Stop Identity Theft Crime

Monday, June 1, 2009

Classic Fraud: 6 Scams That Don't Go Away

Classic Fraud: 6 Scams That Don't Go Away
From Check Fraud to Phishing, All the Old Tricks are Back with a Vengeance
June 1, 2009 - Linda McGlasson, Managing Editor

Bank fraud has evolved over the last several years (See: Fraud Update: The 13 Hottest Schemes You Need to Prevent), but some classic variations keep financial institutions busy.
Here are six old fraud tricks that are back with new twists to bedevil fraud departments and information security professionals.
#1. Check Fraud
Last week, New York indicted 18 people in a massive check counterfeiting ring that cashed more than $1 million worth of checks at major New York City banks. This case causes even the best fraud departments in financial institutions to check their own programs and safeguards.
Attempted check fraud at U.S. banks totaled $12.2 billion in 2006, according to the latest biennial survey conducted by the American Bankers Association (ABA). Bank prevention systems caught 92 percent or $11.2 billion of check fraud attempts.
Actual bank losses totaled $969 million, compared with $677 million from the previous survey in 2004. ...
#2. Elderly and Immigrant Identity Fraud
Financial institutions' mortgage and loan officers need to pay attention to this kind of fraud. While not new, elderly and immigrant fraud is regaining popularity, especially in the age of identity theft. In this predatory practice, Jennifer Butts, Director of Operations at the Mortgage Asset Research Institute, explains that elderly and non English-speaking consumers are taken advantage of by fraudsters who steal their identities and use them in straw-buying or other property transactions.....
#3. ATM Fraud/Skimming

This type of fraud made it into President Barack Obama's speech announcing his cybersecurity initiative, when he said "thieves used stolen credit card information to steal millions of dollars from 130 ATM machines in 49 cities around the world -- and they did it in just 30 minutes." The big question is: Can it happen at your institution? The answer is seen in the numbers from a Pulse EFT study (Pulse is one of the leading ATM/debit networks in the U.S.) -- the banking industry lost $662 million to debit card fraud in 2005. Of these losses, 60 percent resulted from ATM transactions, 37 percent from signature transactions, 37 percent from signature debit transactions and 3 percent from PIN point-of-sale (POS) transactions.....
#4. Phishing
Phishing continues to change and grow, and crimeware (or malware) is also growing, says noted phishing and crimeware researcher Dr. Markus Jakobsson, Principal Scientist at the Palo Alto Research Center, Palo Alto, CA. "There is a notable tendency for phishing to become more technical -- for example, using advanced obfuscation to combat anti-spam techniques," Jakobsson notes. At the same time, crimeware (what used to be called malware) is becoming increasingly more reliant on social engineering. "Trojan horses commonly use clever social engineering techniques to improve their success rates," he says.....
#5. Vishing
The increased number of "vishing" - or phone-based phishing -- scams hitting regions is cause for alarm. In the last week, there have been five different regions of the country hit by phishers using phone calls to solicit information about the person's credit union or bank account:
New England Federal Credit Union in Williston, VT reported that a vishing scam hit residents, and the Heritage Family Credit Union in Rutland, VT also reported a similar scam.

Customers of the Forward Financial Credit Union in Niagara, WI and the River Valley Bank in Iron Mountain, MI received calls last week from fraudsters asking for account information.

Asheville Savings Bank, Asheville, NC was alerted last week by its customers that a vishing scam targeting area residents was trying to get debit card numbers.

The final vishing scam of last week targeted all 22,000 residents of Guilford, CT. The calls started coming on May 24. Guilford Police say they believe by the time they were done every land line telephone in the town of 22,000 residents received a call.....
6. Insider Threat

The threat of a trusted employee or vendor taking sensitive information is not new, but the ways that insiders are getting to the juicy data or dollars is changing, according to Randy Trzeciak, Senior Member of the Technical Staff for the Threat and Incident Management Team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. Collusion is the new way insiders are getting sensitive data. (Full Text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Tuesday, May 26, 2009

Fraud Update: The 13 Hottest Schemes You Need to Prevent

Below are just the highlight of each of the 13 Schemes. To read the whole report -click on the title above.

Fraud Update: The 13 Hottest Schemes You Need to Prevent
From Credit Bust-Out to In-Session Phishing, Fraudsters Are Finding New Ways to Ply Old Tricks
May 26, 2009 - Linda McGlasson, Managing Editor

The fraud fight is getting nastier by the minute, say experts familiar with the new schemes - and some old ones with new wrinkles -- being perpetrated by criminals against financial institutions and their customers. Here are 13 of the most prevalent ruses.
#1 -- Credit Bust-Out Schemes
By definition, credit bust-out schemes are a combination of a credit and fraud problem, although many organizations are not always sure where the losses sit - or who might be the party responsible. How it works: According to Michael Smith, manager of the Fraud and Market Planning division at Lexis Nexis, consumers apply for credit from lenders using similar last names, oftentimes Eastern European or Balkan, in an intentional effort to capture financial access vehicles to cause delinquency.

