Identity Theft and You

2009-09-03T16:53:00.001-10:00

It is great to be back after such a long break from blogging. Unfortunately, ID theft did not take a break. Keep up with this blog for the best information.

Nobody is Safe!!!

2009-02-09T18:40:00.001-10:00

Kaiser Permanente has admitted a breach of its employee records systems has resulted in incidents of identity theft.

The breach came to light after police arrested an unnamed suspect, found in possession of a computer file containing personal details of the US health care provider. The file contained information such as employee name, address, phone number, Social Security number, and date of birth. No Kaiser Permanente member data or health records were involved.

The suspect caught with the human resource information was not employed by Kaiser, the firm said. Indications therefore point to an attack by external hackers, although the involvement of a corrupt insider with external crooks remains a possibility.

In a statement, Kaiser Permanente said the breach affected workers in northern California, who are being notified of the breach. The firm has launched an internal investigation into the cause of the breach, which remains unclear.

Kaiser is offering a year's free credit monitoring to the 29,500 employees hit by the security lapse. The firm has pledged to improve its security systems to guard against further breaches.

Growing identity theft problem costing people more than money

2009-01-30T20:44:00.003-10:00

Identity theft is a serious problem across the Lakelands and the nation.

According to the Federal Trade Commission, there were 685,000 reported fraud and identity theft complaints in 2005, totaling more than $680 million in losses.

Credit card fraud was the most common form of reported identity theft. The primary ages of identity theft victims were 18- to 29-year-olds (29 percent) followed by 30- to 39-year-olds (24 percent).

Identity theft is a serious crime and a growing problem that residents should be aware of. Victims typically spend many months and thousands of dollars cleaning up after identity thieves and restoring their good name.

Greenwood Police Department Capt. T.J. Chaudoin recently shared information with the city’s Business Watch group in an effort to help make local residents aware of the dangers of identity theft.

“We haven’t seen a rash of identity theft lately, but it’s one of those crimes that just never goes away,” Chaudoin said. “People need to keep a close eye on material that contains their personal information and check their credit report frequently.”

Chaudoin said it is also important for local residents who suspect they have been the victim of identity theft to contact the appropriate authorities as soon as possible.

“It can often be multi-jurisdictional in nature,” Chaudoin said. “You might live in Greenwood, but the person who has stolen your identity might be in California or Oregon or New York or Jamaica.

“If you think you’ve been a victim of identity theft, you should report it immediately.”

Victims might lose job opportunities, be turned down for important loans for homes, cars or education, and even be arrested for crimes they did not commit. There are some ways to help protect yourself.

Photocopy all of your charge cards, front and back. If you lose your wallet or purse, you will have quick access to the credit card and telephone numbers to notify the appropriate agencies.

Never give out personal information, including your date of birth, mother’s maiden name, credit card, Social Security and PINs (personal identification numbers) over the phone or Internet unless you are certain of whom you are dealing with.

Shred charge receipts, pre-approved credit card applications, bank statements and anything with your personal information on it.

Guard you mail from theft. This includes bank and credit card statements, credit card offers, checks, and tax information. Identity thieves might rummage through your trash or a dumpster in a practice called “dumpster diving.”

They might steal your wallet or purse during the course of a vehicle prowl or auto theft, or steal personal information they find in your home during a burglary.

Identity thieves steal personal information from you through e-mail or phone by posing as a legitimate company or claiming to have a problem with your account.

This practice is known as “phishing” online or “pre-texting” when it is done over the phone.

Depending on the circumstances of the theft, remember the following guidelines:

Immediately place a fraud alert on your credit. Call one of the three consumer credit reporting companies to place the alert. It is only necessary to call one of the companies to place an alert for all three: Equifax 1-800-525-6285 or http://www.equifax.com; Experian 1-888-397-3742 or http://www.experian.com; TransUnion 1-800-680-7289 or http://www.transunion.com.

An initial credit alert will stay on your report for 90 days. This is appropriate in most newly discovered situations of identity theft where you suspect your credit cards might have been stolen or taken by an online “phishing” or telephone “pre-texting” scam.

Next, close any bank accounts that you think might have been tampered with or opened without your permission.

Be sure to follow up in writing with each credit card company and bank. Send copies of all supporting documents (not originals) certified mail, returned receipt requested.

When you open new accounts, create new and unique PIN numbers and passwords.

Avoid using consecutive numbers or personal information like your date of birth or phone number.

The next step is to call the police and file a report. This should be done as soon as possible after you learning that you have been victimized.

Having a police case number can be helpful when dealing with creditors who need proof that a crime has been committed.

Typically you can file a report in any of the jurisdictions where your identity has been used for criminal purposes. Be sure to have all supportive documentation with you when you call.

At this point, it is a good idea to file a complaint with the Federal Trade Commission. Typically they can provide important resource information to help you minimize the damage and restore your name.

Accurate and complete records will help you resolve your identity theft case more quickly. It is wise to take the following steps in dealing with a company when you are trying to untangle your identity:

1. Have a plan when you contact a company. Don’t assume that the person you speak with will give you all the information or help you need. Prepare a list of questions to ask the representative. Don’t end the call until you are sure you understand everything.

2. Be sure the write down the names of everyone you talk to, what they say and the date of the conversation.

3. Follow up in writing with all contacts you’ve made on the phone or in person. Use certified mail, return receipt requested.

4. Keep copies of all letters or correspondence you send.

5. Keep all original forms.

6. Hang onto old files even after you believe your case is closed.

2009-01-27T22:33:00.001-10:00

Identity theft is a serious crime that is growing each year. If you're a victim of identity theft you may spend months, even years, trying to repair a ruined credit history. A seriously damaged credit report can compromise your chances of getting a new job, a bank loan, insurance or even rental housing. It's even possible to be arrested for a crime you didn't commit if someone else has used your identity to break the law.

Unfortunately, many of the methods that thieves use to steal identities are beyond your control to guard against. Although it's rare, even store clerks have been known to use their position to pass along information to identity thieves. There are some measures you can take, however, that will make it harder for a thief to steal your identity.

Protect Your Credit Card Number When Making Purchases

After you make a purchase and your credit or debit card has been swiped through a credit card terminal, check to make sure that the printed receipt hides all but the last 4 digits of your credit card account number (usually there will be Xs in place of the first 12 digits). Some terminals still print receipts that show all 16 digits of an account number, and may even include the expiration date as well. After your card is swiped, you're permitted by law to hide the first 12 digits of your account number on the copy of the receipt that the vendor keeps. Use any marking pen that will do the job.

When you go to a restaurant, it's especially important to make sure that the first 12 digits of your credit card number are hidden on your receipt. You might be in the habit of signing it and then leaving the restaurant's copy on the table after your meal. An identity thief can easily steal the signed receipt before the waitperson comes back around to pick it up from the table. Don't take any chances.

Another important way that you can guard against identity theft is to avoid giving out your social security number unless it's absolutely required. Although you need to share your social security number when you apply for credit or for a bank account, sometimes a store or an organization will want to use it as an ID number, simply to identify you within their system. This is a common practice even though the law says that social security numbers aren't to be used as ID numbers. In these situations, use your judgment. There's usually an alternative if you ask.

Destroy Documents That Contain Sensitive Personal Information

Buy a paper shredder and use it to destroy documents you're throwing away which contain personal information such as credit card numbers, social security numbers, phone numbers and dates of birth. This is important to do both at home and at work. Identity thieves aren't above going through someone's trash to find valuable personal information that can help them obtain credit in your name.

IF The Worst Happens

If you do become a victim of identity theft, take the following steps immediately:

Contact your credit card companies, close your accounts and ask to have new cards issued to you.

Place a fraud alert on your file with any one of the three major credit bureaus. The other two will be notified automatically.

File a police report. You may need it to show to creditors as proof of the crime.

File a complaint with the FTC, which maintains a database of identity theft cases used by law enforcement agencies for their investigations.

Guarding against identity theft

2009-01-25T17:48:00.001-10:00

By Elsie Hodnett
01-25-2009

Even though the holidays are over, area residents still need to take precautions to guard themselves against identity theft. “Identity theft is the fastest growing crime in the nation,” according to Pell City Police Chief Greg Turley.

Turley said individuals may use more caution during the holidays to guard against identity theft, but caution is needed year-round. “There are several unsophisticated ways identity thieves can steal personal information,” he said. Turley said dumpster diving occurs when an identity thief goes through an individual’s trash looking for personal information.

“Shred anything that contains your personal information, instead of throwing it in the trash,” he said.

Turley said shoulder surfing is another common form of identity theft.
“The thief looks over the person’s shoulder for pin numbers or when they punch in a credit card number or calling card (phone) number,” he said.
Turley said there have been some cases of identity theft in the Pell City area, but the victims were unsure how the identity thieves obtained their personal information. “All of us can be a victim,” he said.

Turley said some other steps individuals can take to protect their identity is to check bank and credit card records often and set up flags so you will be alerted if there is any suspicious activity on your accounts.

“Another scam is people who call over the phone and offer a credit card and prize, but request personal information such as your Social Security number,” he said.

Turley said individuals should report such schemes to the police department.

“Let us know what is going on,” he said. “It may be the piece of the puzzle we need to solve the case.”

Lt. Mike Gorman, with the Sylacauga Police Department, said they have not had any reports of identity theft lately.

“I think people are being more watchful,” he said.

Gorman said he does presentations at various locations on how individuals can protect themselves and their identities.

“One thing we suggest, especially for seniors, is to have their checks direct-deposited,” he said. “That way they can’t be stolen from their mailbox, and they won’t accidentally throw away personal information.”

Gorman said using debit cards instead of checks is another good step to take.

Detective Doug Whaley, with the Talladega Police Department, said they have seen cases of individuals stealing purses from people coming home late at night.

“They can also steal mail or change-of-address forms from your mail,” he said.

Whaley said “phishing,” or fake emails thieves send in an attempt to get individuals to provide personal information, are also common both over the Internet and by phone.

“We also see fake international lottery winner emails,” he said. “If it sounds too good to be true, it is.”

Whaley said three things to remember when protecting your identity are deter, detect, and defend.

“Shred your financial documents,” he said. “Protect your Social Security number (by not carrying it with you in your wallet or purse) and don’t give out personal information unless you are sure who you are dealing with.”
Whaley said another tip is not to use obvious passwords such as birthdates, addresses, and names of friends and family members.

“Be alert,” he said. “Watch for mail or bills that don’t arrive. Also be aware of denials of credit for no reason,” as it may indicate that someone has used your identity.

Whaley said inspect financial statements and look for any charges you didn’t make, and also inspect your credit report.

“If you suspect your identity has been stolen, place a ‘fraud alert’ with the credit agencies,” he said.

Whaley said the “fraud alert” tells creditors to follow certain procedures before they open new accounts in your name or make changes to your existing accounts.

Three nationwide consumer-reporting companies have toll-free numbers for placing an initial 90-day fraud alert, and a call to one company is sufficient.

The number for Equifax is 1-800-525-6285.

The number for Experian is 1-888-EXPERIAN (397-3742.)

The number for TransUnion is 1-800-680-7289.

“It is also good to check the credit reports for minor children,” Whaley said.
Whaley said he knew of an individual whose child’s identity had been stolen, and was discovered when the child became old enough to apply for credit.

“It takes a lot of time to fix identity theft,” Turley said. “There is a lot of time spent with police departments, credit card companies, banking institutions and more. We recommend individuals stay vigilant and try to prevent theft before it happens.”

Don't Respond to 'IRS' E-mail Scam; Protect Your Identity

2009-01-22T21:21:00.000-10:00

Posted: Jan 22, 2009 11:26 AM
Updated: Jan 22, 2009 12:17 PM

BILOXI, MS (WLOX) - The Internal Revenue Service is warning taxpayers to beware of IRS impersonators sending e-mails that could result in identity theft. Official say the e-mail looks official but could be dangerous to you and your computer.

"We're getting reports of an e-mail that appears to come from the IRS and tells recipients to fill out an attached form and fax it in," said IRS spokesperson Dee Harris. "Other scam e-mails ask you to click on a link and provide personal information online."

No matter what approach the scammers use, there are two things the IRS needs people to remember:

The IRS never sends e-mails about your taxes.

If you get a scam e-mail, don't access any links or attachments.

"If you have accessed a link or attachment in a scam e-mail, you may have allowed the scammer to download malicious software to your computer," warns Harris. "You should immediately scan for viruses and spyware, plus be alert for suspicious activity on your financial accounts."

Individuals who have responded to a scam e-mail and provided their private information should immediately take steps to prevent identity theft. Steps include contacting the Federal Trade Commission and are outlined on the official IRS Web site .

Taxpayers can help the IRS stop scammers by sending the original scam e-mail to the IRS at phishing@irs.gov. The e-mail must be forwarded using special instructions at IRS.gov or it loses the encoding needed to track it to its source, Harris said.

For more information about tax scams, visit the IRS Web site and check out the Dirty Dozen, a list of tax scams updated each year by the IRS. The IRS also provides information on its Web site to help taxpayers protect their personal and financial information. Just type "Identity Theft" in the key word search feature for additional information.

New Trend in Cyber Crime: Unprecedented Rise in Identity Theft Related Searches

2009-01-21T21:09:00.001-10:00

Jan 21, 2009, News Report
Found in: Security

Tiversa yesterday announced the findings of new research that reveals an unprecedented rise in identity theft-related searches in the fall of 2008, an overall increase of 32 percent. In the midst of the nation's largest economic downturn since the Great Depression, Tiversa is finding evidence that identity thieves are on the hunt once again, continuing to find new ways to extract sensitive information to commit fraud on unsuspecting victims.

