FDIC Warns of Online Fraud Against Banks, Small Businesses

Alert Cites Increase in ACH, Wire Transfer Fraud
August 26, 2009 - Linda McGlasson, Managing Editor

Online crime is increasingly hitting small and mid-size companies in the U.S., draining those entities' bank accounts through fraudulent transfers. The problem has gotten so bad that a financial services group recently sent out a warning about the trend, and the Federal Deposit Insurance Corporation (FDIC) issued an alert today.

"In the past six months, financial institutions, security companies, the media and law enforcement agencies are all reporting a significant increase in funds transfer fraud involving the exploitation of valid banking credentials belonging to small and medium sized businesses," says a bulletin sent on Aug. 21 to member financial institutions by the Financial Services Information Sharing and Analysis Center, (FS-ISAC). The FS-ISAC is part of the government-private industry umbrella working with the Department of Homeland Security and Treasury Department to share information about critical threats to the country's infrastructure. The member-only alert described the problem and told its members to implement many of the precautions and monitoring currently used to detect consumer bank and credit card fraud.

The FS-ISAC notice -- and subsequent media attention -- in turn prompted the FDIC alert to warn banking institutions about this kind of fraud.

The Threat
The FDIC traces the fraud to compromised login credentials on online banking websites. Over the past year, the FDIC says, it has detected an increase in the number of reports and the amount of losses resulting from unauthorized electronic fund transfers (EFTs), such as automated clearing house (ACH) and wire transfers.

...While the institutions and business customers are not necessarily large or high-profile, the money that is being drained by the criminals can add up to significant amounts. One recent example: Dwelling House Savings and Loan Association, Pittsburgh, PA. The tiny institution failed after an ACH fraud event siphoned off a whopping $3 million. ...
(Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Federal Reserve Chairman Id Theft Victim

No one is safe from id theft, not even chairman, Ben Bernake, of the Federal Reserve. His personal checking account became an elaborate id theft scheme after his wife, Anna, had her purse stolen last August at a Capital Hill Starbucks. According to a Washington DC police report, it contained her social security card, checkbook, credit cards and IDs.

It's not revealed how much money was stolen from their account but someone started cashing checks on their account just days after the purse was stolen. The thefts helped an ongoing investigation into a sophisticated ring.

Losses from the fraud totaled more than $2.1 million and involved at least 10 financial institutions, court documents said.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

"One Tree Hill" star actor who plays Skills guilty of selling Social Security Numbers.

Yes, you read the title right! "One Tree Hill" actor Antwon Tanner pleaded guilty to selling 16 Social Security Numbers and 3 Social Security cards for $10,000.

He told the federal judge that he was just a middleman selling the numbers someone else gave him. Tanner will be sentenced on Nov 20 and could get up to one year in the slammer and a cool $250,000 fine.

I'm told that he also faces similar charges here in California.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Radisson Hotels Suffer Data Breach

Radisson Hotels Suffer Data Breach. It's not this article that amazes me but the number of people that I speak with daily who do not see the need for Identity Theft Protection with full restoration services and/or Prepaid Legal Services since an identity theft is going to be a legal issue.

Radisson Hotels Suffer Data Breach

Unknown Number of Records Exposed During 6-Month Period

August 21, 2009 - Linda McGlasson, Managing Editor

An unknown number of Radisson Hotel guests in the U.S. and Canada may face credit card fraud in the wake of a data breach announced by the hotel chain this week.

In an open letter to customers, Fredrik Korallus, CEO of the hotel chain detailed the breach, which involved computer systems invaded by hackers for a six-month period, from Nov. 2008 to May 2009.

According to the hotel chain's spokesperson, David Chamberlin, the forensic investigation of the breach is still underway, with federal law enforcement involved, and the company isn't unable to provide accurate estimates of the number of potentially exposed records.

...The facts of the breach released by Radisson:

• Between November 2008 and May 2009, the computer systems of some Radisson Hotels & Resorts in the U.S. and Canada were accessed without authorization. This past spring, the company was able to confirm an intrusion. The investigation is ongoing.

• The accessed computer systems contained guest information such as the name printed on a credit or debit card, the account number and the expiration date on the card. "We do not know, however, whether a particular name, credit or debit card number or card expiration date were in fact accessed or taken," he says.

• The accessed computer systems did not include Social Security numbers.

• The hotel says at this time, "it appears to be an unauthorized attack from an outside source, and have no reason to believe it was an insider."

• The hotel says it has worked closely with the major credit card brands, issuers, the credit reporting agencies, and its payment processor, Elavon, to address the incident.

• It also placed ads announcing the breach in the Wall Street Journal and USA Today on Wednesday and has set up a dedicated web site to address customer questions.