#2 -- Customer Loan Account Takeover
This type of fraud occurs online, and a recent case study related by Avivah Litan, distinguished analyst at Gartner Group illustrates how customer loan account takeover happens. The case resulted in a $71,000 theft from a customer's loan account.
An online loan Web site gave a customer the ability to open demand deposit accounts (DDA), Litan explains, which were to be held as savings accounts that could only be opened and accessed via the Internet. "To open the account through the online loan application, a customer needed an existing relationship with another bank," Litan says. The customer would provide all the account information necessary for both banks to complete ACH transfers.
Prior to opening the account, the online loan application system would complete two test transactions and require the potential customer to confirm the exact dates and amounts of the transactions. "If the customer could not provide that confirmation, then it was thought to be attempted fraud, and the account relationships would be closed."
#3 -- Corporate Account Takeovers
Corporate account takeovers are becoming more prevalent says Gartner's Litan. "Corporate banks are reporting that criminals are targeting their cash management customers and moving money out of their accounts via innocent consumer accounts," she says. The owners fall for phishing e-mails that promise lucrative commissions for participating in the schemes.
#4 - Cross-Channel Call Center/Online CD Purchase Scam
A fraudster purchases multiple CDs online from one bank, funded by ACH Transfers from multiple compromised third-party accounts at other institutions, says Ori Eisen, former worldwide fraud director for American Express. How it happens: The perpetrator contacts the Call Center within 48 hours of the CD purchases to cancel the CDs and transfers the funds to yet another institution to liquidate. "Variable email addresses are used in an effort to mask identity," Eisen says. "Current procedures and safeguards at most financial institutions may not preclude the success of this type of cross-channel attack."
#5 -- Wire Fraud Account Grooming
Financial institutions are exposed to very high levels of risk within their online wire transfer processes. "Traditional methods of detection are very labor intensive, yielding high false positive rates and low recovery of stolen funds," Eisen says.
#6 -- In-Session Phishing
A somewhat recent tactic being perpetrated by fraud rings -- "in-session Phishing" -- has emerged as one of the chief threats to the breach of secured online assets. These attacks utilize vulnerabilities in the Javascript engine found in most of the leading browsers, including Internet Explorer, Firefox and even Google's Chrome, notes Eisen.
How it happens: Utilizing a host website that has been injected with malware acting as a parasite, this parasite monitors for visitors with open online banking sessions or similar protected asset sites (such as brokerage or retirement planning sites).
Using the Javascript vulnerability, the parasite can identify from which bank the victim has a session currently open by searching for specific sites pre-programmed in the malware itself. "There are no limits to the volumes of URLs a website hosting the parasite can test from the victim's machine. The malware asks: 'is my victim logged onto this XYZ bank website' and their browser replies either yes or no," Eisen says.
#7 -- ATM Network Compromises
The industry is seeing breaches at all stages in the payment process, including merchant terminals, the communication links between merchant acquirers, and (worst of all) core elements in ATM networks, according to Paul Kocher, Cryptography Research Institute's president and chief scientist. "Once the perpetrators have the contents of magnetic stripes and the corresponding PINs, the data is then sold to people who write the data onto counterfeit cards and drain customers' accounts," Kocher observes.

#8 -- Precision Malware Strikes
The most common defenses against malicious programs work by comparing programs against the signatures of known malware, says CRI's Kocher. As a result, attackers have learned that they can breach high-value targets' computer systems relatively easily, provided that their attack software does not spread so widely that antivirus companies get a copy and add it to their databases.