The research is based on search data in an ongoing 18 month study by Tiversa, whose patent-pending technology monitors roughly 450 million users issuing more than 1.5 billion searches a day. Data shows that search intent for sensitive information is on the rise, citing keywords related to personal banking logins, passwords, tax returns, credit card, account numbers, credit reports, and medical information.

"As the leaders in this space, we've been seeing this trend continue on an upward path for the last few years," says Robert Boback, Tiversa's CEO. "At this time, more than ever before, consumers need to remain vigilant of their sensitive information."

According to the Federal Trade Commission, as many as 9 million Americans have their identities stolen each year. Typical identity theft victims spend hundreds of hours trying to repair damage done to their credit record and can be denied loans for housing, education and cars. In the case of medical fraud, victims can be misdiagnosed, prescribed the wrong medicines, and even billed for procedures they never even had.

"The intent is clearly demonstrated in the data we see in our research and day-to-day operations. We've validated time and time again, that actual fraud is committed by malicious individuals when presented the opportunity," comments Boback.

A national survey, conducted by the Identity Theft Resource Center (ITRC) and Fellowes, states that consumers remain aware that the threat of identity theft is real, with a vast majority (85 percent) of Americans agreeing that identity theft can happen anywhere and at any time.

Identity theft, scams are on the rise here

2009-01-20T18:49:00.000-10:00

Identity theft and scams are on the rise here, local law enforcement says, and new cons are emerging more rapidly.

Over the past few years, the Fayetteville Police Department, along with most other law enforcement agencies, have had to deal with reports of identity theft, scams by mail, telephone and over the internet.

"We all have received some type of letter or email saying we have won an international lottery or an email from someone in a foreign country asking for help to bring a large amount of money into the United States," said Detective Joel Massey of the Fayetteville Police Department.

"Recently, our department received reports of emails being sent to people stating their bank account had been temporarily suspended and would not be reactivated until the recipient clicked on a link to verify their personal information," he said. "This scam is called phishing."

Phishing is a form of online fraud which occurs when someone poses as a legitimate company to obtain sensitive personal data and illegally conduct transactions on your existing accounts.

Usually it occurs in the form of fraudulent emails, text messages or phone calls that appear to come from legitimate sources. These communications appear real and ask a person to call a phone number to reactivate the account.

"Be aware of phone calls to your residence and the caller ID shows the caller is someone you’re familiar with. Technology exists that makes it possible to disguise the phone number of the caller," he said.

"We have had reports of people receiving phone calls telling them they had missed jury duty and that it was possible they were going to be arrested," said Massey.

"The caller asks for their personal information and then assures them they can keep them from going to jail," he added.

"If you get this call, hang up and call the courthouse and check for yourself."

These are just a few examples of the types of scams that are out there, and there are countless others that law enforcement has not seen locally as of yet.

Massey advised, "Never give your full name, date of birth, social security number, account numbers or any other information to anyone on the phone or internet or by mail that you did not contact directly. Even when you contact them directly, let them pull your account using your name and security information when possible. If it is someone you do business with regularly, they will have the information already."

If someone tells you that you’ve won or inherited something that you have no idea about, ask them what law firm they use or who is their representative at the gaming commission. They probably won’t give you any information, because there won’t be any, he explained.

"You never send money to make, inherit or win money," he added.

"Remember, if it sounds too good to be true, it probably is."

Anyone who received these types of communications and has questions should contact their financial institution or law enforcement before becoming a victim of a scam.

ID Theft Insurance

2009-01-15T18:57:00.002-10:00

The nation’s unemployment rate is now estimated at more than 7%. With a slow economy and money tight, this is the worst time for consumers to become victims of identity theft.

Identity theft typically costs consumers thousands of dollars in losses. The Federal Trade Commission reports that 8.3 million American consumers became victims of the crime in 2005.

Homeowners have a new safety net in the fight against identity theft. State Farm has begun offering Identity Restoration Coverage. This coverage is new to homeowners in Georgia, Alabama, and Mississippi.

Beginning February 1, 2009, new and existing policyholders who choose the coverage can receive an expense reimbursement of up to $25,000. Policyholders could receive money for the reimbursement of lost wages due to time away from work along with other reasonable costs faced by the insured. The optional coverage costs just a few dollars a month.

“Identity theft is the last thing that struggling families need to face. Identity Restoration Coverage is a small price to pay for the added comfort of protecting your assets,” says State Farm spokesman Roszell Gadson.

**********************************************
For as little as $9.95 per month, you can protect your family from identity theft. For more information, click here.

Jury Duty Scam

2009-01-14T21:45:00.000-10:00

This has been verified by the FBI. Please pass this on to everyone in your email address book. It is spreading fast so be prepared should you get this call. Most of us take those summonses for jury duty seriously, but enough people skip out on their civic duty, that a new and ominous kind of fraud has surfaced.

The caller claims to be a jury coordinator. If you protest that you never received a summons for jury duty, the scammer asks you for your Social Security number and date of birth so he or she can verify the information and cancel the arrest warrant. Give out any of this information and bingo; your identity was just stolen.

The fraud has been reported so far in 11 states, including Oklahoma , Illinois , and Colorado . This (swindle) is particularly insidious because they use intimidation over the phone to try to bully people into g iving in formation by pretending they are with the court system. The FBI and the federal court system have issued nationwide alerts on their web sites, warning consumers about the fraud.

Data Breaches Up Almost 50% in 2008, ITRC Says; Insider theft accounts for significant portion of increase, study says

2009-01-13T20:19:00.001-10:00

By Tim Wilson, DarkReading
January 13, 2009, 11:15 AM

Reports of data breaches in the U.S. rose almost 50 percent in 2008, according to a comprehensive report issued by the Identity Theft Resource Center on Monday.

The ITRC 2008 data breach report, which extracts data from several different breach disclosure sources, reckons that there were 656 compromises in the U.S. last year, up from 446 in 2007.

About 12 percent of the reports came from financial-services firms, up from 7 percent in 2007, the ITRC says. Financial institutions reported more than 18 million records breached last year. Overall, more than 35 million records were compromised in 2008, the report says.

Only 2.4 percent of all breaches involved data where encryption or other strong protective measures were in place, and only 8.5 percent involved password protection, the ITRC reported. "It is obvious that the bulk of breached data was unprotected by either encryption or even passwords," the study states.

Malware attacks, hacking, and insider theft accounted for nearly 30 percent of breaches that cited a cause, the ITRC said. Insider theft more than doubled between 2007 and 2008, accounting for 15.7 percent of the breaches.

Of the five industry sectors the ITRC has monitored during the past three years -- business, educational, government/military, health/medical, and financial/credit -- the financial-services industry had the lowest percentage of the total number of breaches, according to the report.

"The financial, banking, and credit industries have remained the most proactive groups in terms of data protection over all three years," the ITRC said. But financial institutions were among those reporting some of the biggest breaches last year. For example, the Bank of New York Mellon Shareholder Services reported 12.5 million records breached in two separate incidents in which third-party couriers lost unencrypted backup storage tapes.

Chronicles of Dissent, a privacy watchdog organization, offered a different take on the ITRC data.

"Whereas ITRC's analysis might lead to the conclusion that the financial section is the most proactive sector because they represent less than 12 percent of all breaches, inspection of the raw frequency data suggests a somewhat different picture: Reported breaches increased over 250 percent from 2007 to 2008," Chronicles of Dissent said. "That trend indicates that security in the financial sector is not keeping pace with previous threats and new threats to data security."

TIPS TO AVOID IDENTITY THEFT

2009-01-08T22:32:00.001-10:00

1. SHRED FINANCIAL DOCUMENTS: Any paperwork with personal information should be put through a shredder before being thrown away.

2. NEVER CLICK ON LINKS IN UNSOLICITED E-MAILS: Since "phishing" is becoming a common problem, use up-to-date firewalls, anti-spyware, and anti-virus software to protect your home computer. Good anti-spam software is a must. Plus, never click on links in e-mails. Instead, open a new window and go to the website address you know in order to enter information. (Fake PayPal e-mails are becoming more common, so be extra wary when dealing with these.) You might also want to avoid e-mail archiving in the event that someone hacks into your account.

3. DO NOT USE OBVIOUS PASSWORDS: These include your birth date, mother’s maiden name, or the last four digits of your Social Security number.

4. DO NOT GIVE OUT PERSONAL INFORMATION: Whether over the phone, through the mail, or over the Internet, don’t share your information unless you know who you are dealing with.

5. PROTECT YOUR SOCIAL SECURITY NUMBER: Never carry your social security number in your wallet or write your social security number on a check.

6. KEEP YOUR PERSONAL INFORMATION IN A SECURE PLACE: This is especially important with roommates, outside help, or if you are having work done in your home.

7. BE ALERT TO BILLS THAT DO NOT ARRIVE WHEN THEY SHOULD: If they do not arrive, they may have been routed somewhere else.

8. BE PROACTIVE ABOUT UNEXPECTED CREDIT CARDS OR ACCOUNT STATEMENTS: If an account or credit card arrives that you did not open/activate, someone else did. Call the company immediately and have it closed/canceled.

9. BE ALERT FOR CREDIT BEING DENIED UNEXPECTEDLY: Credit is often denied for a variety of reasons, one of which is when too much credit is opened in a short period of time. Being denied credit may mean that someone else has opened accounts in your name.

10. RESPOND IMMEDIATELY TO CALLS OR LETTERS ABOUT PURCHASES MADE: Credit card companies create a profile of their clients detailing out the most common places a customer shops and the items that they frequently buy. If something is purchased that does not suit your profile, they will contact you for verification. Respond to the notice right away to head off potential theft and damage to your credit.

11. CHECK YOUR CREDIT REPORT: Any credit opened in your name will show up on your credit report. By staying on top of this, you will be able to stop identity theft before too much damage occurs.

12. REGULARLY REVIEW YOUR FINANCIAL STATEMENTS: Look for any charges that you did not make. Also not that consumers usually have only 30 days to dispute items they did not authorize.

13. CLOSE ANY ACCOUNTS THAT HAVE BEEN TAMPERED WITH OR ESTABLISHED FRAUDULENTLY: Get a new card with a new number and close the old card, since this alone may stop a thief in possession of your information.

14. GO PAPERLESS: You can receive many of your bills through your e-mail/online banking instead of having them mailed. By requesting this benefit, you keep account numbers and personal information private. You are also able to save hard copies directly to your hard drive, which allows you to find the information quickly and easily when needed.

15. STORE YOUR FINANCIAL AND PERSONAL INFORMATION IN A STORAGE BOX BY YEAR: This is especially important when dealing with taxes since the IRS can demand to see evidential proof of deductions for as long as eleven years after you file. By keeping it in a storage box, you can shred the contents when the time period is up. Note: this does not include social security numbers.

16. BE ALERT WHEN RESPONDING TO E-MAILS: E-mails are now commonly used to steal or "phish" information out of consumers by making the e-mail look as if it came directly from a financial institution. If you respond to the e-mail, you encourage them to continue trying to get personal information from you. Simply add the address to your spam list to keep them from contacting you in the future. Visit the addresses you know if you are concerned the notice is valid.

17. WHEN CONTACTED BY AN INSTITUTION BY PHONE, TELL THEM YOU WILL CALL THEM RIGHT BACK: Let them give you their name and number, but do not call that number back. Instead, call the number on the back of your card and ask to speak to a representative about your account. Let them know that you were contacted and ask them to verify any problems. All account managers have access to the same information, so they will be able to see if there is a problem with your account or not.

18. OPT OUT OF PRE-APPROVED CREDIT OFFERS: Although I do not personally believe that people can get your identity through pre-approved credit card applications without your social security information, it never hurts to opt-out of credit card offers. By doing so, you lessen the amount of mail that comes to your mailbox, and you will still be able to apply for credit online. Check out the FTC’s Consumer Alert webpage to see all the ways you can opt out.

19. GET A LOCKING MAILBOX: This is an especially good idea for anyone in a nice area. The nicer the area you live in, the more ideal a target you make to an identity thief because they assume you have more money for them to steal.

20. COPY ALL OF YOUR CREDIT CARDS AND SAVE THEM IN A FILE AT HOME: By having a copy of the card (front and back) in a locked filing cabinet or other safe place, you will be able to quickly and easily contact your creditors should your purse or wallet ever be stolen.

21. CARRY ONLY ONE OR TWO CARDS AT A TIME: Lock away all the other cards in a safe place and carry as few cards as possible. This way, if someone ever gets into your wallet or purse, you will notice immediately if a card is stolen and be able to report it right away.

Simple lifestyle changes can help you avoid identity theft

2009-01-07T22:29:00.000-10:00

By Barry Armstrong / Money Matters
Tuesday, January 6, 2009

How can I protect myself from identity theft?

Unfortunately, there are a lot of times where identity theft cannot be tamed, like in the workplace. If vital information is stored on a laptop computer and that computer is stolen, it can potentially expose thousands of identities.

But there are steps you can take. Learn to love your shredder. Instead of throwing things away that may contain personal information, take the extra step of shredding the document. It could save you an enormous amount of hassle down the line. These may include pre-approved credit card offers and credit card receipts that you no longer need. Just throwing these items away could prove costly.

