Social Security numbers were stolen to obtain employment and as a result the victims are seen as not having reported all their income on their returns.

“Identity theft knows no season, but as Hoosiers file their taxes it provides a unique opportunity for thieves to use names and Social Security numbers to claim significant refunds,” Zoeller said. “These complaints underscore the need for all consumers to be proactive in guarding their personal information whether online, at home or on their person.”

In 2011, the office received 19 tax-related identity theft complaints with only two of those submitted during the three-month period leading up to April. Zoeller said the spike in numbers could be because the Internal Revenue Service (IRS) is doing a better job of finding suspicious activity earlier and reporting it to taxpayers.


Posted on April 3, 2012 at 12:03 PM | Permalink | Comments (0)

» Visa Drops Global Payments Following Data Breach

Visa has dropped Global Payments from its list of companies that are deemed compliant with security policies following a data breach that may have compromised as many as 1.5 million Visa and MasterCard accounts.

Visa’s decision to drop Global Payments from its registry of service providers that meet the credit card company’s data security standards came April 1, two days after the breach became public. During a conference call April 2 to discuss the situation, Global Payments CEO Paul Garcia talked about Visa’s move, and reportedly said he expects his company to be returned to the list after it comes back into compliance with the Visa policies. However, Garcia didn’t say when that may be.

Officials with Visa and MasterCard announced last week that data from credit card accounts was stolen following a data breach at a third-party processor, and stressed that their own servers had not been compromised. The credit card companies initially did not say which transaction processing company was attacked, but it soon leaked out that it was Global Payments.

More


Posted on April 3, 2012 at 11:57 AM | Permalink | Comments (0)

IMPORTANT LEGAL NOTICES