#9 -- PIN-Based Attacks
For the past 10 years, Verizon Business has tracked metrics and statistics from IT investigative cases, including incident response, computer forensic and litigation support, across the globe. The Verizon Business' just-issued 2009 Data Breach Investigation Report, shows more electronic records were breached in 2008 than the previous four years combined, fueled by a targeting of the financial services industry and a strong involvement of organized crime, says Bryan Sartin, director of forensics and investigative response at Verizon Business.
Driving this explosion in compromised records are more sophisticated attacks, specifically targeting the financial sector. In fact, 2008 saw three of the world's largest known data compromises on record.
#10 -- Account Manipulation
Aside from the five or six massive individual compromises that took place across the globe in 2008 is a vastly larger population of data breaches, also targeting financials, that garnered little public attention, Sartin notes. "Much of these involve unusually small populations of compromised records, yet massive fraud in terms of total dollar losses, resulting in significant impacts to the institutions affected. By and large, these cases appear in two forms: insider manipulation and application manipulation," he says.
#11 -- Fraud Pattern Changes
Fraud patterns changed dramatically in 2008 as a result of both reduced percentage of successful fraudulent transactions and arrest of individuals involved in organized fraud activity, says Verizon Business' Sartin. The new fraud patterns can be divided into two categories: random fraud patterns and global ATM transactions.
Random fraud patterns used by organized fraud groups involve similar purchases as seen prior to 2008, but in a random pattern. "In 20089, the fraudsters have adapted to completely random fraudulent purchases to make pattern identification much more difficult," he notes. The fraudsters began showing up at random stores in random time patterns to make identification of a pattern difficult or impossible. "No two purchases would be made at the same merchant location in a several month period. No pattern of purchases at each exit as a group drives up a highway. The purchases were at the same chain merchant stores of the same items, but now in a random pattern," he explains.
#12 -- Foreclosure Prevention Schemes
This doesn't hit a financial institution directly, but if an institution holds mortgages for "troubled" homeowners, this is a scheme you need to be on the lookout for, says Denise James, market planning director Lexis Nexis' Residential Mortgage Solutions. These foreclosure prevention schemes generally involve fraudsters posing as professional, knowledgeable foreclosure specialists. Homeowners facing the threat of foreclosure and nearing eviction are contacted by these "foreclosure specialists" who promise to work out their loan problems or buy their home and offer the homeowners tenancy. "Unfortunately for the homeowner, the fraudster has no intention of following through with these promises and instead will manipulate the homeowner into deeding the property to them," James says.
#13 -- Builder Bail-Out Fraud
This fraud involves securing funds for condominium conversion or planned community development properties that, unbeknownst to the investor (financial institution), will not be completed, says Butts of the Mortgage Asset Research Institute. The scams entail multiple purchases from would-be investors or false identities on fabricated loan transactions. "Investors are lured by photos or inspections of a few converted units used as models with promises of further rehabilitation of remaining units. Once the contracts are in place, the fraud continues as the perpetrator secures funding for the contracts," Butts explains. However, she adds, no additional work is done and the investors and lenders are left with incomplete and, in some cases, uninhabitable dilapidated buildings. (Full text at www.bankinfosecurity.com)

Tuesday, May 19, 2009

28,000 NJ unemployed IDs at Risk

Blunder puts IDs at risk
Social Security numbers 'misdirected' by agency Personal information of 28,000 'misdirected'
Tuesday, May 19, 2009
BY CHRIS MEGERIAN

STATEHOUSE BUREAU

Nearly 30,000 unemployed New Jersey residents now have something else to do besides looking for work: They can worry about who may have their Social Security number.

The Department of Labor and Workforce Development notified thousands of people last week that their personal information may have been sent to companies they never worked for.
Those who received warnings were told the state had no way of knowing whether their information was sent incorrectly.
"This letter is to inform you that due to an error at the Department of Labor and Workforce Development your name and Social Security number may have been accidentally delivered to an employer for which you did not work," the letter reads.

Also included in the letter were details on how to halt the release of credit information, which is allowed by New Jersey's Identity Theft Prevention Act. However, the letter also noted a freeze on credit reports can create problems when consumers seek loans that require creditors to access credit information.

"It's important to remember the information was not stolen, simply misdirected," reads the letter. "Nevertheless, you should be aware of the situation and alert for irregularities that may suggest your personal information may have fallen into the wrong hands."

Letter recipients were directed to call the New Jersey Division of Consumer Affairs for more information on credit reporting and identity theft protection. (Full text at www.nj.com)

Maybe if these people are lucky, someone will use their identity with a job and help improve their credit score.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Sunday, May 17, 2009

California DMV Wants to Use Biometrics

A hint of "1984"

DMV wants to face identity theft head on

May 17, 7:49 AM

Remember that Visa Card campaign where everyone claimed to be Emmit Smith? Well, California's DMV is hoping to prevent license monkey-business by recording biometric data then matching it against existing records on file. Match up with an existing entry under a different name and you are a WINNER!

Privacy advocates see "Big Brother" written all over this. Authorities could scan crowds, identify people and then use that info to develop profiles. For example, you could show up at an anti-war rally and suddenly you're on a list that would make Senator McCarthy proud.
(Full text at www.examiner.com)