If you’ve applied for a new credit card or know that your card is up for renewal, be sure to pay close attention to your calendar to make sure that the information comes on time. If it does not, contact the company immediately to see if it was mailed.

When you’re in line at the grocery store or mall, be careful of “shoulder surfers.” These are individuals who tend to stand close to you with the sole purpose of obtaining your PIN and accessing your account.
If you write down passwords instead of memorizing them, be sure not to keep the list in your wallet. Be cautious as to where to put or when you give out your Social Security number.

Making these strategies part of your daily routine could protect you from being one of the 9 million people that fall victim to identity theft each year.

The Identity Theft Resource Center’s 2008 breach report

2009-01-06T23:02:00.001-10:00

Reports of data breaches increased dramatically in 2008. The Identity Theft Resource Center’s 2008 breach report reached 656 reported breaches at the end of 2008, reflecting an increase of 47% over last year’s total of 446. In terms of sub-divisions by type of entity, the rankings have not changed between 2007 and 2008 within the five groups that ITRC monitors.

The financial, banking and credit industries have remained the most proactive groups in terms of data protection over all three years. The Government/Military category has dropped nearly 50% since 2006, moving from the highest number of breaches to the third highest.

According to ITRC reports, only 2.4% of all breaches had encryption or other strong protection methods in use. Only 8.5% of reported breaches had password protection. It is obvious that the bulk of breached data was unprotected by either encryption or even passwords.

The ITRC tracks five categories of data loss methods: data on the move, accidental exposure, insider theft, subcontractors, and hacking. Subcontractor breaches, while counted as one breach each, in some cases affected dozens of companies. It is important to note that the number of breaches reported does not reflect the number of companies affected.

The ITRC breach list is a compilation of breaches confirmed by various media sources, notification lists from state governmental agencies. ITRC uses several websites to help search for verifiable breaches, such as databreaches.net, privacy.net, and www.datalossdb.org. To qualify breaches must include personal identifying information that could lead to identity theft, especially the loss of Social Security numbers.

Here is the 2008 Breach Report. As an addition, you can also check out 2008 Breach Stats Report, which includes the percentages for each entity category (business, financial/credit, educational, governmental/military and health care).

How Your Identity Is Stolen

2009-01-05T21:50:00.002-10:00

Identity theft is a serious problem that plagues everyone from businesses to individual wage earners. It can ruin your credit score, wipe out your bank account, and leave you in a mountain of debt. When someone steals your identity, you may even find your name on a list of wanted felons.

The best way to protect yourself from identity theft is by knowing the ways in which it can occur. Having this knowledge will help you take steps to prevent criminals form getting their hands on your personal information.

Online Phishing Scams

One way criminals can obtain your personal information is by using phishing scams. Phishing scams will send out e-mails from what appears to be a well-known site like Ebay, Amazon, or your personal bank or credit card company. The e-mail will request the person verify or confirm their user information for the Web site. The e-mails may attempt to frighten users into providing personal information by stating “your account will be closed unless you act immediately.” The e-mail will usually contain a link to a bogus Web site. Once you enter your information in this bogus website, you've been had. Criminals now have your username and login information to your account.

Your Routing Number

Everyone should safeguard their personal information, even the parts of it they may seem harmless. One common scam is when criminals even offer to send you money. They convince you to give them your bank routing and checking number so they can transfer money into your account via wire transfer. However, these con-artists never had any intention on sending you money, so how does this scam work? The routing number on your check doesn’t identify you personally; rather it identifies your bank. It may seem that criminals couldn’t use this number to hurt you but they can. They will obtain your routing number, account number, and identity to print fraudulent checks drawn on your own account.

Your Garbage Bin

Criminals can be very clever when it comes to obtaining the information they need to steal your identity. They are willing to do just about anything including rummaging through your household garbage. Think about all of the solicitation letters you receive from creditors. Think about the bank statements you toss into the trash. Criminals can steal your discarded credit offers and bank statements to assume your identity. It is wise to invest in a paper shredder. Shredders can cost as little as fifty dollars. That is a small price to pay to protect your reputation and accumulated wealth.

Increasing Rate of Identity Fraud

Check fraud and identity theft are the two fastest growing financial crimes in the country. The increase in these crimes has lead to an increase in the measures that can prevent them. One of the best methods to prevent fraud is the use of MICR toner. This magnetic ink can prevent the duplication of checks. Check users can also employ watermarks which make duplication impossible.

Using some simple prevention methods and being careful with the distribution of your personal information can prevent you from becoming the victim of identity theft. For information on how you can protect your family from this horrible crime, click here

******************************

Our Affirmative Defense Response System (ADRS) provides your company a plan of action, including a privacy policy and employee training, at no direct cost to you. For more information on our ADRS program, call us at (800) 306-3063 or email us at mrapozo@hawaiilink.net. Happy holidays!!

Mel Rapozo

Certified Identity Theft Risk Management Specialist

M&P Legal Support Services, LLC

www.mplss.com

Careful observation of bills can catch identity theft

2009-01-04T07:43:00.002-10:00

The Union-Recorder (Milledgeville, Ga.) Via Acquire Media NewsEdge
Jan. 3, 2009

With the holiday shopping season over and bills beginning to arriving in the mail, now is the time to keep a watchful eye over your bank statements to ensure that you are not left a victim of identity fraud.

Saving receipts from purchases until after you've received your bank statements is just one way to prevent identity theft and fraud after the holiday season, said Milledgeville Police Department Deputy Chief Richard Malone.

"My number one suggestion for people would be to save any and all receipts of items purchased during the holiday period to be able to accurately look at bank statements, drafts or checks so that you can vouch for the form of payment that you used," said Malone.

"And in some cases it would be extremely helpful to keep receipts and documents for two months around the holiday period," added Malone, "because some of those purchases may not end up in just one bank statement due to the holiday period and the mail and all. They may end up in two statements.

"In addition to checking verifying your bank statement or credit card bill with your receipts, people should be careful about giving out any information over the phone or on the Internet unless the company can be verified somehow, Malone said.

"Do not give any personal information to anyone that may call you or try to solicit that type of information over the telephone," said Malone. "Ask if you can come in or set up an appointment to meet with someone, but do not release that information over the phone to someone that has not been able to give appropriate ID regarding what firm they work for.

"If you notice a discrepancy between the receipts that you have for your holiday gift purchases and your bank or credit card statements, there are several measures you can take to ensure the safety of your identity and remedy the problem, said Malone.

"If you feel that your identity has been compromised or documents belonging to you have been utilized in a criminal manner and you did not make these purchases, then you need to go ahead and report that to the police as soon as possible," said Malone.

"I would contact their accounts payable department and also the banks to allow them to know that someone may have unlawfully used your card or any financial document belonging to you," added Malone, "and again please file a police report because a lot of financial institutions will not do anything unless you have a police report on file.

"In addition, if you change financial institutions during the course of the year, it is important to make a note of the date that you opened or closed an account, said Malone, because if there is a discrepancy at any point the financial institution will be able to look up your account information without giving them important personal identification information over the phone.

To see more of The Union-Recorder or to subscribe, go to http://www.unionrecorder.com/.Copyright (c) 2009, The Union-Recorder, Milledgeville, Ga.Distributed by McClatchy-Tribune Information Services.For reprints, email tmsreprints@permissionsgroup.com, call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.

What to do if you're an ID theft victim or think you might be

2008-12-30T18:49:00.002-10:00

SUN-SENTINEL AND FEDERAL TRADE COMMISSION WEB SITES
Tuesday, December 30, 2008

You've realized you're the victim of identity theft or think you might be, so what do you do? The No. 1 rule is to act fast. Don't hesitate to contact your financial institutions and close accounts. Here are more things you can do.

IF YOU'RE A VICTIM

• Act fast. Identity theft can damage your credit rating. Report suspicious activities — such as unsolicited credit cards arriving in the mail — and monitor credit reports at least once a year for erroneous information.

• Close all accounts that have been tampered with or opened fraudulently. Speak with someone in the security or fraud department of each company and report the crime.

• Close all credit card accounts and destroy the cards.

• Place a fraud alert on your credit reports. Fraud alerts can help prevent an identity thief from opening any more accounts in your name. Potential creditors must contact you before issuing a credit card.

• Request a copy of your credit report. You are entitled to a free credit report every year. If you sign up for an extended fraud alert, you are entitled to up to two free credit reports from each of the three bureaus. Monitor your credit by requesting a credit report every six months after discovering the crime.

Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013

TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

YOU MIGHT BE A VICTIM

Take the following steps if you think you could be a possible victim because your personal, sensitive information was compromised in some way.

• Close all affected accounts and have account numbers changed.

• Cancel all affected credit cards and debit cards.

• Protect your account with a password.

• Watch your account statements closely.

• Report any fraudulent activity immediately to the bank.

• If your insurance information is compromised change the policy numbers.

• If it was human resources data that was compromised, change account numbers for your 401-k, life insurance, and account holding your stock options. Use passwords to protect these accounts as well.

• File a complaint with the Federal Trade Commission. Call FTC's Identity Theft Hotline: 877-438-4338. To file a complaint with the Internet Crime Complaint Center, go to www.ic3.gov/complaint/ default.aspx.To file a complaint with Florida Attorney General's Office, call the fraud hotline at866-966-7226.

COMPUTER THE SUSPECTED SOURCE

• Stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information. Malware could be sending your personal information to identity thieves.

• Confirm that your security software is up-to-date, then use it to scan your computer. Delete everything the program identifies as a problem. You may have to restart your computer for the changes to take effect.

• If the problem persists after you exhaust your ability to diagnose and treat it, you might want to call for professional help. If your computer is covered by a warranty that offers free tech support, contact the manufacturer.
Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.

• If you believe you have mistakenly given your personal information to a fraudster, file a complaint at ftc.gov, and then visit the Federal Trade Commission's Identity Theft website at ftc.gov/idtheft to learn how to minimize your risk of damage from a potential theft of your identity.

• Report computer fraud.

Hacking or a computer virus: Contact your Internet Service Provider as well as the hacker's, if you can tell what it is. You can usually find an ISP's e-mail address on its Web site. Include information on the incident from your firewall's log file. By alerting the ISP to the problem on its system, you can help it prevent similar problems in the future.

Contact the FBI at www.ic3.gov. To fight computer criminals, they need to hear from you.

Internet fraud: If a scammer takes advantage of you through an Internet auction, when you're shopping online, or in any other way, report it to the Federal Trade Commission, at ftc.gov. The FTC enters Internet, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

Deceptive spam: If you get deceptive spam, including email phishing for your information, forward it to spam@uce.gov. Be sure to include the full header of the e-mail, including all routing information. You also may report phishing e-mail to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

How to Prevent and Cure Medical ID Theft; This Type of Identity Theft Can Cause Even Greater Harm

2008-12-29T23:40:00.003-10:00

Most people know that if their wallets are stolen, they need to call their credit card issuers and cancel their cards. Ditto with their driver's licenses and debit cards. But it might never occur to them to call their health insurance providers to report the theft of their health insurance identification cards.

It should. In the same way that a thief can steal your identity to open credit card accounts and rack up huge bills in your name, a thief can also steal your medical identity to run up tens of thousands of dollars in medical bills. Once your insurance company pays its portion, the balance will be charged to you.

Medical identity theft is defined as the theft or unauthorized use of a person's personal information to obtain unauthorized medical goods and services, says Byron Hollis, managing director of the national anti-fraud department for the Blue Cross Blue Shield Association. Sometimes, it's a family member who doesn't have health insurance who uses your card to get medical treatment. But it's just as likely to be an "opportunistic burglar" who then uses a health insurance card to try to get drugs from a doctor or a crooked doctor who bills for services he didn't provide. It could even be organized theft ring that sets up fake clinics to bilk insurance companies for payment on nonexistent treatment, or obtains medical equipment that it then sells on the black market.

"Organized groups are certainly more dangerous," Hollis says, "but from a personal level, even an opportunistic theft or unauthorized use by a family member can be devastating financially to you or to your medical records."

The impact of medical identity theft
While medical identity theft is similar to financial identity theft, it's far more difficult to resolve. Identity theft is often discovered early on the financial side because credit card issuers have sophisticated systems for detecting fraudulent use of credit cards. Plus, nearly all financial institutions use one or more of the three credit reporting agencies.

"There's not a centralized repository for medical records," says Jeremy Miller, director of the investigation and restoration center for Nashville, Tenn.-based Kroll Fraud Solutions, which works with businesses and consumers to address problems related to identity theft. "To be able to have something like that could potentially reduce the risk of becoming a victim or reduce the recovery time. It's important to know this may not be a problem that goes away."

Every time a thief uses your medical identity to obtain medical care, it creates records with their medical information that could be mistaken for yours -- a different blood type, a history of drug or alcohol abuse, test results that aren't yours, or a diagnosis of an illness you don't have.

"It can create a very dangerous situation," Hollis says.

It can also create a health insurance crisis for you by exhausting your insurance benefits. "Most policies have a lifetime cap," Hollis says. "If you're already accessing medical coverage, you can burn through that in a short period of time."

Plus, it could create problems for you if you ever apply individually for health insurance, disability insurance or long-term care coverage. Unlike credit reporting agencies, health care providers are not required to delete or correct incorrect information on your medical records. They'll typically amend your records with a notation that some information may be suspect, but that's about it. An insurer might want to exclude covering you for treatment of a condition because your medical record indicates it's a pre-existing condition. Even worse, you could be turned down for coverage.

