Black Friday and Cyber Monday

With Black Friday today and Cyber Monday fast approaching, consumers are entering into the most active spending period of the year. Reinforced by the soft economy, this is "high season" for identity theft with identity thieves seeking to take advantage of shoppers. Identity theft generally rises during the holidays because thieves assume that consumers aren't paying attention to their credit card purchases, debit card purchases, receipts etc. as closely.

Retailers on Black Friday - the day after Thanksgiving and the unofficial beginning of the holiday season on which retailers first start to turn a profit and are "in the black" - rake in over $2 billion in a single day, according to the NPD Group.

Consumers numbering over 72 million collectively spend about $700 million, according to the National Retail Federation, on the Monday after Thanksgiving, a day known for exclusive online sales that has recently been deemed Cyber Monday.

That enormous pool of shoppers, however, serves as a breeding ground for identity theft. Last year, consumers reported a loss of $1.2 billion to fraud and identity theft, according to the Federal Trade Commission, much of those losses coming during the holiday season.

As a Certified Identity Theft Risk Management Specialist, I am offering basic tips to help consumers avoid putting their identity at risk during the 2008 holiday season. In addition to watching budgets this season, consumers also need to be vigilant in the face of possible identity theft.

• Use credit cards instead of debit cards: Under the Fair Credit Billing Act, Credit Cards provide consumers protection again fraudulent charges and your liability is limited to $50. You also have the right to dispute charges and withhold payment during investigation. However, debit cards are entirely different. Although they market themselves to deliver the same protection, they are not required to by any law. Bottom line, your liability for fraudulent charges is the entire amount in your checking account as well as the credit line you have been authorized to receive.
  

• Use a single credit card to consolidate your purchasing: The more credit cards open in your name, the greater the risk that a thief will obtain the account information for one (never mind that having numerous cards with big lines of credit can be a bad temptation and can actually drag down your credit score--even if you don't have balances). It's also easier to monitor a single statement for signs of fraud, and you won't incur the annual fees associated with having multiple cards. Make sure to cross-check all your receipts against your statements to see that they match.
  

• If you write "SEE ID" on the back of credit cards: Make sure you also sign the card. If you don't sign the back, you may violate the issuers agreement and you will be liable for any thefts.

• Shop on secure sites and be wary!: While the majority of identity fraud occurs offline, identity theft is also a problem online. You must exercise caution when shopping on the web. Stick to sites that you know are legitimate, and if you are trying a new site for the first time, here are a few things to look for: the URL should have "https" in the shopping cart; there should be a lock icon on the bottom right hand side of the window and look for icons that indicate site safety (the Better Business Bureau, VeriSign and Hacker Safe icons).

• Watch out for "phishing" and "vishing" scams: These scams can be a real problem, as identity thieves try to play on people's generosity during the holiday season. Phishing emails often take the forms of requests purporting to be from a bank or credit card company; they ask you to "verify" account information such as login and password or they request a donation or assistance for the less fortunate during the holidays. Vishing scams--which involve fraudulent calls—seek to exploit consumer concerns over fraud by seeming to offer fraud prevention assistance. The bottom line: no legitimate vendor will ask for your login and password via email or on the phone.

• Be careful when using ATMs: Only use ATMs with monitoring cameras, such as those in bank lobbies. Avoid kiosk ATMs, those freestanding units often do not have cameras and are statistically more likely to be infected by skimmers (electronic devices that allow thieves to record account and PIN numbers). "Shoulder Surfing" can also be a problem at a crowded mall. While you assume that the man behind you is uncomfortably close because of mall crowding, he may actually be looking over your shoulder trying to get your login.

• Place fraud alerts to prevent new credit card accounts from being opened: Free fraud alerts placed on your credit report are good for 90 days (if you can demonstrate that you've been an identity theft victim, they can be set for 7 years) and, in combination with other proactive measures, can be used to help to prevent identity theft.
  
  An Identity is stolen every 2-3 seconds in the U.S. If you would like to educate yourself further about the fastest growing crime, which has now exceeded drug trafficking for revenues, then visit www.stopidtheftcrime.com
  

  Identity Theft Shield by Kroll, Inc., the largest Risk Consulting firm in the world and Pre-Paid Legal Services offer the best suite of services to help consumers safeguard their privacy and identity and offer restoration if your identity is compromised. Restoration is important because if you have your identity compromised, on average it will take you 600 hours and $6000 to fix the problem yourself. This is according to President Bush's Identity Theft Task Force in their recent report.