• Notification letters were sent to affected consumers, where they were able to be identified, Chamberlain says.... (Full story at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Massachusetts Data Protection Law Amended, Delayed - Again

Before you read this article you should know that the Massachusetts law mentioned here is the strictest law in the nation. It has requirements that a business must comply with in regards to identity theft in the workplace. Their requirements are tougher than the FTC's current FACTA law and the Red Flags Rule amendment.

For those business owners reading this, this is what we do at no direct cost for most businesses:
1. We provide a personalized written policy outlining specific requirements for protecting the non-public information of customers vendors and employees.

2. A letter that can be used when appointing a security compliance officer - see www.ftc.gov under Gramm, Leach, Bliley.

3. A comprehensive training program which (www.FTC.gov "Protecting Personal Information: A Guide for Business") is a suggested first step (pages 16-17) in protecting NPI and educating employees about the risks/liabilities of identity theft and data loss.

4. When employees complete the training, we provide the "Use of Confidential Information by Employee" form that serves as proof they've completed a mandatory training in handling NPI. This signed document demonstrates that the company is taking reasonable measures to protect customer, employee and vendor information.

We also offer an online Red Flags Rule compliance module at www.RedFlagsRulePolicy.com

Massachusetts Data Protection Law Amended, Delayed - Again

New Rules Now Won't Apply Until March 2010

August 20, 2009 - Linda McGlasson, Managing Editor

Once again, Massachusetts is delaying the compliance deadline for its toughest-in-the-nation data protection rules. The new effective date is March 1, 2010.

Saying that the state must balance the needs of consumer privacy protection with the needs of small business, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has also amended its data security regulations. Earlier this week the OCABR announced the revised rules will facilitate a "risk-based approach" to data security - an approach that is expected to help the small-business community.

The OCABR also modified the regulations to make them technology neutral. A public hearing on the changes will be held on September 22 in Boston.

Barbara Anthony, the Massachusetts Undersecretary of the Office of Consumer Affairs and Business Regulation, says the adjustments to Massachusetts' identity theft regulations will also reinforce flexibility in compliance by small businesses.

The risk-based approach is especially important to small businesses that may not handle a lot of personal information about customers, says Anthony. Under a risk-based approach, a business, in developing a written security program, should take into account its size, nature of its business, the kinds of records it maintains, and the risk of identity theft posed by its operations. (Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

"SoupNazi" Indicted in largest US Identity Theft Case

Federal Authorities indicted three men in New Jersey in a massive identity theft case that the Justice Department is labeling as the largest in American history.

Truth of the matter is that only one body is actually in custody. The other two that were indicted are Russians, whereabouts unknown. Albert Gonzalez of Miami, age 28, also known as the "SoupNazi" online (must have been a Seinfeld fan) if convicted, could face up to 20 years on a charge of wire-fraud conspiracy and an additional five on the conspiracy charge. He also faces fines of up to $250,000 for each charge.

The Department of Justice calls this "the single largest hacking and identity theft case ever prosecuted." There were about 130 million credit and debit card numbers stolen. I was one of the victims back in January.

The three culprits, hacked into and took the card numbers from Heartland Payment Systems; 7-Eleven Inc., a Texas-based convenience store chain and Hannaford Brothers Company, a Maine-based supermarket chain.

This is not Mr. Gonzalez' first crime either. in May 2008, the U.S. Attorney's Office of New York charged him for his alleged role in the hacking of a computer network run by a national restaurant chain. He is slated to stand trial on those charges in September of 2009.

In August of 2008, he was indicted on additional charges for a number of hacks into eight major retailers including discount giant TJ Maxx that involved an estimated 40 million credit cards and cost TJ Maxx $200 million. He is scheduled for trial on those charges in 2010, the Department of Justice said.

Gonzalez, if convicted, will undoubtedly be spending a long time in Federal Prison after all the trials, that is unless he can prove that it was not him. Maybe somebody stole his identity to do the crime.

Either way, with the money he must have been paid for his work, I don't understand why he is still in the US and not abroad with the Russians avoiding extradiction.

After research, I found the following video with Albert Gonzalez and it could actually be his Attorney's best defense for him, click here to watch.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

ID Theft Red Flags: 4 High Risk Areas

ID Theft Red Flags: 4 High Risk Areas

What You Might Not Know About Staying in Compliance -- and Secure

August 13, 2009 - Linda McGlasson, Managing Editor

There are four "high risk" areas that aren't getting the attention they deserve as financial institutions work toward complying with the ID Theft Red Flags Rule, says a leading industry compliance expert. ...