Friday, May 15, 2009

Heartland Data Breach: MasterCard, Visa Impose Hefty Fines

Heartland Data Breach: MasterCard, Visa Impose Hefty Fines
Processor says it Has Already Spent $12.5 Million in Fees, Penalties
May 14, 2009 - Linda McGlasson, Managing Editor
The Heartland Payment Systems (HPY) data breach has already cost the card processor millions in fines from Visa and MasterCard.
This news was revealed by CEO Bob Carr in Heartland's recent earnings call, wherein Carr said the much-publicized breach has already cost the company $12.5 million.
Other than legal fees and some related charges to the breach, much of that amount went toward fines imposed by Visa and MasterCard against Heartland's acquiring banks, Carr says.
A Visa source would not confirm the amount of the fine imposed, but Carr told investors that more than 50 percent of the $12.5 million relates to a fine that MasterCard assessed against its sponsor (acquiring) banks. "Ostensibly, because of an alleged failure by Heartland to take appropriate action upon having learned that its computer system may have been breached, and upon thereafter having discovered the intrusion," Carr states.
Heartland believes that it responded appropriately to all information that it learned regarding the possibility of a system breach and that, upon discovering the intrusion, it took immediate and extraordinary action to address the intrusion, Carr adds.
Heartland therefore considers the MasterCard fine to be in direct violation of both the MasterCard rules and applicable law, and the company "intends and is prepared to vigorously contest, and it has recommended to its sponsor banks that they vigorously contest through all means available, including litigation if necessary, any liability that may be asserted or imposed upon Heartland or its sponsor banks by reason of this fine," Carr says.
(Full text at www.bankinfosecurity.com)

Wednesday, May 13, 2009

Uni-ball® offers consumers an anti-theft solution with its specially formulated “Super Ink”

Identity theft scams are at an all-time high. As economic pressures continue to increase, identity thieves and other criminals are finding new (and traditional) ways to commit this crime, which rose 22 percent in 2008, and is expected to be even higher in 2009.

Uni-ball, a leading brand of pens, has an ongoing campaign to elevate awareness about the growing threat of identity theft. Many of uni-ball’s pens contain specially formulated ink that helps prevent check fraud. As it becomes more difficult to get new lines of credit, identity thieves may be increasingly drawn to commit check fraud. These crimes may take the form of stolen checks, using checks thrown into the trash by unknowing consumers, or a type of identity theft known as “check washing.” Check washing occurs when checks or other tax-related documents are stolen from the mail or by other means and the ink is erased using common household chemicals, allowing thieves to endorse checks to themselves. This is where inexpensive uni-ball pens can help. With exclusive "Super Ink™”, these pens help prevent document and check fraud by absorbing into the paper fibers. When an individual tries to wash or lift the inked information written on the document, the ink remains “trapped" within the fibers of the paper, thereby discouraging the efforts of identity thieves.

Doing something as simple as paying attention to the pen you use could potentially save you thousands of dollars and endless hours of headaches. “Uni-ball pens with uni-Super Ink help prevent identity theft,” said Steve Gradman, senior brand manager of uni-ball. “Our goal is to help ease the minds of individuals when writing sensitive materials – from legal and medical documents to checks and tax forms. It’s a simple, inexpensive pen, but it packs a lot of punch when it comes to identity theft prevention.”

For more information on uni-ball and uni-Super Ink, and to see check out which pens contain the special ink, visit www.uniball-na.com.

Saturday, May 9, 2009

Hackers Breach UC Berkeley Database

On Friday, UC Berkeley officials announced that hackers infiltrated restricted computer databases, putting at risk health and other personal information on 160,000 students, alumni and others.

The data included Social Security numbers, birth dates, health insurance information and some medical records dating back to 1999.

As of 05/05/09, there has been 190 data breaches with over 11 million records compromised nationwide.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Thursday, May 7, 2009

Hacker says he stole confidential medical data on 8 million Virginia residents

Hacker says he stole confidential medical data on 8 million Virginia residents
May 06, 2009 | Molly Merrill, Associate Editor and Chip Means, Web Editor
RICHMOND, VA – A Virginia government Web site was replaced last week with a ransom note from a hacker claiming he stole 8.3 million patients' personal and prescription drug information. The hacker says he wants $10 million for the safe return of the information.

The Virginia Prescription Monitoring Program's site tracks prescription drug abuse and contains 35.5 million prescriptions in addition to enrollees' personal information, such as names, social security numbers and addresses.

According to Wikileaks.org, an online clearinghouse for leaked documents, on April 30 the secure site for the Virginia Prescription Monitoring Program was replaced with the following ransom demand:

"Attention Virginia! I have your [expletive]! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :( For $10 million, I will gladly send along the password." (Click here to see full ransom note).

The hacker, who taunts the FBI and lists his own email address as "hackingforprofit@yahoo.com," claims the database of prescriptions has been bundled into an encrypted, password-protected file.

The Virginia Department of Health Professions Web site has been temporarily disabled and now features a notice saying the site is "experiencing technical difficulties which affect computer and email systems." According to the department's director, Sandra Whitley Ryals, the breach is under federal investigation.

Speculation has risen about whether or not the Virginia Department of Health Professions has back-ups of the patient database.

"It is possible that they do have back-up, but they fear the massive damage if patients data is used for identity theft," says Deborah C. Peel, MD, founder of Patient Privacy Rights.(Full text at www.healthcareitnews.com)

Tuesday, May 5, 2009

Supreme Court limits Identity Theft Law

Supreme Court limits identity theft law

In a unanimous decision, the justices say an illegal worker must know he is using a real person's Social Security number.