Uncovering medical identity theft is tough
Most people never find out that they've been a victim of medical identity theft until they get a notice of an unpaid bill for medical care they never received. By then, their credit is already damaged. That's nothing, however, compared to the case of a Salt Lake City woman who learned that her medical identity had been stolen when a state social worker and a police officer showed up at her house to take custody of her children.

"They said she'd abandoned her baby at the hospital," says Alex Johnson, a former special investigator with the FBI who now heads up a special investigative unit for Regence Group, the largest health insurer in the Northwest/Intermountain region. "Seven or eight months earlier, her purse was stolen. The lady who stole her purse was a drug seeker who was pregnant. She used the woman's ID to have the baby. A couple days later, she deserted the baby and took off. The information they had was on this woman."

The best chance for early detection of medical identity theft is to do what hardly anyone does -- actually read the Explanation of Benefits, or EOB, statement that your insurance provider sends you after you've received covered treatment.

Look for the name of the provider, the date of service, and the service provided. Sometimes, the fraud is obvious. If it says Dr. John Smith performed surgery on you on Nov. 14 and you were on a Caribbean cruise that week, you know you're a victim. But if you went to Dr. Smith that day and he gave you a shot of steroids for frozen shoulder, the insurance codes classify that as a surgery. Call your insurer's customer service number if something doesn't seem right.

Also, exercise your right to a free annual copy of your credit report. Most medical identity theft first shows up when the claim makes the transition to the billing department. If you have an unpaid medical bill on your credit report, that's a major clue that you're a victim. Another freebie is an annual benefits request to your health insurer; that will give you a list of all the benefits paid in your name for the year.

Another method for checking comes courtesy of Trisha Torrey, an About.com guide and newspaper columnist who focuses on patient empowerment. "Each time you make a doctor's appointment," she says, "ask them to verify the last time you were there." If the dates don't match your own records, call your insurance company and report your suspicions.

You can also check for discrepancies with the Medical Information Bureau. Hundreds of health-related insurance companies belong to this bureau, which collects personal information about individuals who apply for health and life insurance in much the same way that the credit bureaus collect financial information for credit issuers. It's far from comprehensive; it only collects information on people who apply for coverage individually. However, Torrey says, "they can be an entry to any other health-related organizations that might have your bogus information or stolen information."

Preventing it may be tougher
The tips for preventing medical identity theft are similar to those suggested for financial identity theft, such as shredding documents with your health insurance ID number on it instead of throwing them in the trash. Protect your insurance card and insurance information "just like you do your financial information," Hollis says. "Know where it's at and check it every once in awhile to make sure it's still in your wallet."

Practice "situational awareness" at the doctor's office or pharmacy, he says, paying attention to who's nearby when you're giving the staff your insurance card. Don't leave it sitting on the counter in plain view. Also, make sure you have an up-to-date firewall on your computer.

Preventing medical identity theft gets tough, though, because so many people have access to the information after it leaves your hands.

"It's so simple to do," Torrey says. "You've got all kinds of low-paid personnel working in a doctor's office and the cards are getting photocopied all the time."

Bottom line: If you're a victim, don't beat yourself up about it. The chances are pretty good that the deed happened after the information left your hands.

What to do if you're a victim
First things first: Call the police and report it. You're a victim of fraud. Also, call your insurance company and ask for the fraud department. They'll shut down your health insurance account, issue you a new card, and help you work through the process of dealing with any bill collectors and correcting the erroneous information that's now on file about you. Hollis says he'd prefer that customers call his department before calling the medical provider that generated the bogus claim. While that might seem like the natural thing to do, he points out that someone in that office -- even the person who answers the phone -- might be in on the scam.

"It would certainly help us in the investigation if the provider is not alerted," he says.

Also, contact the three credit bureaus, your bank, and your credit card issuers. Let them know your medical identity has been stolen so you can start cleaning up your credit.

Request access to your medical records from your health insurer and your health care providers. The World Privacy Forum has a detailed FAQ on the process. Among the steps to take is a request for an accounting of disclosures. This will help you find out who has information about you and, hopefully, correct it.

Finally, Torrey says, "make notes everywhere that it's been stolen with a phone number people can call to get the right information. If you're in an accident and can't answer questions, they could pull up the wrong information."

FTC Will Grant Six-Month Delay of Enforcement of 'Red Flags' Rule Requiring Creditors and Financial Institutions to Have Identity Theft Prevention Pro

2008-12-28T06:48:00.004-10:00

The Federal Trade Commission will suspend enforcement of the new “Red Flags Rule” until May 1, 2009, to give creditors and financial institutions additional time in which to develop and implement written identity theft prevention programs. Today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance.

The Red Flags Rule was developed pursuant to the Fair and Accurate Credit Transactions (FACT) Act of 2003. Under the Rule, financial institutions and creditors with covered accounts must have identity theft prevention programs to identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft.

The Rule applies to creditors and financial institutions. Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. Accepting credit cards as a form of payment does not, in and of itself, make an entity a creditor. Some examples of creditors are finance companies, automobile dealers, mortgage brokers, utility companies, telecommunications companies, and non-profit and government entities that defer payment for goods or services. Financial institutions include entities that offer accounts that enable consumers to write checks or to make payments to third parties through other means, such as other negotiable instruments or telephone transfers.

The Commission staff launched outreach efforts last year to explain the Rule to the many different types of entities that are covered by the Rule. The agency published a general alert on what the Rule requires, and, in particular, an explanation of what types of entities are covered by the Rule – http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm. During the course of these efforts, Commission staff learned that some industries and entities within the FTC’s jurisdiction were uncertain about their coverage under the Rule. These entities indicated that they were not aware that they were engaged in activities that would cause them to fall under the FACT Act’s definition of creditor or financial institution. Many entities also noted that, becausethey generally are not required to comply with FTC rules in other contexts, they had not followed or even been aware of the rulemaking, and therefore learned of the Rule’s requirements too late to be able to come into compliance by November 1, 2008. The Commission’s delay of enforcement will enable these entities sufficient time to establish and implement appropriate identity theft prevention programs, in compliance with the Rule.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC's Web site provides free information on a variety of consumer topics.

MEDIA CONTACT:
Office of Public Affairs 202-326-2180
******************************
Our Affirmative Defense Response System (ADRS) provides your company a plan of action, including a privacy policy and employee training, at no direct cost to you. For more information on our ADRS program, call us at (800) 306-3063 or email us at mrapozo@hawaiilink.net. Happy holidays!!

Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC
www.mplss.com

Steps to Take if You Are a Victim of Identity Theft

2008-12-27T07:07:00.004-10:00

Meadow Free Press
Meadow,ID,USA

* Advising any other individuals or organizations that can be potentially victimized by the identity thief posing as you. These may include your credit card companies, banks, credit or loan services, leasing organizations and companies you interact with (utilities, etc.). Be specific about all information you have incurred in regards to the identity theft. Utilize any aid they may be able to offer, and comply with any procedures they may ask you to do.

* It is most often best to contest bills and statements for goods or services you know you did not purchase or transacted yourself. This may result in threats due to the non-payment, but it will also open communication concerning the fraud.

* If you suspect that a thief is using your identity for criminal activities, notify the police. Be prepared to share with them any information you may have that may be useful to their criminal case.

* Credit cards must be canceled immediately if you feel the least bit concerned about their security. Credit card companies will accommodate you by issuing new cards.

* You may place a "stop" order on your bank account if you suspect your account may have been accessed without your authorization. This will prevent any further transactions from taking place and stop the identity thief from wiping out your bank account.

* Advise your bank if your check books have been stolen or you feel any of the checks are missing. Your bank will place a stop on unused checks.

* If you bank online, immediately change your PIN and passwords in case they may have been compromised.

* If you have lost any of your identification such as passport, driver's license or employee identification or pass, advise issuers right away and request replacements.

* If there is a possibility that your computer has been tampered with or accessed without your knowledge, scan it for spy ware as soon as time allows it. You should also change any passwords that may have been stolen.
* Give regard to your mail delivery that it is normal and there are no unauthorized orders of redirection.

* Create a file of everything you determine concerning the identity theft. Document all correspondence and request full details concerning money owed.

If you still do not feel secure about the handling of this matter, it is best to hire an identity theft attorney. If the legal impact of the theft is piling on you then such a lawyer is highly recommended. In most circumstances, people and companies will be sympathetic to your being a victim of identity theft. Approach the situation with tact and calmness and you will find many who will make an effort to help you.

*******************************************

To provide your family a complete wall of protection, including identity theft protection and restoration, as well as unlimited access to the legal system, visit http://www.mplss.com/. Can you imagine getting all of this for less than a dollar a day?

Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC
(808) 645-0243 Direct
(800) 306-3063 Toll-Free
www.mplss.com

Meth users good at identity theft; CBI agent urges vigilance to protect private info

2008-12-26T06:20:00.002-10:00

By MIKE McKIBBIN
Citizen TelegramRifle
mmckibbin@citizentelegram.com

BATTLEMENT MESA, COLO. - Identity theft and methamphetamine use go hand in hand, according to a Colorado Bureau of Investigation agent who specializes in tracking down those who steal people’s names and personal data.

John Zamora recently told the Parachute/Grand Valley Kiwanis Club that meth users are good at committing identity theft “because they’ve got all this energy, at least at first. Fortunately, the more they use meth, they start making mistakes.”

Identity theft is the fastest growing crime in America because “there’s big money to be made and you can make it fast,” Zamora said.

“If someone steals your identity, you can expect to spend an average of 600 hours filling out paperwork and doing other things to let your bank and credit bureaus know you’ve been a victim,” he said. “And you can expect to spend about $1,400 to fix your credit. You basically have to prove your innocence.”

Last year, Colorado had 4,328 identity theft victims, 8th in the nation, while the city of Greeley was third in the U.S. for identity theft.

“A lot of gangs are getting into stealing identities because there’s a lot of money to be made,” Zamora said. “Nowadays, they don’t have to rob someone with a gun and get away with maybe $20 or $30. They can dress in suits, come to places like the Battlement Mesa Activity Center and rummage through the offices to find someone’s social security number.”

Identity thieves steal their information from credit bureaus, auto dealers, hospitals, employers, anyone with someone’s social security number, date of birth, bank account numbers or other facts, he said. Some use small hand-held “skimmers,” devices that can quickly record information from a credit card’s magnetic strip, Zamora added.

Some state and federal laws, such as the Fair Credit Billing Act and Electronic Funds Transfer Act, limit liability and can help victims correct errors on their credit report caused by identity thieves, he said.

Zamora advised people to not carry important identification with them, such as social security numbers. Promptly retrieving mail from mail boxes, shredding all documents before throwing them away, canceling all unused and unwanted credit cards are other steps Zamora said can help prevent identity theft.

MERRY CHRISTMAS AND A HAPPY NEW YEAR

2008-12-25T06:02:00.001-10:00

From the Rapozo household, we wish you and yours a very Merry Christmas and a happy and prosperous New Year. Take care and God bless.

Increase in Identity Theft around the Holidays

2008-12-23T19:10:00.000-10:00

The Identity Theft Resource Center says it gets more calls about lost and stolen wallets around the holiday season than any other time of year. The resource center offers some tips about protecting one's identity. Here are two tips I hadn't thought of:

Debit cards: Debit cards are not credit cards, rather they are a direct link to your bank account and electronically transfer money immediately to the merchant. If you want to use debit cards, link them to a bank account with a small amount of money in it, and not to your only bank account. If the card has a VISA or Mastercard logo on it the thief can use it without a PIN. If stolen, it could be difficult to prove you didn't make the purchase when you were in the same mall that day.

Check writing: ITRC recommends that you leave checks at home and only use them to pay bills. Write checks with a gel pen with specially formulated ink that absorbs into the paper fibers or one with non-erasable ink. This makes it harder for a thief to alter the check.

5 Ways to Prevent Identity Theft From Using Social Security Numbers

2008-12-22T07:40:00.002-10:00

By Alicia G. Limtiaco
For Pacific Daily News

The Federal Trade Commission on Dec. 18 issued a report that outlined five ways to help prevent Social Security numbers from being used for identity theft.

Among the report's recommendations is that the U.S. Congress consider taking action "to strengthen the procedures that private-sector organizations use to authenticate their customers' "identities," according to the FTC.

"Identity theft continues to be a major problem in this country, with victims numbering in the millions each year and out-of-pocket losses ... in the billions of dollars," the report states.

Adopting Standards

The FTC report states that adopting standards for how businesses and other organizations verify the identity of new and existing customers would make more difficult for identity thieves to use Social Security numbers and other stolen information to carry out their fraud. The report also recommends that steps be taken to reduce the unnecessary display and transmission of Social Security numbers, but noted that restrictions should be approached carefully.

"The first step in minimizing the role of Social Security numbers in identity theft is to limit the demand for Social Security numbers by making it more difficult for thieves to use them to pen new accounts, access existing accounts, or obtain other benefits or services," the FTC stated in its report.
The commission vote to issue the report was 4-0, and was developed pursuant to a recommendation of the President's Identity Theft Task Force, according to the FTC.

The report is backed by extensive fact-finding by the FTC and other federal agencies. The report also seeks to enhance the coordination and information-sharing among organizations that routinely use Social Security numbers, and recommends steps to improve data security, and increase outreach to consumers and businesses on the protection of Social Security numbers.