...The Red Flags Rule is a risk-based regulation. As such, Huda says, compliance should be approached from a risk management and not a purely technical perspective, and institutions should ask these questions:

• Which accounts are more at risk to identity theft?
• Which red flags represent higher risk?
• Which detection and response procedures are commensurate with the risks?
• Which service providers pose greater risk?
• What controls exist to mitigate the risks?

...There are four areas Huda says that are "high risk" that many financial institutions have not paid enough attention to are:

1. Service Providers. Many have not conducted an inventory, risk-ranking or assessment done on service providers. This may be the weakest link in the chain.


2. Business accounts. Many have focused only on consumer accounts. The rule applies to any account with a reasonably foreseeable risk of identity theft, not just consumer accounts. Small business accounts in particular are susceptible to identity theft and must be analyzed for risk.


3. Training. Many have not provided proper training to staff. The training does not cover what the written, board-approved program deems to be the red flags one should be on the look out for, nor what one should do to respond. The training is very general and does not cover how to comply. How can identity theft actually be prevented if one does not know what to look for and what to do if one finds a red flag?


4. Updates. Many have put their program on the bookshelf, forgetting to update it to address new risks or changes in operations. For example, if a new line of business is opened, a new service provider added or new products or services are rolled out, or identity theft is attempted or perpetrated, the Program must be updated. (Full story at www.bankinfosecurity.com)

Many business owners have the same issues as financial institutions. That is why I recommend www.RedFlagsRulePolicy.com for businesses by idBUSINESS. It is an online module that not only creates your policy but allows you to email vendors to take an assessment test as well. You will also be able to email your employees to take the online training for the Red Flags Rule.

Business owners can also take a free Needs Assessment at the site.

As a distributor for idBUSINESS, I can also offer business owners a discount - just contact me.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Elder abuse and identity theft: Why they are targeted and true crime stories

Elder abuse and identity theft: Why they are targeted and true crime stories

August 4, 12:44 PMHouston Family ExaminerLisa Carey

When most people think of elderly abuse they think of neglect, physical, sexual or psychological abuse. There is another form of elder abuse or abuse of senior citizens; that of “using the money or resources of an older person without their knowledge or consent to benefit yourself or another person.” Identity theft falls into that category, as family members, caregivers and strangers may take advantage of the elderly in an effort to gain their hard earned money and credit report.

Why is the elderly targeted for identity theft and financial crimes?
-In some cases they may have more money, cash reserves, home equity, and other resources that others as they may have been working for retirement all their lives.
-Many seniors are not “technologically savvy” so may not be aware of many of the scams that are based around Internet usage.
-Since seniors may not be actively “using” their credit report they are less likely to check it regularly and monitor it carefully.
-Retirement home staff, home caregivers and family members may take advantage of their position of trust as well as the information readily available to them.

What forms of abuse may identity theft and other financial scams take?
-investment fraud
-mortgage fraud
-phony charity solicitation
-so called “prize” money awards where they must provide information that can be used later against them
-check cashing fraud
-credit card fraud
-forging signatures to benefit in a financial way (cashing checks that came to the elderly)

The saddest part of all about identity theft, financial scams and frauds against the elderly is that far too often it is committed by someone in a position of trust, like a caregiver or family member. (Full text at www.examiner.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Network Solutions Data Breach: 573,000 Cardholders at Risk

Network Solutions Data Breach: 573,000 Cardholders at Risk

Company Says It Was PCI-Compliant When Hacked

July 28, 2009 - Linda McGlasson, Managing Editor

A data breach at Internet domain administrator and host Network Solutions has compromised personal and financial data for more than 573,000 credit and debit cardholders. To add more pain to the breach, Network Solutions says it was PCI compliant at the time of the breach.

The breach, discovered in June, was the result of hackers planting rogue code on the company's Web servers used to host mostly small online stores, intercepting financial transactions between the sites and their customers. No further explanation of how the rogue code made its way onto the company's servers was available from Network Solutions. When asked, Susan Wade, Network Solutions communications representative says "Not at this time. Because of the ongoing law enforcement investigation, we aren't able to release that information."

Compromised data was captured between March 12 and June 8, 2009, when the breach was discovered, says Wade.

The last PCI assessment and certification of Network Solutions' networks was completed on October 31, 2008, says Wade. The firm that performed the assessment was the Payment Software Company, a San Jose, CA-based qualified security assessor company.

The 4.343 ecommerce merchant customers were notified of the breach on Friday, July 24, via an email and a letter sent via US postal service, Wade says. Network Solutions provides service to more than 10,000 merchant websites.

....Affected merchants can visit www.careandprotect.com, the website Network Solutions set up for them to get more information. .. (Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com