By David G. Savage
May 5, 2009

Reporting from Washington -- The Supreme Court on Monday took away one of the government's tools for prosecuting and deporting workers in this country illegally, ruling that the crime of identity theft was limited to those who knew they were using another person's Social Security number.
People who use false documents can be jailed, the court said. But they cannot be convicted of the more serious crime of "aggravated identity theft" without proof that they knew the identification number belonged to someone else, the court ruled unanimously.

The ruling on identity theft will probably boost the Obama administration's plan to target employers who knowingly hire illegal workers, rather than focusing on illegal workers.

Deportation is usually a slow process if the illegal immigrant does not have a serious felony on his record. But a conviction for aggravated identity theft would most likely lead to a speedy deportation.

Last year, the Bush administration announced roundups of illegal immigrants at several workplaces. Most of those arrested were charged with possessing false documents and aggravated identity theft. For example, 389 workers were detained at a meat-packing plant in Iowa; two-thirds of them were charged with felony identity theft.

The novel use of the law prompted the Supreme Court to take up the issue. Five years ago, Congress strengthened the penalties against thieves who stole identities and used the information to take money from people's bank accounts or charge expenses to them. It called for a mandatory two-year prison term for each offense....

...And the law suggested the criminal had to intend to steal a person's identity. It referred to someone who "knowingly" uses the identification of another person.

The court said the provision did not cover an illegal worker with a phony Social Security card who did not know whether its numbers were those of an actual person.

Justice Stephen G. Breyer cited some common examples. "If we say that someone knowingly ate a sandwich with cheese, we normally assume that the person knew both that he was eating a sandwich and that it contained cheese," he said. (Full text at www.latimes.com)

So, if I understand this ruling correctly, we can eat a cheese sandwich and it is okay as long as we don't know that the cheese belonged to somebody else. It seems that "ignorance is no excuse for violating the law" was just thrown out.

So if you are an illegal immigrant and use a social security number (that you know does not belong to you) then it is okay if you remember to say, "I didn't know it belonged to someone else."

If the Justices had their social security numbers being used, and the individuals claimed tax exempt that were using them, maybe when the IRS sent them a huge tax bill they would have a different outlook.

Chalk another one up for the criminals.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Friday, May 1, 2009

FTC Delays Enforcement of Red Flags Rule Again

FTC Will Grant Three-Month Delay of Enforcement of ‘Red Flags’ Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs

The Federal Trade Commission will delay enforcement of the new “Red Flags Rule” until August 1, 2009, to give creditors and financial institutions more time to develop and implement written identity theft prevention programs. For entities that have a low risk of identity theft, such as businesses that know their customers personally, the Commission will soon release a template to help them comply with the law. Today’s announcement does not affect other federal agencies’ enforcement of the original November 1, 2008 compliance deadline for institutions subject to their oversight.

“Given the ongoing debate about whether Congress wrote this provision too broadly, delaying enforcement of the Red Flags Rule will allow industries and associations to share guidance with their members, provide low-risk entities an opportunity to use the template in developing their programs, and give Congress time to consider the issue further,” FTC Chairman Jon Leibowitz said.

The Fair and Accurate Credit Transactions Act of 2003 (FACTA) directed financial regulatory agencies, including the FTC, to promulgate rules requiring “creditors” and “financial institutions” with covered accounts to implement programs to identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. FACTA’s definition of “creditor” applies to any entity that regularly extends or renews credit – or arranges for others to do so – and includes all entities that regularly permit deferred payments for goods or services. Accepting credit cards as a form of payment does not, by itself, make an entity a creditor. Some examples of creditors are finance companies; automobile dealers that provide or arrange financing; mortgage brokers; utility companies; telecommunications companies; non-profit and government entities that defer payment for goods or services; and businesses that provide services and bill later, including many lawyers, doctors, and other professionals. “Financial institutions” include entities that offer accounts that enable consumers to write checks or make payments to third parties through other means, such as other negotiable instruments or telephone transfers.

During outreach efforts last year, the FTC staff learned that some industries and
entities within the agency’s jurisdiction were uncertain about their coverage under the Red Flags Rule. During this time, FTC staff developed and published materials to help explain what types of entities are covered, and how they might develop their identity theft prevention programs. Among these materials were an alert on the Rule’s requirements, www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm, and a Web site with more resources to help covered entities design and implement identity theft prevention programs, www.ftc.gov/redflagsrule. The compliance template will be available on this Web site.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

MEDIA CONTACT:

Office of Public Affairs
202-326-2180

(Red Flags Deadline Extension)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Wednesday, April 29, 2009

Nevada Lawmakers Coming into the 21st Century

Attention Dumpster Divers - Nevada has a smorgasbord for you - at least until January 2010!