Alicia G. Limtiaco is the attorney general of Guam.

*************
Click here for the FTC press release

MEDICAL IDENTITY THEFT, THE IGNORED CRIME

2008-12-21T05:15:00.003-10:00

I found this article on the Internet,and although quite accurate, it is missing one of the fastest growing types of identity theft, MEDICAL IDENTITY THEFT!:

"Financial Identity Theft

The most common form of identity theft is financial. A person stealing your credit card details can get you into a huge amount of financial debt. High charges may incur on your telephone bill if the identity thief gains access to your telephone calling card or your account. The bolder the identity thief is, the more damages he can cause. An identity thief could take out loans in your name, receive a new credit card under your name, create a utility account, lease a car or even lease an apartment under your name. In severe cases of financial identity theft, you may find that the identity thief has even taken out a mortgage on your home and disappeared online video courses the money. On rare occasions, an identity thief has been known to put his victim's home on the market. Although the task is more difficult, sales have been made in real life.

Criminal Identity Theft

Some identity thieves who steal identities for the sole purpose of using it for plotting and carrying out criminal activities. Traffic violations are the most common type of criminal online video courses committed by identity thieves. It is possible that an identity thief may carry a false driver's license with your name on it and bearing his photograph.There is no way of knowing until you receive your first citation for not appearing to respond to a traffic violation charge. Another criminal activity that an identity thief might engage in is using your license plate when they fuel up and drive off gas service stations without paying. Because it's your plate distance learning that shows on security cameras, you end up as the likely suspect. There can be even more serious criminal activities displayed where your identity is used to cover up crimes.

Cloning Identity Theft

In some cases, criminals will steal an individual's identity in order to get a passport, driver's license or access data when they are blocked from doing so with their own identity. It is possible that an identity thief may even steal another person's identity so that he can start a new life, perhaps due to a criminal past that online education yet to answer for. In these circumstances, you may not even incur any financial losses, but the experience can leave your reputation tattered. You may not even know that you have been "cloned" until you find out that your credit report has been damaged

Commercial Identity Theft

Businesses are not without risks; they can find themselves deep in problems having to do with identity theft. Landlords face potential difficulties if, for instance, a tenant poses as the owner and sells the landlord's furniture. Data or protected premises may be accessed by falsely using an authorized individual's identity. An identity thief may also pose as an distance learning to a business and make purchases, transactions or waive contracts, which could highly damage a company. In most cases, by the time the identity theft is discovered, the perpetrator has disappeared."

It is not uncommon to see articles omit this very important type of ID theft. Medical ID theft can hurt or kill you. Check out this recent article. The article states, "But as the push toward electronic medical records gains momentum, privacy experts worry those numbers may grow substantially. They're concerned that as doctors and hospitals switch from paper records to EMRs, as they're called, it may become easier for people to gain unauthorized access to sensitive patient information on a large scale."

This is scary. Here is another article that talks about the dangers of medical ID theft. Did you know that for $60, someone can buy your medical records and use it to obtain medical care? It's true as indicated here.

This is why credit monitoring alone is not enough. The credit monitoring companies do not monitor medical records. Nor do they monitor drivers license records and criminal records. This is why it is vital to subscribe to a service that provides total protection. A service that will do proactive searches in all databases to make sure that you are not a victim of non-financial identity theft.

The service that I'm talking about is our Identity Theft Shield. This service will protect you and your family against ID theft, and if you become a victim of this horrific crime, the experts at Kroll Background America will make sure that you are not a victim of any other type of ID theft.

Now, as any victim of ID theft will tell you, you need legal help when you are victimized by ID theft. With our Life Events Plan, you and your family will have access to a local law firm to help get you through the awful calls from creditors, banks, law enforcement, and others who believe that you are somebody that you're not. Believe me, it is no fun and can be extremely frustrating.

This is no joke. Medical identity theft is real and growing. Protect yourself and your family. Call us immediately for more information.

**********************************************
Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P legal Support Services, LLC
(808) 645-0243 Direct
(800) 306-3063 Toll-Free
www.mplss.com

Preventing Identity Theft

2008-12-20T09:42:00.003-10:00

Scott Cole/Cole Financial Planning
Published: December 19, 2008

One of the questions that I get asked surprisingly often concerns identity theft. It is a symptom of our times. Cyber thiefs are becoming more and more prevalent and sophisticated. An entire industry has cropped up and exploits our fear for their own economic gain. People are obviously wondering how to maneuver in this new world without being the victim of an identity crime. There is a real threat, but there are also some simple and common sense ways to protect yourself and your identity.

• Practice safe computing- For most of us these days, there is just no way around using a computer. E-mail is a staple in business life and now days it is almost a need to get plugged in, not just a luxury. That said there are some basic things you should do to protect you while computing. First, you need to have three programs on all your computers. Anti-virus, Firewall and anti-spyware. All of these are essentials in today’s environment. Make sure that you software stays up to date. Second, avoid responding to sites by clicking on links in an e-mail. It is almost always better to type the URL address. Also remember that reputable businesses will never ask for your social security information via the internet. Finally, remember that if you use social networking sites, it is not required that you give out every personal detail. The more information available, the easier it is for a thief to put together enough of the puzzle to impersonate you.

• Be prudent at home and travel lightly- A small investment in a home shredder is a wise for anyone. You should destroy all documents that contain, bank account information, credit card numbers or your social security number. Don’t forget those checks that credit card companies like to include in your bill. Don’t leave mail in your mailbox and make sure bills arrive on time and when they do arrive reviews them thoroughly for any suspicious activity. Report questionable charges immediately. When you are on the go, there is no need to carry every card that you own. Limit your cards to one or two and unless you know that you will specifically have to have it, never carry your Social Security card.

• Be your own credit monitor- There are plenty of services out there that will monitor your credit report for a handsome fee, but no one can do it better than yourself. You can get a copy of your credit report from each of the credit bureaus for free once a year at http://www.annualcreditreport.com . You can get them all at once or you could stagger them and create a more robust self monitoring system by getting one every four months. Often times, your identity may be stolen but not compromised for many years, so reviewing your credit frequently is a great habit to form. If you think there is something suspicious going on, you can place a fraud alert on the account. This forces lenders to take extra steps to verify your identity. If you still don’t feel safe, for a small fee, you could request a credit freeze. This prohibits potential lenders from accessing your credit without your authorization. If you choose this route, you need to request the freeze at each of the bureaus.

Identity theft is a reality of today’s world. While it doesn’t threaten you financially, in most cases, the time to clean up a violated credit can be substantial. However, some common sense and a little diligence will make the identity crooks lives a little harder and give you a peace of mind.

It’s everywhere these days it seems. If you read the paper, watch the news, peruse the internet, you finding warnings about identity theft. It is not all fluff either. A while back, I was working in my office, when my phone rang. It was my credit card company asking me if I was purchasing a thousand dollars of scuba equipment. I wasn’t and the charge was refused, but the call was sobering to say the least.Paranoia, however, does not have to be the end result of a sobering phone call. The booming security industry has recognized the profitable niche of so-called “identity theft protection.” There is no shortage of companies, including your credit card companies themselves that have discovered that people will pay money because they have been scared senseless by media reports. I started thinking about this after I received the fourth or fifth offer from my credit card company to monitor my credit for me. It wasn’t an outrageous fee, less than ten dollars a month, but why should I pay the credit card company to monitor something that hurts them more than it hurts me? After all, I am not responsible for fraudulent charges to my credit card company. Sure it would be a hassle to straighten out, but the industry realizes the truth of the old adage that “little and often fill the pot.” If they can get enough people to drop an extra ten dollars to them a month, it adds up to quite a profitable business venture for them, and it becomes just another financial leak in the consumer’s personal finances.

While identity theft insurance or protection services are not all that they are presented to be, there are some sensible things that each of us should do in this data-filled world. As with most things in life, protecting your identity requires some good old common sense and a little bit a diligence. First of all, watch what you share. While I personally believe that we are too private about money in general, that doesn’t mean we shouldn’t have some safeguards. For instance, there is no reason for you to carry your social security card. Put it in a locked firebox at home or keep it at a safety deposit box at your financial institution. Never give it out except for tax, employment or credit purposes. Shred financial documents that are not longer needed, and never reply to e-mails asking for such information, even if they look official.

Secondly, monitor you situation yourself. Federal law allows you to access your credit report once a year for free from the three big credit reporting bureaus. You can choose to get them all at once or one every four months, or any other interval you choose. You can request a copy at www.annualcreditreport.com. This is a good way to make sure that your report is accurate. You can report any discrepancies you find. One caveat, beware of other similarly named websites. You should also review your bank, credit card, and brokerage statements at least weekly and definitely look over the monthly statements to make sure it is correct and nothing nefarious is happening.

Third, if you are like me, you get tired of the parade of offers that come through the mail. I get “pre-approved” offers all the time, even though I have never sought them. I just don’t like all those offers sitting around in my mailbox. The simple solution is to opt out of the offers. You can visit http://www.optoutprescreen.com to take care of this. I’ll also be happy to e-mail you a copy of the federal trade commission’s brochure about consumer protection and opt out procedures if you are interested.

The truth of the matter is there is no full proof way of protecting you identity. The use of firewalls on your computer, destroying documents, monitoring the situation can all help, but nothing is 100%. My advice is to be diligent, use some common sense, and don’t become a victim of scare tactics from those who claim they can do a better job of protecting you than you can yourself. It is your identity after all and no one knows you (or how to protect you) than you do yourself. Heck, I may save the money my credit card company wanted me to pay and buy some real scuba equipment someday.

Some Interesting Facts About ID Theft

2008-12-19T19:11:00.001-10:00

Below are just a few recent facts and statistics about credit fraud and identity theft.

"More than 27 million Americans have been victims of identity theft in the last five years.... To deal with the problem, consumers reported nearly $5 billion in out-of-pocket expenses."-The New York Times

"Stealing someone's identity to acquire -- and use -- new credit cards has become one of the most popular white-collar crimes today, according to fraud investigators from across the country."-Knight Ridder/Tribune Business News

"This year alone more than 500,000 Americans will be robbed of their identities...with more than $4 billion stolen in their names."-CBSnews.com

"In one notorious case of identity theft, the US Department of Justice reported that the criminal incurred over $100,000 of credit card debt, obtained a federal home loan, and bought homes, motorcycles, and hand guns in the victim's name all the while calling his victim to taunt him."-US Department of Justice Web site

"The number of identity thefts in the U.S. has skyrocketed during the past 15 months."-CNN.com

"According to a convicted ID thief in Denver, CO, "On a good day I could make $5,000 in cash and another $7,000 to $8,000 in merchandise..."-CBSnews.com

"A recent report on identity theft warned that there is likely to be "mass victimization" of consumers within the next two years. The report said consumers should be extra careful to monitor all their financial transactions for unexplained account activity, withdrawals, or fund transfers."-The Gartner Group, a technology research group

"Every 79 seconds, a thief steals someone's identity, opens accounts in the victim's name and goes on a buying spree."-CBSnews.com

"Experts report that a victim can spend anywhere from six months to two years recovering from identity theft."-CNNfn.com

"Most people don't find out they have been a victim of a stolen identity until they are turned down for a loan or credit card. A copy of their credit report explaining the denial may unveil weeks or months of fraud."-CNNfn.com

U.S. Recommends Changes to Cut Identity Theft

2008-12-18T04:44:00.002-10:00

WASHINGTON (Reuters) - Companies and schools should find new ways to authenticate the identities of customers, employees and students that do not involve social security numbers, a U.S. consumer protection agency said on Wednesday as part of recommendations to fight identity theft.

An estimated 9 million Americans have their identity stolen every year, according to the Federal Trade Commission, which urged businesses, schools and other private entities to find better ways to authenticate identities, which already have.

"Requiring all private sector entities that maintain consumer accounts to establish appropriate, risk-based consumer authentication programs could reduce the misuse of consumer data and the prevalence of identity theft," the agency said in its report.

The commission also asked businesses that still use social security numbers to be more discreet.

"Some organizations continue to display SSNs on account statements, paychecks, applications or other documents that are sent through the mail, which puts consumers at risk for identity theft if their mail is stolen," the agency said in its report.

In other recommendations, the commission asked Congress to look at enacting standards for notifying the public in the case of data breaches and called for efforts to educate businesses and consumers on how best to safeguard social security numbers.

******************************
Our Affirmative Defense Response System (ADRS) provides your company a plan of action, including a privacy policy and employee training, at no direct cost to you. For more information on our ADRS program, call us at (800) 306-3063 or email us at mrapozo@hawaiilink.net. Happy holidays!!

Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC
www.mplss.com

ITRC's Identity Theft Predictions for 2009

2008-12-17T05:22:00.002-10:00

SOURCE: ITRC
Linda Foley, 858-693-7935 x101
Media Coordinator

SAN DIEGO, Dec 16, 2008 (BUSINESS WIRE) -- Every year the Identity Theft Resource Center (ITRC) shares its thoughts for the upcoming year. The following items are ITRC's predictions for 2009:

Real Estate-based scams: There are multiple scams that attack the equity in a home or which may be used to establish a whole new home loan. Home Equity or Mortgage Frauds can be found on the Internet, local advertising and even via word of mouth. Some real estate scams include refinancing current loans, adding in unforecasted payments or property to increase the cost of the loan. Your home, while fully paid for, could even be entangled in a second mortgage without your knowledge. Due to the unfortunate turn in the real estate market, some home owners find themselves strapped and falling behind. Opportunistic scam artists might propose relief through a bogus land grant process. The best strategy for a home owner is to talk with your bank or mortgage company before engaging an unknown company.