  Pre-Paid Legal is a 36 year old NYSE company currently traded at over $40 (as compared to the Big 3 under $2). They have 3 former Attorneys General on their advisory board and are endorsed by the President of the US Chamber of Commerce. They offer plans for individuals and businesses up to 99 employees.

  Please let me know if you have any questions or if you’d like more information. Thanks for your time and a Happy and Blessed Thanksgiving to you and your family.

  Joe Nollet, CITRMS

  (909) 208-3728

  To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".
  
  Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!
  
  Shameless plug
  the Best Identity Theft Protection available dot com

Express Scripts Warns of Potential Large Data Breach Tied to Threat

Express Scripts Warns of Potential Large Data Breach Tied to Threat

ST. LOUIS, Nov 6, 2008 (GlobeNewswire via COMTEX News Network) -- Express Scripts (Nasdaq:ESRX), one of the largest pharmacy benefit management companies in North America, today announced that it has received a letter from an unknown person or persons trying to extort money from the company by threatening to expose millions of the company's patients' records.

The letter included personal information of 75 members, including their names, dates of birth, social security numbers, and in some cases, their prescription information. The company said it has notified the affected members. It also immediately notified the FBI, which is investigating the crime. The company also said that it is conducting its own investigation with the help of outside experts in data security and computer forensics. The letter arrived in early October.

"We have been conducting a thorough investigation since we received this threat and we are taking it very seriously," said George Paz, chairman and chief executive officer. "We are cooperating with the FBI and are committed to doing what we can to protect our members' personal information and to track down the person or persons responsible for this criminal act."(Full text at express-scripts.com)

And a followup report states that Express Scripts has hired Kroll, Inc. to assist with the Identity Theft investigation and protection of its clients.

Express Scripts Reports New Threats Tied to Data Security Breach

Company Announces $1 Million Reward

Company Hires Kroll to Offer Data Security Consultation, Investigation and Restoration to Its Members

ST. LOUIS, Nov. 11, 2008 (GLOBE NEWSWIRE) -- Express Scripts (Nasdaq:ESRX), one of the largest pharmacy benefit management companies in North America, announced today that a small number of its clients have received letters threatening to expose the personal information of its members. The threats are believed to be connected to an extortion threat the company made public last week.

The letters, which were received by Express Scripts' clients in the past few days, are similar in form to the one that Express Scripts said it received in early October from an unknown person or persons threatening to publicly expose millions of the company's members' records if an extortion threat was not met. That original letter included the personal data of 75 Express Scripts members. The company publicly disclosed the extortion threat last week and is notifying affected members.

...In a separate announcement, Express Scripts said it would offer its members free identity restoration services if they become victims of identity theft because of this incident...

...Express Scripts said it has contracted with Kroll, a New York-based risk-consulting firm and global data security leader to offer expert assistance to its members if they have become victims of identity theft because of this incident. (emphasis added) The members will have access to Kroll's expert consultants and licensed investigators who will work with them to evaluate their cases and determine the appropriate course of action. Express Scripts said that it is not aware of any actual misuse of its members' data.

Details about Kroll's services and the identity restoration offer can be found at www.esisupports.com...

About Kroll

Kroll, the world's leading risk-consulting company, provides a broad range of investigative, intelligence, financial, security and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Kroll Inc. is a wholly-owned subsidiary of Marsh & McLennan Companies, Inc. (NYSE:MMC), the global professional services firm. Kroll began providing identity theft solutions in 1999 and created its Fraud Solutions practice in 2002 in response to increasing requests from clients for counsel and services associated with the loss of sensitive personal information, and related identity protection and restoration issues facing organizations and individuals.

For more information, visit: www.krollfraudsolutions.com. (Full text at ExpressScripts.com)

Now there should be no question as to why I only offer the Identity Theft Services from Kroll, Inc. They are the world leaders!

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FBI busts ID theft ring targeting NW health club customers

FBI busts ID theft ring targeting NW health club customers
By TERESA YUAN, NWCN Staff

SEATTLE, Wa. -- Federal agents said they caught a key suspect in an identity theft ring that stretched from Seattle to the Portland-area and targeted health club customers.

gents arrested the so-called "leader" of the group, Gabriel Jang. They searched Jang's house near Seattle Thursday.