Lawmakers discuss identity theft prevention plan

By RACHELLE GINES, Associated Press Writer
Tuesday, April 28, 2009
A Senate panel was urged Tuesday to support an Assembly-approved plan that would help prevent identity theft by making less credit card information available on printed receipts.
AB389 would prohibit printing more than the last five digits of credit card numbers and expiration dates on copies of customer and business receipts, Senate Judiciary Committee members were told.

Assemblywoman Bonnie Parnell, D-Carson City, chief sponsor of AB389, displayed a receipt listing a complete credit card number and expiration date along with the cardholder's full name, saying the amount of information was "alarming."

"I thought this was frightening on a lot of levels," Parnell said. "As a consumer, I just might toss it in a trash can after dinner not realizing that it had all of that personal identification information on it, but what I found just as troubling was that businesses had access somewhere to that kind of information on multiple individuals."

The measure would impose a fine of $500 the first time businesses issued noncompliant receipts and an additional $1,000 each week that the situation isn't corrected.

"I think the important part of this is that we have to be firm. We can't just say we're going to fine you $100," Parnell said.

After the hearing, Parnell said that receipts that make such information readily available put large numbers of people at risk for identity theft. (Full text at www.sfgate.com)

I was really surprised when I saw this story. I didn't realize that businesses still used machines that printed all the information on the receipts. I remember a few years back of seeing all the info on receipts at gas stations but that was quickly changed, at least in California.

Tuesday, April 28, 2009

Who's in Your Wallet?

It never ceases to amaze me as to the "blissfull ignorance" of people when it comes to the world of identity theft. The less people know about a subject the less they fear it - that is Blissful Ignorance.

However, after educating people, either in person or at an Identity Theft Awareness Seminar, and they still don't take measures to protect themselves it turns to just plain ignorance! I guess some people think if they have their head in the sand and don't see the lion that it won't bite them in their butt.

Anyway, today I have a few articles to demonstrate that you never know who will steal your identity from your bank or your health treatment provider.

Former Federal Reserve Bank IT worker charged with ID theft
Angela Moscaritolo

Two brothers, one a former IT analyst at the Federal Reserve Bank of New York, have been charged with committing identity theft to obtain fraudulent loans.

Curtis Wiltshire, 34, of Staten Island, N.Y., previously worked as an IT analyst at the Federal Reserve Bank of New York, where he had access to employee personal information, including names, birth dates, Social Security numbers and photographs of bank employees.

Wiltshire allegedly used the identities of two individuals without permission to apply for two different student loans, totaling $73,000, the according to a Department of Justice news release and a criminal complaint.

A bank investigator found a removable storage device, connected to Wiltshire's computer, which contained the loan applications, the image of a student loan check for $36,000 payable to one of the victims, and a fraudulent Maryland state driver's license with a photo of a bank employee who is not the person identified on the license, prosecutors said.

Meanwhile, Kenneth Wiltshire, 40, of Brooklyn, N.Y., who is Curtis' brother, allegedly used stolen identities to apply for a loan to purchase a boat, prosecutors said. He used a driver's license and a fake income tax return in the name of another bank employee to apply for the loan, prosecutors said in a separate criminal complaint. (Full text at www.scmagazineus.com)

Va banker sentenced for fraud, ID theft
By the Associated Press
April 27, 2009

RICHMOND, Va. - A former bank credit card department manager has been sentenced to two years, three months in prison for bank fraud and identity theft.

U.S. Attorney Dana Boente (BEN'-tay) said Monday that 38-year-old Bernard James Brown Jr. of Saluda also was ordered to pay more than $65,000 in restitution to his former employer, Eastern Virginia Bankshares.

According to prosecutors, Brown used a stolen access device and identifying information to withdraw money from someone else's account. After the credit card account was closed, Brown reopened it under a new name and address and continued to tap the account for cash and purchases.

Brown pleaded guilty in January.
Nurse indicted in federal identity-theft case
CHRIS DUMOND MEDIA GENERAL NEWS SERVICE
Published: April 27, 2009

LYNCHBURG -- A nurse who worked at two assisted-living homes for seniors has been indicted on 32 charges related to identity theft of patients there.

Karen Jones, 48, was indicted last week by a federal grand jury. The indictment charges that she used information stolen from nine people to take more than $9,000. (Full text at www.timesdispatch.com)

Friday, April 24, 2009

New Id Theft Survey

An identity theft survey conducted by Nationwide Insurance found that while recovering from identity theft has never been an easy task, the current economic conditions have made the challenge even greater.

Nearly half of respondents indicated that, if their identity were stolen today, they were unsure whether they had enough money saved to manage the recovery process. Ten percent of identity theft victims polled said they missed bill payments as a result of the crime. Of that group, four out of five experienced serious consequences-including credit score decrease, utilities shutoff, vehicle repossession, home foreclosure, bankruptcy and, in some instances, even jail time.