Credit Card scams: With the current economy, credit will be tight. Thieves may advertise the ability to get credit cards despite a poor credit score or the lack of a Social Security number. There will continue to be more scams that offer to consolidate your credit card debt or to renegotiate your interest rates.

Other scams: Job scams are on the rise as people seek second sources of income. An example would be an offer to act as an account's receivable clerk for a company outside the U.S. - opening an account, receiving checks, depositing them in the bank and then wiring them to the company. Consumers have also been receiving more "phishing" scam emails due to the merging of financial institutions and stores. These emails ask you to confirm your personal identifying information. Finally, a variety of emails reporting to be from the IRS have been circulating, including tax refund offers, audit information demands and verification of citizenship status. Don't open attachments or go to another website due to cybercrime.

Professional thieves and targeted attacks: Along with law enforcement and the financial institutions, the ITRC is anticipating an increase in more sophisticated ways to "mine" information, sometimes by organized crime groups. Cybercrime, which includes transporting or selling large amounts of personal information from one group both nationally and internationally, will continue and expand. Part of this trend includes "skimming" (duplicate scanning of credit cards or debit cards), and fake fronts on payment scanners and ATM machines. Peripheral crimes, which use identity theft for funding, will continue and increase. Cybercrime is also tied to malware attacks on individual computers of consumers.

Check Fraud: As it becomes more difficult to get new lines of credit, identity thieves may be drawn more to commit check fraud. These crimes may take the form of stolen checks, using checks thrown into the trash by unknowing consumers or even synthetic checks. Synthetic checks typically have something that links them to a consumer, usually in the name and address section of the check. The checks may be for a closed account, an account that never existed or with a bank the consumer never used.

Breaches: Some companies, public entities and other groups that collect personal identifying information are cutting IT security staff. This may be due to apathy or to budget cuts. Targeted attacks of entities may increase as thieves develop improved techniques for hacking and other forms of illegal data acquisition, especially if fewer security measures are in place.

Other Identity Theft Crimes: ITRC anticipates an increase in the fraudulent use of SSNs for work by people who can not use their own Social Security number or who don't have one. As law enforcement and the public realize that identity theft is not just a financial crime, the ITRC expects more calls from people regarding criminal and medical identity theft, and from those whose information is negatively impacted due to the actions of an identity thief. Finally, thieves are aware that the Social Security numbers of children, the deceased, the elderly and even critically ill patients are excellent opportunities for long term use of another's information.

Increase in for-profit consumer products: This market has both positive and negative sides. There are some products in the market that meet the expectations presented and others that don't. Consumers need to do their homework and understand that it is impossible at this time to completely protect a consumer from identity theft with the products currently available.

On the Positive Side: More collaborative efforts are being established to more deeply define the issues, isolate the problem areas and start policy statements on ways to deal with multi-faceted crimes. The Red Flag Compliance Laws (implementation July 2009) are a set of regulations set by the federal government which will help entities to audit their security programs, strengthen weak areas and set up written policies. However, it will be up to individual entities to enforce those policies.

The ITRC projects an increase in the training of law enforcement regarding identity theft, from local to federal levels. Federal law enforcement will be even more aggressive in their actions against international syndicates especially in cybercrimes and international job scam operations. The IRS has trained and expanded its IRS Taxpayer's Advocate program to now assist victims of identity theft. The Crime Victims' Rights Act finally includes white collar (including identity theft) crime victims.

Many states have made significant strides in stopping the use of the Social Security numbers as an identifier. We foresee the federal government addressing similar problems in the identification cards of military members and their dependents as well as those seniors using Medicare.

Conclusion: While there still are major problem areas, there are exciting new programs on the horizon. Additionally, we predict that there will continue to be an increase in the number of state and federal agencies and nonprofits that provide identity theft victim advisors at no charge or victims suffering losses and problems from this crime.

About the ITRC

The Identity Theft Resource Center(R) (ITRC) is a non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft. It is the on-going mission of the ITRC to assist victims, educate consumers, research identity theft and increase public and corporate awareness about this problem. Visit www.idtheftcenter.org

ITRC Identity Theft (C) This project was supported by Grant No. 2007-VF-GX-K038 awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. Points of view in this document are those of the ITRC and do not necessarily represent the official position or policies of the U.S. Department of Justice.

Data Breaches: Ignorance Is Dangerous

2008-12-16T09:37:00.002-10:00

By Pam Greenberg
State Legislatures 12/15/08 4:00 AM PT

A Countrywide mortgage employee working Sunday nights copied customer records from an office computer, then sold the personal information of an estimated 2 million mortgage applicants.

A group of hackers "wardriving" -- searching for unsecured wireless networks in parking lots and outside retail stores such as TJ Maxx, Marshalls, Boston Market and others -- managed to capture credit card numbers, passwords and account information for more than 40 million customers.

A laptop stolen from a National Institutes of Health researcher contained the information of about 2,500 participants in a medical research study, including names, birth dates, health data and diagnoses.

Unreported Information

Before 2004, consumers rarely heard about these kinds of thefts. But a landmark California law, which went largely unnoticed outside the state when it passed in 2002, set off a chain of events felt nationwide. California's Security Breach Notice Law requires businesses or state agencies that have a security breach to notify state residents if their personal information is lost or stolen.

Since the law took effect in mid-2003, hundreds of data breaches have been reported in the press, and more than 245 million records containing personal information have been exposed. Thousands of people have received letters warning them to monitor their records, and businesses and organizations have beefed up data security. One study put the cost of data breaches to the companies involved at $197 per record breached in 2007.

National Reach

In February 2005, ChoicePoint, a company that collects and compiles information about millions of consumers, discovered that it had inadvertently sold the personal information of almost 145,000 people to a con artist who claimed to be an executive with a Los Angeles company. ChoicePoint initially notified only California residents, who were covered by the state's notification law, even though the stolen data included information about residents in other states. Only after widespread media coverage, and after 38 state attorneys general had called for notification to victims in other states and territories, did the company notify everyone whose personal information had been compromised.

After ChoicePoint's security failure became widely known, lawmakers in other states moved quickly to make sure their citizens had the same kind of notice as California residents.

Twenty-two states enacted security breach laws in 2005, and others quickly followed in subsequent years.

In the five years since the California law has been in force, 43 states, the District of Columbia, Puerto Rico and the Virgin Islands have passed similar laws. But the laws have their critics, and researchers are beginning to take a careful look at their effectiveness.

Laws Create Change

"The law has worked surprisingly well," says State Sen. Joe Simitian, a sponsor of the California bill. "Millions of American consumers have known when their personal information had been disclosed and they were at risk."

With notice, a consumer can protect against theft by closing accounts, freezing credit reports -- effectively blocking the issuance of new credit without permission -- or issuing a fraud alert requiring creditors to check before extending any new credit.

The law also creates a powerful incentive on the part of government and business to improve data security. "You have a responsibility to handle this data with care, and if you come up short," Simitian says, "you'll suffer the damage to your reputation."

Companies have increased security practices in response to data breach laws, according to Chris Hoofhagle, director of Information Privacy Programs at the Berkeley Center for Law & Technology, who supervised a survey of chief security officers by the Samuelson Clinic. "Businesses are changing practices and policies, getting security on the accounting books, and integrating security into legal and marketing teams," he says.

Joanne McNabb, chief of California's Office of Privacy Protection, also sees businesses changing their practices. "One of the striking lessons we've learned is how much sensitive information is not safe on a server but is traveling on a laptop or flash drive. It's now becoming a common practice to encrypt these and to have policies that restrict or limit what kind of information can be carried on these devices."

McNabb points to another change that's happening in government and the private sector. "There's a real scouring of systems to remove Social Security numbers. Organizations are saying, why do we still collect this or why are we keeping this information so long?"

A 2008 review of breach incidents compiled by the Privacy Rights Clearinghouse found that about 75 percent of the publicly known breaches involved Social Security numbers. A report by McNabb's office highlights how, after one university's breach had exposed Social Security numbers and other information from 15 years prior, it changed its policies to shorten the time it retained information on certain applicants. In another example, a blood bank stopped collecting Social Security numbers altogether.

Critics Point to Limitations

Some researchers, however, are questioning the benefits of the laws. A Progress and Freedom Foundation analysis of security breach laws questions whether the costs of notification outweigh the benefits. The report's authors, Thomas M. Lenard and Paul H. Rubin, maintain that businesses already have strong incentives to spend money on data security, because many of the costs related to identity theft and fraud are borne directly by business. They also argue that the benefits of the notice to consumers are negligible since only a very small percentage of those who receive breach notices actually become victims of a fraud.

Fred Cate, a law professor and director of the Center for Applied Cybersecurity Research at Indiana University, agrees. "Research shows pretty clearly that there's very little identity theft that follows breached accounts. Security threats are all around us, but security breaches are like a little sideshow. I don't mean to suggest that they aren't a concern, but if you asked security experts to name the top 15 security risks, I doubt breaches would be on anyone's list."

Also, a little less than half of consumers fail to take action after being notified that their information has been lost or stolen. A 2005 survey of identity theft victims by the Federal Trade Commission found that 44 percent did nothing after receiving a notice about a breach of their information.

"Notices have become a substitute for real action," Cate says.

But Simitian considers notices valuable, giving consumers the opportunity to take steps if they choose. "What you don't know can hurt you. You and I may get the same notice letter, and you may close all your accounts and do everything possible to protect yourself. Someone else may do nothing. I'll take a middle position and monitor my accounts more carefully."

Simitian also thinks notices can be improved by providing standard information about what data were breached.

McNabb agrees. "If the breach involves use of credit card numbers, you know the fraud is likely to happen fairly soon, and you can close your account. But with a Social Security number, there are numerous types of fraud that can occur, it can happen anytime, and you can't change your Social Security number."

Effect on Identity Theft Unclear

According to the most recent figures from the Federal Trade Commission, 8.3 million Americans were victims of identity theft in 2005, and identity theft is the No. 1 source of consumer fraud complaints the agency receives. And given the hardship that identity theft can create for individuals, it's not surprising that some have looked to security breach laws as a solution.
But data breaches are not the only ways in which identity theft occurs. A lost or stolen wallet or thefts from mail or garbage also can lead to identity theft. In addition, information about such thefts is often based on anecdotal accounts or surveys of victims, who sometimes have no idea how their information was compromised.

"It's a fundamental problem that security breach laws have been hung on the hook of identity theft," says Hoofhagle. "Investigating the source of identity theft is extremely tricky."

A team of researchers at the Heinz School of Public Policy and Management at Carnegie Mellon has attempted to do so, however. The researchers compared identity theft rates, over time, in states with and without security breach laws, and concluded that data breach disclosure laws have "no statistically significant effect" in reducing identity theft.
The study also noted that, if a small percentage of identity thefts is attributable to data breaches, the effectiveness of data breach laws on these thefts is limited. The researchers acknowledged, however, a need for better data and further study. They also say security breach laws may have other benefits, such as reducing a victim's average losses and improving security practices.

Lessons Learned

What have we learned after five years?

"We've learned that the law works well, but that there are some improvements that would make a good law even better," says Simitian.
In addition to requiring a core set of information in notice letters, Simitian favors requiring businesses to notify a central state entity. New York, for example, requires notification of breaches to the attorney general's office.
"It gives law enforcement the information they need to assess the particular kinds of data lost or the means by which they are being breached."

State lawmakers also need this information, he says. "If we're to legislate effectively, we need to know the nature and extent of the problem."
Cate is skeptical that including a standard set of information in letters will make a difference, but he supports the idea of a central reporting requirement. A central repository would have all the benefits of notice, he says, "without scaring people about dangers when no real harm is there or if there's little they can do about it."

With central reporting, businesses could start making more rational investments in security, says Hoofhagle. "I think we'll find these laws sparked investment and innovation in security -- maybe even over-investment -- but we were in a posture of under-investment before."
As states continue to work on improving data breach laws, Congress also has been considering legislation. Some bills have made it out of committee, but none have had a floor vote.

Federal legislation is a mixed blessing," says Simitian. "If we end up with a weaker set of provisions that also preempts the more rigorous state laws, that's not going to benefit consumers."

Cate thinks Congress will act, and he's surprised it hasn't already. "It's probably because they found it a lot more complicated than they thought."
The way data are collected, used and transferred across states, it's likely many companies will opt to comply with the most stringent provisions in state laws, Cate says.

"One way or another, we'll have national preemption -- either from the state that adopts the toughest law or from Congress. But it's a classic case of states leading the way."

State and Local Governments Tackle Security Projects

2008-12-15T15:31:00.003-10:00

By Ellen Messmer , Network World , 12/15/2008

State and local governments around the country are worrying as much as any business enterprise about protecting the sensitive data they hold, based on a look at security projects in places such as Arizona, Indiana and Florida.
Arizona's government last year decided to create state-level positions for both CISO and chief privacy officer (CPO), after the Federal Trade Commission ranked Arizona first among all states in identity theft, though the exact reason wasn't cited by the FTC. After the state passed legislation for more oversight, David VanderNaalt, named CISO, began working with Mary Beth Joublanc, the state's CPO, in the newly created Statewide Information Security & Privacy Office at the Statewide Information Technology Agency.