Federal prosecutors said the group would steal credit cards from gym locker rooms in Washington and Oregon as well as Colorado and Georgia. The suspects then altered the credit cards and made fake identification cards. Prosecutors called it an elaborate set-up.

(Full text at www.kgw.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Today, I offer you a few good articles.

Stolen Hard Drives Spark Identity Theft Concerns
David Goodhue - AHN ReporterTucson, AZ (AHN) -

Hard drives containing sensitive information regarding 40,000 children in Arizona were stolen from a Phoenix storage unit in mid-October, state officials said this week.

The hard drives were stolen from a storage unit used by the Arizona Department of Economic Security and contain information about children whose families were interested in DES programs. (Full text at allheadlinenews.com)

Nation's first encryption law
Greg Masters

For the first time in the United States, a law specifies that encryption be used for the transmission of any electronic data. Nevada's NRS 597.970, which went into effect on Oct. 1, states: “A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission.”

While 39 states have already passed data protection laws, most requiring disclosure of breaches, and several other states with data laws introduced, Nevada's statute is thought to be the first law requiring encryption of transmitted data. (Full text at SCmagazine.com)

ID Theft Red Flags Rule: FTC Extension is no 'Break'
Enforcement Delayed for FTC-Governed Institutions; Liability is Not
November 12, 2008 - Linda McGlasson, Managing Editor

State-chartered credit unions may think they've at least temporarily dodged the enforcement bullet re: the Identity Theft Red Flags Rule. But just because the Federal Trade Commission (FTC) pushed back the compliance enforcement deadline for these institutions doesn't mean that they can take a break, industry experts say.

In fact, compliance will be a huge challenge for non-banking entities and those state-chartered credit unions, says Debra Geister, Director of Fraud Prevention and Compliance Solutions at Lexis-Nexis, an information services provider. While the bigger, federally-regulated banking institutions have pre-existing programs in place to meet the ID Theft Red Flags Rule under the Fair and Accurate Credit Transactions Act (FACTA) requirements -- including a Customer Identification Program -- they are still struggling to meet compliance with the guidance, which had been estimated by federal regulators to take anywhere from 20 to 40 hours of work to be compliant.

.."Many businesses don't realize that point, that even though the FTC isn't enforcing compliance, it doesn't mean those businesses won't be liable if a data breach or loss of information occurs," Geister notes. The key issue is that the law was effective January 1, 2008. It was only the compliance portion that was not being enforced until November 1.

...However, it's much different for non-banking entities,..."If I were a business on the FTC side of enforcement, I would be nervous. At any time it could fall directly into your lap, and at $2500 per infraction.....

..The FTC will look to put some "heads on sticks" when enforcing this regulation, predicts Geister. "They anticipate non-compliance, and when a business is hit with a breach, they will march you out to the center of the square and shoot you publicly." (Full text at www.bankinfosecurity.com)

To read more on the FTC extension and Red Flags Rule from my October 25 post - click here.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Security Breaches Update

The Identity Theft Resource Center compiles an ongoing Security breach list and publishes it weekly. It presents individual information about data exposure events and running totals for the year. My last blog update on these security breaches was on 10/28/08. At that time, there had been 544 Security Breaches with 30,422,125 records exposed.

As 11/11/08, the totals are now 570 breaches with 41,355,511 records exposed. In 3 weeks, that is about a 36% increase in the number of records exposed!

Actually, the number of records exposed (possibly your personal information) is much higher. To understand why I say this, one only has to look at the report and see how many breaches have a zero listed as the number of records exposed.

Still think your information is safe?

To view this report, click here or on the title of this post.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Former Massachusetts inmate charged with Identity Theft

Former Massachusetts prisoner charged with identity theft
by Sachin Seth

Francis Janosko, 42, a former inmate at Plymouth County Correctional facility in Plymouth, has been arrested on charges of identity theft and damage to the prison’s computer network, according to the Department of Justice.

Janosko allegedly found a way to manipulate research computers so that he and other inmates could access files that contained the names, birth dates, phone numbers and Social Security numbers of more than 1,000 current and former prison employees, the DOJ reports. (Full text at blastmagazine.com)

After working over 23 years for the Department of Corrections, this does not surprise me at all. Inmates are given way to many liberties while incarcerated.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com