The survey is the third in a series conducted by Nationwide to better understand identity theft and the impact it has on its victims. The poll found that victims of identity theft tend to be Caucasian, female, ages 35-54, college educated, married and employed full-time. Individuals who are separated or divorced and those making $75,000 or more a year also have a greater vulnerability to identity theft.

In addition to the financial toll, identity theft can result in other serious repercussions-including family problems and missed time at work. It is a crime where the victim is generally presumed guilty until proven innocent.

On the positive side, the poll found nine out of 10 people are taking at least one action to protect themselves. This includes regular checks of bank and other financial statements, shredding of important documents, limiting the number of credit cards used, and credit report monitoring.

Note: The only problem with the positive side of the poll is that the action steps people are taking only offers protection in financial id theft. What about the other 4 areas of id theft? Are you protected in if id theft happens in those areas. If not, visit my shameless plug below and get protected!

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Tuesday, April 21, 2009

Tummy Tuck = Medical Identity Theft

I'm back from Michigan after conducting 4 Identity Theft Awareness seminars and getting caught up. I saw this story and had to share it with everyone. It is another caper of a vain woman having plastic surgery courtesy of another woman.

Medical identity theft was up 400% last year. Enjoy the story.

Lauderdale Lakes woman stole ID to pay for tummy tuck, feds say
By Vanessa Blum |South Florida Sun Sentinel

FORT LAUDERDALE - A Lauderdale Lakes resident stole another woman's identity to pay $5,000 for a tummy tuck operation, federal authorities say.

Patrice Thomas, 33, used a stranger's personal information to apply online for a credit card, which she used to help pay for the plastic surgery at a Weston clinic, according to criminal charges filed this month in Fort Lauderdale federal court.

Thomas, who was arrested April 9, is charged with credit card fraud, social security fraud and aggravated identity theft.

Defense lawyer Christopher Grillo could not be reached for comment. If convicted on all counts, Thomas could face more than four years in prison.... (Full text at www.sun-sentinel.com)

The huge problem with medical id theft is if the thief has your records altered. What if the thief has a different blood type than you or has a positive aids test done in your name? This could be deadly and also make you uninsurable until you can prove it wasn't you,

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Thursday, April 16, 2009

Nebraska has new law to help protect against Identity Theft

Legislative Bill 177, which Gov. Dave Heineman signed last week, reduces the cost for residents to lock up their personal financial data by putting security freezes on their credit information.

Security freezes require credit bureaus to seek permission before releasing a consumer's credit reports, with certain exceptions. That way, consumers know if someone was trying to use their name to open a credit card account or line of credit.

Under LB 177, the cost of getting a security freeze will be $3 per credit reporting agency, down from $15 per agency. The change will take effect 90 days after the Legislature adjourns, or in early September.

LB 177 also eliminates an automatic seven-year expiration for freezes, leaving the decision up to the consumer about when to lift or cancel a freeze.

My only concern for Nebraskans is that they don't relax because of the freeze. There is still plenty of id theft that doesn't involve their credit files, such as medical and character id theft.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Wednesday, April 15, 2009

Caller ID Spoofing

Most people screen their telephone calls with Caller ID. We answer the calls from the people we want to speak with and avoid others based on the caller id. Don't You?

What if you saw that your bank or credit union was calling you? You would answer the call (unless you weren't paying on a loan). Then the person on the phone from the bank tells you that there was unusual activity on your credit or debit card and needs to verify your number or some other information. Most people wouldn't think twice because they were talking to someone at their bank.

Well start being more cautious about trusting that Caller ID. Why? Because of Caller ID spoofing. There are web sites that charge about $10/hr and offer the ability to change what someone sees on their caller ID display when they receive a phone call. Simply dial the toll free number and then your PIN. You'll then be prompted to enter the destination number followed by the phone number to appear on caller ID

Any 10 digit number can be used. Not only will the number show up but also the Name registered for that number would automatically appear. And whatever number you enter as the spoof number will show up on the bill of the person you called. They won't ever see your actual phone number!

You also have the ability to change your voice to a Male or Female. If you do choose to change your voice, the person whom you call will hear your transformed voice in real-time. This spoofing service also offers the option to record your conversation, which can later be retrieved by logging-in to the control panel or calling the toll-free access number from any phone.

Is it legal? Yes, because there are some legitimate uses. For example, business professionals such as doctors can return calls using their personal telephones without disclosing phone numbers they prefer to keep private.

However, I believe most are being used in the field of Identity Theft to trick individuals into giving up private information. I received 2 calls this week regarding a credit card being suspended. When I called back the number on the caller id, it was an insurance company in Utah and they had been getting a few calls from other folks as well.

So now we never really know if mom is calling or not. Beware!