"This is an oversight agency," says VanderNaalt, formerly CISO for the City of New York for eight years and a witness to the Sept. 11 attacks.

VanderNaalt and Joublanc report directly to Arizona's governor, among others, about whether dozens of state agencies are complying with state legislation requiring agencies to report security incidents.

"In my role I see we have 100 different business models," VanderNaalt says about Arizona's dozens of agencies and their departmental activities. While many agencies collect data about security incidents, there needs to be a centralized way to automate collection from technical sources in addition to manual reports, he says.

Just last month, for example, to comply with state law, Arizona's Department of Economic Security had to notify the families of about 40,000 children that their personal data may have been compromised following the theft of hard drives from a facility where they were stored.

VanderNaalt says one approach he's testing to report and track incidents statewide is a tool from Agiliance called RiskVision at the agencies, though he adds when it comes to identity theft, the private sector is likely to be at least as big a source of the problem.

But the purpose of the statewide office on security and privacy is to tackle wider concerns, too, including major online attacks, in order to respond with as complete a picture as Arizona's government can muster.

To do that, VanderNaalt knows he needs the trust from Arizona's employees.

"We're trying to position ourselves that reporting is a good thing, and you will get help," VanderNaalt says. The state oversight agency will also be conducting assessments of agency practices and technologies with an eye toward identifying statewide approaches to safeguarding security and privacy of data.

Securing Indiana

Indiana has already adopted a centralized approach in IT and security and it appears to be working well, according to Paul Baltzell, director of distributed services. His department is responsible for desktops used across the agencies.

Four years ago, Gov. Mitch Daniels, annoyed that even the state's e-mail systems weren't fully connected (although its state WAN was), made the decision that there should be a state-level CIO office defining infrastructure requirements, including security policies.

Indiana's IT centralization effort has had some pushback Baltzell acknowledges, noting that it resulted in about a 40% staff reduction in some IT function areas.

But by centralizing, the state government now benefits from volume discounts in IT acquisitions, including in security procurements, Baltzell says.

As part of a recent state-level acquisition of McAfee antivirus, intrusion-prevention and other security gear, Indiana also licensed McAfee's Endpoint Encryption software (based on McAfee's acquisition of SafeBoot) which it's deploying on about 10,000 laptops and other mobile devices.
"One bad security breach and you've lost all credibility," Baltzell says, adding that trying to achieve this wide a rollout of desktop encryption would have been much more difficult without a centralized statewide mandate.

Baltzell also says he's enjoying success with Intel's vPro, now used inside 6,000 of Indiana's state-agency desktops, for remote management of them "even if it's blue-screened," Baltzell says.

"We have offices all over the state, and my techs have to get in the car if they can't fix something remotely," Baltzell says. Intel's vPro has greatly simplified remote management for Indiana employees and Baltzell hopes security vendors will work with Intel to explore some of the potential it offers in malware defense.

Security at the local level

Local city governments also take on ambitious security projects and find it can be a substantial effort to put in place centrally mandated IT governance policies just for city agencies.

"A key one we had is software installation and computer-use policy spelling out the rules of engagement," says Nelson Martinez, systems support manager for the City of Miami Beach municipal government in Florida, which has about 2,000 employees using computers.

Establishing a citywide computer-use policy entailed meeting individually not only with city agencies themselves but also with five unions and their lawyers, including the police and fire unions, to discuss the policy and how violations would be handled."It all went faster than I thought it would," says Martinez says, noting each group voiced issues about how reprimands or punishments might be applied. In the end, it was made clear that while the IT department might be providing information about blatant violations of IT policy — for instance, "no chat, no instant messaging, no adding in unofficial software except with permission" — it's up to high-level city management to handle the repercussions, he says.

For endpoint enforcement on almost 2,000 employee computers, the city is using eEye Digital's Blink, which prevents malware from executing as well as blocks unauthorized applications. "I'm trying to keep them out of trouble," Martinez says. "People are always trying to test the boundaries."
Martinez says one of the most ambitious projects the city is undertaking now is single-sign on authentication using fingerprint biometrics for authentication in order to attain a higher security level than simple passwords.

The project makes use of Imprivata's single sign-on appliance, Microsoft Active Directory and UPEK scanners, and is starting with 150 city personnel, including the city's directors and those in law enforcement and emergency response.

Biometrics is important "because it all comes back to security," Martinez says. "You can use complex passwords, but you will have people writing sticky notes."

Identity Theft Harder than Ever to Prevent

2008-12-13T16:34:00.000-10:00

With so many companies leaking your personal information, it's more and more likely that you'll get your identity stolen at some point. But a new report from the US government reports that law enforcement is lagging way behind on convictions for identity theft.

In fact, say officials, convicting an identity thief is almost impossible.

Things aren't all gloom and doom. In 2007, 26 percent more identity thieves were convicted in the United States than in 2006. That's a huge jump, but it still means that only 1,943 people were convicted of identity theft last year — that's out of about 1.6 million reports of identity theft on file with the Federal Trade Commission. Partly this is because the techniques that ID thieves use are always changing with changing tech. But it's also because so many of these crimes happen across national lines.

According to Threat Level's David Kravets, though, the US has a few ideas about how to combat ID theft. Some are obvious, like using social security cards less often.

But others involve creating new mega-ID cards and a new law enforcement unit:

The 70-page document (.pdf) also includes 31 recommendations to combat identity theft. The report has a couple of interesting recommendations: the creation of a "National Identity Theft Law Enforcement Center" and providing victims of identity theft with a so-called passport "to prove they are who they say they are."
So basically if you're the victim of a ID thief, you'll have to carry around additional identity papers.

Welcome to more airport line-waiting nightmares, to say the very least.

Identity Theft Scam Targets Investors; E-Mail Claims To Be From The Internal Revenue Service

2008-12-12T17:44:00.002-10:00

BY MONDEE TILLEY, MOUNT AIRY NEWS
POSTED: 9:23 am EST December 11, 2008
UPDATED: 10:46 am EST December 11, 2008

A new scam is targeting non-resident investors in the U.S. It is an e-mail message, reportedly from the IRS, that threatens to impose a 30-percent withholding tax on all income from the account if the recipient fails to disclose a great deal of confidential information.

Here is an excerpt from the e-mail message now hitting local and worldwide in-boxes:
“Our records indicate that you are a non-resident alien. As a result, you are exempted from the United States of America Tax reporting and with-holdings, on interest paid you on your account and other financial dealing to protect your exemption from tax on your account and other financial benefit in rectifying your exemption status.

“Therefore, you are to authenticate the following by completing the form W-4100B2, and return to us as soon as possible through the fax number: 1-646-731-6884.”

Sgt. Alan Freeman, a detective with the Mount Airy Police Department, said, “They seem to be targeting the Hispanic community. Whenever in doubt, seek professional advice. Call the IRS, or your local law enforcement agency. The IRS would not be sending this type of information via the Internet. They would not be asking questions about this type of information.”

Yvonne Nichols, executive assistant with the Greater Mount Airy Chamber of Commerce, said she received the e-mail in her inbox recently.

“I talked to the IRS, and they said they only correspond via mail, not e-mail.”
According to the Internal Revenue Service, the agency warns taxpayers about Internet scams in which fraudulent e-mails are sent that appear to be from the IRS.
The e-mails direct the consumer to a Web link that requests personal and financial information, such as Social Security, bank account or credit card numbers. The practice of tricking victims into revealing private personal and financial information over the Internet is known as “phishing” for information.

The IRS does not send out unsolicited e-mails or ask for detailed personal and financial information. Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.
The information fraudulently obtained by scammers is used to steal the taxpayer’s identity and then his or her financial assets. Generally, identity thieves use someone’s personal data to steal his or her financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name and even file fraudulent tax returns to obtain refunds rightfully belonging to the victim.

“Don’t be fooled by these shameless scam artists. The IRS doesn’t send unsolicited e-mail,” said IRS Commissioner Mark W. Everson. “Always exercise caution when you receive unsolicited e-mails or e-mails from senders you don’t know, and always verify the source.”

Last year, the IRS established an electronic mail box, phishing@irs.gov, to receive copies of possibly fraudulent e-mails involving misuse of the IRS name, logo or Web site for investigation. Since the establishment of the mail box, the IRS has received more than 17,700 e-mails from taxpayers reporting more than 240 separate phishing incidents. To date, investigations by the Treasury Inspector General for Tax Administration (TIGTA) have identified host sites in at least 27 different countries, as well as in the United States.

The only genuine IRS Web site is www.IRS.gov.

More information on phishing schemes and others, including abusive tax avoidance transactions, frivolous arguments and more, may be found on the Compliance and Enforcement page on this Web site. For information on preventing or handling the aftermath of identity theft, visit the Federal Trade Commission’s (FTC) Web site.

MORE TIPS AND COMMENTS

2008-12-10T13:55:00.002-10:00

Every one loves a "Top 10" this time of year, so here is a great one from our friends at Kroll Fraud Solutions. It was put together by Brian Lapidus - Kroll Fraud Solution chief operating officer and identity theft expert. Enjoy!

1. Beware the Word "Prevent"
No person and no product can prevent identity theft. As long as criminals can benefit from stealing, there will be theft. Sensitive personal information (SPI) is everywhere, housed and archived in a mind-boggling variety of ways. Individuals and companies can reduce access to SPI and improve safeguards around it by working to change how we share, collect, store and dispose of information.

2. There Are No Guarantees
This mantra holds true for a lot of things in life and dealing with identity theft is no exception. While a number of instances of fraud can be restored to pre-theft status, some identity dilemmas simply can’t be fixed. If you’re on the ‘no fly list’ thanks to an imposter or an error, you’ll stay there. A third-party solution cannot deliver a remedy.

3. Watch for "Shoulder Surfers" and "Skimmers"
Shield the entry of personal identification numbers (PINs), and be aware of people standing entirely too close by when using your credit or debit card in public. Especially with the advent of cell phone cameras, a sneaky, shoulder surfing thief can get your private information pretty easily, if you’re not careful. It’s also advisable to use teller machines that are familiar to you, so you are in a better position to identify when the equipment looks different or doesn’t “feel right.” Your increased awareness may reveal a skimmer’s attempt to steal PINs and banking details at that site.

4. Keep Your Social Security Card Safe at Home
Unless you’re on your way to fill out a job application, there are very few reasons to carry around the crown jewel of SPI. At lunch a few weeks ago, the woman beside me opened her wallet for a credit card and there was her Social Security card, too. Remember, ID theft and fraud are not exclusively credit-related – thieves can use a clean Social Security number to construct a whole new life.

Additional note from Dave: I regularly receive emails from Fight Identity Theft visitors explaining how they just had their purse or wallet stolen with their Social Security card inside. Remove that card today!

5. Destroy Before You Dump That Old Computer
Erasing data just enables the computer to write over that space again; it doesn’t actually eliminate the original bits and bytes. Physically remove the hard-drive to ensure you’re not tossing out or passing along your personal details. Our company is often called upon to recover data from an erased or damaged drive; we’re very good at it – and so are some professional thieves.

Additional note from Dave: You could also consider using a software tool like Eraser to do a complete wipe of your drive. If you physically remove your drive, smash the drive with a hammer (find someone strong) before throwing it in the trash.

6. Choose "Forget Me’ Instead of "Remember Me"
How many Web sites do you frequent that invite you to enable an automatic log on the next time you visit? Don’t check that box! When convenience trumps confidentiality, you’re asking for trouble. The harder you make it for hackers to follow your trail into an online store or bank account, the better.

Additional note from Dave: This is absolutely necessary when using public computers. In fact, you should avoid accessing any secure sites from a public computer (like a library, internet cafe) or when using a public wireless network or wifi hotspot.

7. Don’t Rely On Fraud Alerts Or Credit Freezes Alone
Fraud alerts are meant to stop an identity thief from opening new accounts in your name. Credit freezes let you restrict access to your credit report, which would also make it hard for someone else to open new accounts. But, neither one will stop a thief from trading your SPI for cash, or using it for tax fraud or in any of the countless other ways fraudsters exploit stolen identities.

8. Practice Prudent Posting
Social networking sites on the internet enable individuals around the world to chat, share photos, recruit employees, date, post resumes, auction property, and more. Because the Web makes it possible for any posted document to link with another, any data you put out online have the potential to stay there for what amounts to electronic eternity.

Additional note from Dave: I suggest creating usernames or an email address that don't contain your name or anything traceable to you, whenever possible. You also might consider using different usernames on different sites. This makes sense because if someone is able to determine that you use "CatLuvr55" on one site, it's an easy search to track down "CatLuvr55" on any other sites where you have a profile.

9. Keep That Key
When you check out of a hotel where you were issued a card-key to unlock the door to your room, don’t leave the card-key behind. Hold on to it until you’re safely home and can shred or otherwise discard it safely. Some say it’s an urban myth that the card-keys hold vital details like credit card numbers, while others report having tested and confirmed the presence of private data coded into the magnetic strip. Even if there’s no definitive answer, why risk it?

Additional note from Dave: Not sure I'm convinced on this one. I'd need to see more data showing that it is a problem. Snopes.com debunks this pretty thoroughly.

10. What’s In Your Wallet?
Make photocopies of the personal material in your wallet: Driver’s license, credit cards, insurance cards, all of it – front and back. Should your wallet be lost or stolen, you won’t be left wondering what was actually taken, and you’ll be able to quickly notify the appropriate agencies about what has taken place.