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Tuesday, April 14, 2009

Operation Number Games was Illegal

Larimer Judge throws out Operation Number Games
Sharon Dunn

A second judge has ruled that a search of a Greeley tax preparer’s records last October was illegal, taking the heat off more than 1,000 suspected illegal immigrants caught up in Operation Number Games.

Larimer District Court Judge James Hiatt put a stop to the identity theft investigation Monday, saying deputies from the Weld County Sheriff’s Office wrongly seized federal income tax records to pursue suspected illegal immigrants in the investigation. Hiatt ordered Weld District Attorney Ken Buck and Weld Sheriff John Cooke to return or destroy in the next seven days all evidence seized in the case.

“This is an important ruling for all of America,” said Reid Neureiter, an attorney with Jacobs, Chase, Frick, Kleinkopf and Kelly of Denver. He is working on behalf of the American Civil Liberties Union, which filed for a preliminary injunction against Buck and Cooke.

“Tax records should be private, and just because you have a suspicion that someone filing taxes with a Hispanic tax preparer might be doing something wrong doesn’t give you license to seize 5,000 tax records and look for the needle in a haystack,” Neureiter said.

Buck and sheriff’s investigators based their search of Amalia’s Tax and Translation Service on one defendant who had been investigated for identity theft and said illegal immigrants throughout the community knew to file their taxes there. Deputies searched through 5,000 records and found evidence of roughly 1,330 suspected illegal immigrants filing returns with false or stolen Social Security numbers. The Internal Revenue Service requires everyone to file tax returns, regardless of citizenship. In cases where filers do not have a valid Social Security number, the IRS issues individual taxpayer identification numbers.

..The case has divided many in the community on the issue of illegal immigration and the rights of the victims of identity theft. The IRS’ policy of issuing special identification numbers to illegal immigrants points to the problems, Buck said.

“The federal government has turned a blind eye to illegal activity in this country, with its failure to enforce the law at the border, with its failure to enforce tax laws, and Social Security laws within this country,” Buck said...

What about the id theft victims now? The 1330 people who were having their social security numbers being used illegally. I guess only time will tell.

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Identity thieves got data on 3,400 employees, Irving school district says

Identity thieves got data on 3,400 employees, Irving school district says
By KATHERINE LEAL UNMUTH / The Dallas Morning News
kunmuth@dallasnews.com
Irving school officials now say that identity thieves obtained the names and Social Security numbers of 3,400 teachers and other employees contained in an old benefits report and then used the information to make thousands of dollars in purchases.

District security director Pat Lamb said a woman charged in the case said the information came from a list of names pulled out of a trash bin.

"We still do not know how our records were compromised," said Lamb, who mentioned that his own name was on the list. "We don't know if somebody was supposed to shred that information, but it ended up in a Dumpster."
....The victims include Cynthia Will, a former teacher who worked at the Union Bower Center teaching students with disabilities for five years. More than $25,000 in credit card charges were made in her name, including a $4,000 diamond ring from Zales.

"It was stunning the damage that was done in just seven days," she said in an emotional appeal to the Irving school board Monday night.....(Full text at www.dallasnews.com)

Thursday, April 9, 2009

Job Seekers Beware!

Job hunters must guard against identity theft
Richard Burnett |Sentinel Staff Writer
April 9, 2009

With unemployment soaring, identity thieves are increasingly preying on unsuspecting job seekers by stealing personal information and trying to cash in on it.

The scams run the gamut from fake help-wanted ads and job-search services to bogus resume-posting Web sites, part of a new arsenal of weapons targeting millions of recently unemployed people.

Job-search fraud is one of the fastest-growing segments of identity theft in Florida, generating thousands of complaints a year, according to the Federal Trade Commission. It fielded more than 2,400 such complaints from Florida in 2008, up nearly 40 percent from 2007.

Overall, Florida posted the highest number of identity-theft complaints on record in 2008 (24,400), up nearly 44 percent in the past three years. The state ranked third in the nation, behind only California and Texas.
...Most job-search fraud appears to come through bogus help-wanted ads, which have spiked nearly fourfold in the past three years, according to the Identity Theft Resource Center,.. (Full text at www.sun-sentinel.com)

Wednesday, April 8, 2009

ID Theft Victims Get Help To Avoid Wrongful Arrest

Kudos to the Indianapolis Metropolitan Police Department for taking steps to help the victims of id theft. Perhaps all other agencies should take note.

ID Theft Victims Get Help To Avoid Wrongful Arrest
Cards Issued To ID Theft Victims

INDIANAPOLIS -- Victims of identity theft now have a new option to avoid being wrongfully arrested within Indianapolis.

The Indianapolis Metropolitan Police Department has started issuing ID cards with the finger print, picture and case number of the person whose identity has been compromised, 6News' Jack Rinehart reported.

The department doesn't keep statistics concerning the number of people who wind up arrested when someone else fraudulently uses their identity, but officials said it's on the rise. (Full text at www.theindychannel.com)