Source: -http://fightidentitytheft.com/blog/-2/top-10-identity-theft-tips-for-2008/

****************************************************
Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC
www.mplss.com

How can you prevent identity theft from happening to you?

2008-12-09T18:02:00.002-10:00

Promptly remove mail from your mailbox after delivery.
Deposit outgoing mail in post office collection mailboxes or at your local post office. Do not leave in unsecured mail receptacles.
Never give personal information over the telephone, such as your social security number, date of birth, mother's maiden name, credit card number, or bank PIN code, unless you initiated the phone call. Protect this information and release it only when absolutely necessary.
Shred pre-approved credit applications, credit card receipts, bills, and other financial information you don't want before discarding them in the trash or recycling bin.
Empty your wallet of extra credit cards and IDs, or better yet, cancel the ones you do not use and maintain a list of the ones you do.
Order your credit report from the three credit bureaus once a year to check for fraudulent activity or other discrepancies.
Never leave receipts at bank machines, bank counters, trash receptacles, or unattended gasoline pumps. Keep track of all your paperwork. When you no longer need it, destroy it.
Memorize your social security number and all of your passwords. Do not record them on any cards or on anything in your wallet or purse. Sign all new credit cards upon receipt.
Save all credit card receipts and match them against your monthly bills.
Be conscious of normal receipt of routine financial statements. Contact the sender if they are not received in the mail.
Notify your credit card companies and financial institutions in advance of any change of address or phone number.
Never loan your credit cards to anyone else.
Never put your credit card or any other financial account number on a postcard or on the outside of an envelope.
If you applied for a new credit card and it hasn't arrived in a timely manner, call the bank or credit card company involved.
Report all lost or stolen credit cards immediately.
Closely monitor expiration dates on your credit cards. Contact the credit card issuer if replacement cards are not received prior to the expiration dates.
Beware of mail or telephone solicitations disguised as promotions offering instant prizes or awards designed solely to obtain your personal information or credit card numbers.
Use caution when disclosing checking account numbers, credit card numbers, or other personal financial data at any Web site or on-line service location unless you receive a secured authentication key from your provider.
When you subscribe to an on-line service, you may be asked to give credit card information. When you enter any interactive service site, beware of con artists who may ask you to "confirm" your enrollment service by disclosing passwords or the credit card account number used to subscribe. Don't give them out!

Guard Yourself Against Identity Theft on Social Networks

2008-12-08T15:18:00.002-10:00

08:14 AM CST on Monday, December 8, 2008
By PAMELA YIP / The Dallas Morning News pyip@dallasnews.com

The next source of identity theft may be social networking Web sites.

"There's a growing problem, and the risks are increasing," said Scott Mitic, chief executive of TrustedID, which has identity-theft protection products for consumers and businesses.

Officials of the Federal Trade Commission, which enforces identity theft laws, said they know of no ID theft cases that have arisen from social networking sites, but you can't be too careful.

Thieves are constantly searching for new ways to get you to divulge any sliver of personal information so they can tap into your wallet.

And social networking sites such as MySpace and Facebook are becoming a "growing pool of valuable information that at some point thieves may consider more valuable than a credit report," Mr. Mitic said.

For example, most of us use facts associated with our lives as user words or passwords, and thieves are learning they can mine these facts from social networking sites.
"I know most Americans who, if they have pets, that's usually their password," Mr. Mitic said. "The information that may seem innocuous to share may have real value to individuals with criminal minds."

Social networking sites enable people to freely express themselves in a way that may cause them to unwittingly drop morsels of information that criminals can extract to steal their identity.

Here's how it might work:

Your profile says that you live in Texas, you were born in Dallas, your beloved pet's name is Max and that you like to spend time with your parents, Dick and Jane.

It also says that today you're venting your anger at your bank – Bank XYZ – because it's been slow to resolve a problem with your account.

Now criminals know the name of your bank, the name of your pet and your mother's name. They will seek to learn your mother's maiden name, which is often used as a security question on bank Web sites.

Here are some tips to protect yourself online. You've heard them before, but they're particularly important for social networking sites because the information you post can be accessed by others:

•Never post sensitive personal data, such as your Social Security number, driver's license number and bank account numbers.
That includes your hometown, mother's maiden name, your date of birth, your high school, the hospital or city in which your were born and your favorite color.
"There are all of these secret-password answer questions," Mr. Mitic said.

•Avoid telling everyone your physical location and what you're doing at the very moment, especially if you're away from home. That's an invitation for someone to burglarize your home.

•Manage privacy controls on social networks. Set your profile to "Private" to prevent uninvited people from viewing your personal information.

•Don't make your password easy to guess.

•Only allow people you know to view your personal profile. Be careful about allowing strangers to view your profile because people aren't always who they say they are.
Officials of social networking site Facebook said they give users tools to protect themselves.

"Facebook users' profiles are by default accessible only to confirmed friends and others in a given network, and we've put in place additional protections for more sensitive information like phone number, e-mail, and home address," said spokesman Simon Axten. "Users can control access to information as they see fit using the extensive and particular settings we offer."

Users of MySpace also can control how visitors and other MySpace members communicate with them by controlling their account settings.

It reminds users that their personal profile and MySpace forums are public spaces and advises users to not post sensitive personal information.

Many of you will see this advice and say it's unrealistic because I'm practically muzzling you. But you have to decide how much information you want to share.

"How safe do you want to be?" Mr. Mitic said. "How risky a lifestyle do you want to live? We live in a world where it can be dangerous to publicly expose personal information about yourself. If you want to live a safer life, you need to be more protective of your information."

Bottom line: Have fun but be safe.

***********************************************

Let us help you with your identity theft protection needs. We provide monitoring and restoration benefits to all our members. For more information, visit www.mplss.com or call our office toll free at (800) 306-3063. Happy holidays to all of you!!

Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC

Beware of ID Theft During the Holidays; Tips for Protecting Yourself Online and in Stores

2008-12-07T16:25:00.002-10:00

By Eileen AJ ConnellyAssociated Press
Posted: Sunday, Dec. 07, 2008

Six steps you can take to protect your identity while holiday shopping:

Do not use debit cards. Why? Because credit card companies provide better coverage in case of theft, limiting a card holder's liability to $50. Many bank debit cards have no liability limits, and if a thief gets access to an account, it could be cleaned out before the victim even knows there's a problem.

Use just one credit card. This limits the amount of information in circulation. Also, instead of signing the credit card write “SEE ID” on the back, which Domeniko said will force merchants to ask the user for identification.

Don't let your credit card out of your sight. Unscrupulous workers can copy numbers or skim information into a second machine. Make sure clerks return your card before you leave the checkout.

Travel light. Remove anything from your wallet you don't need; never carry your Social Security card. Leave your checkbook at home if you're not going to use it.
Keep receipts. Not only do they help if returns are necessary, but receipts contain information that can be helpful to thieves. Never leave receipts visible in cars or exposed elsewhere.

Be savvy online. Check for the seals from VeriSign, the Better Business Bureau or other groups that authenticate Web sites and click on them. Legitimate sites will have links to certifications. No links could mean the symbols were simply copied to the site.
Shoppers both online and in the malls shouldn't let their guards down while hunting for gifts – a slight slip-up and they may give away more than they bargain for, identity theft experts say.

No one knows exactly how many people have their personal information stolen each year, but government statistics suggest the number may hit 8 million or more. Whether through physical theft of forms of identification, or through electronic means online, or at stores where cards are swiped for purchases, thieves have myriad ways to obtain your personal information.

Take that woman behind you at the mall ATM. She may be standing close to let the crowds pass by, but she also may be trying to sneak a peek at your PIN number. And the e-mail you receive asking you to “verify” your credit card information is probably not from the site where you just purchased your nephew's present, but from a scammer who tapped into the retailer's site.

“ID theft is obviously a threat any time of year, but particularly during the holidays, thieves and crooks come out from under their rocks to take advantage of unsuspecting consumers,” said Gail Cunningham of the National Foundation for Credit Counseling, which offers tips for consumers at www.protectyouridnow.org.

Steven Domeniko, chief executive of IdentityTruth, an identity protection service based in Westborough, Mass., said the recession is likely to contribute to a rise in ID theft. “People are getting more creative in defrauding other people,” he said.

One thing that concerns Domeniko is that much of the focus on ID theft centers on credit card use, but illegal ATM transactions are a large and growing problem. “People need to be more aware that they're susceptible and they can lose a lot more,” he said, noting that thieves who access bank accounts can drain them before someone knows they're a victim. He advised against using freestanding kiosk ATMs and instead using bank ATMs equipped with security cameras.

Theft of Children's Identities Often Goes Unnoticed for Years

2008-12-06T07:38:00.002-10:00

By Diane C. Lade
South Florida Sun-Sentinel
December 1, 2008

Randy Waldron Jr. deposited his first paycheck when he was an infant. By the time he was in elementary school, he had bought and sold property, cars and restaurants and racked up tax liens because of financial problems. He had a felony record at age 7. At least so said credit reports, property records and court documents.

But the true culprit, Waldron said, was his estranged father, Randolph Waldron Sr., of Loxahatchee, who covertly used the boy's Social Security number for 22 years, beginning shortly after his birth.

Consumer advocates say the Waldron case is a classic example of a serious problem: child identity theft. The Federal Trade Commission estimates about 500,000 identity theft incidents annually involve children under age 19, with the majority of the thefts occurring between birth and age 5. That's about 5 percent of all suspected ID theft cases. Federal officials said they have seen the numbers rise slightly during the past several years.

Often, but not always, a parent or guardian is involved. Theresa Ronnebaum, an identity theft victim advocate with the Florida Attorney General's Office, said she thinks that as a result, the crime is seriously underreported. The betrayal and trust issues, along with the number of years that often pass before deception is discovered, make prosecution difficult, Ronnebaum said.

Parents often start off small, using a child's number to open a utility or cell phone account because they can't get credit under their own identities. "Soon it snowballs to credit cards or business loans," said Ronnebaum, whose ID theft hotline has logged at least 200 Florida cases involving children since 2002.

The nonprofit Identity Theft Resource Center in San Diego estimates more than half of the child ID theft reports it has examined involve parents or family members. But strangers also can pick up a Social Security number, which has no age identifier, from pediatric or school records, from stolen ID cards or through data breaches, said center founder Linda Foley. Foley advises parents to watch for red flags such as credit card offers or bills addressed to the child arriving in the mail. But she cautions against asking for a credit report on a child if there are no signs of trouble because it opens a file under that youngster's name. "Then creditors can say, 'Oh, look, there's a consumer,'" she said. "What we want is for a minor to have no credit file."

One reason for the emergence of child identity theft is 90 percent of Americans now get their Social Security number days after they are born. In the past, most Americans applied for a number when seeking a first job. But since 1989, the Internal Revenue Service has required a Social Security identifier for dependent children age 1 and older in order for parents to claim them on their taxes.

Some law enforcement agencies also think child ID theft is becoming more attractive to thieves as personal information becomes harder to steal from adults, who are becoming more vigilant about monitoring their credit.

Paul E. Bresson, a spokesman for the FBI in Washington, D.C., said a "world of financial hurt" can happen between the time a theft occurs and when it's discovered. Often, that gap is a decade or more — when the victim applies for a school loan, a credit card or a job. Waldron was 17, and planning for college, when his mother tried to add him to her credit card. The request was denied on the basis that Waldron had bad credit. "We discovered it was no mistake, that my father had been running his whole life with my Social Security number for years," said Waldron, 27, a commercial pilot now living in Boston. In affidavits that Waldron submitted to federal court after his father filed for bankruptcy under his identity, the senior Waldron admitted he had "fraudulently" used his son's Social Security number for years "without his knowledge or approval." It took Waldron 10 years to untangle his records from his father's — documents that showed a felony conviction in South Florida and a $150,000 civil judgment.

The younger Waldron said he initially could not get a student loan and was turned down for jobs because he couldn't get required security clearances. He eventually had no choice but to get a new Social Security number, a step the federal government considers a last resort. Waldron's father could not be reached for comment for this article. Waldron had a hard time convincing a Florida bankruptcy judge that the actions committed by his father, who had an almost identical name, were not his own.

"I still have negative things on my credit report and am hounded by debt collectors," he said.

Diane Lade can be reached at dlade@SunSentinel.com or 954-356-4295.

***********************************************

Let us help you with your identity theft protection needs. We provide monitoring and restoration benefits to all our members. For more information, visit www.mplss.com or call our office toll free at (800) 306-3063. Happy holidays to all of you!!

Mel Rapozo
Certified Identity Theft Risk Management Specialist
M&P Legal Support Services, LLC

The Latest Identity Crisis; Medical ID Theft

2008-12-05T11:02:00.002-10:00

By Jennifer Nelson
Publication Date: 12/07/2008

When Brandon Sharp, 37, of Spring, Tex., applied for his first home loan, his lender called with bad news: The $20,000 in unpaid hospital bills on his credit report had damaged his chances for a mortgage. But Sharp hadn’t had any health problems. He was a victim of medical ID theft. Someone had stolen his information in order get health care.

According to the World Privacy Forum, a nonprofit consumer-education group, medical ID theft may affect up to half a million people—many of whom don’t even know about it. And unlike “ traditional” ID theft, it can jeopardize not only your credit but also your health. “If the thief has diabetes, it’s now on record that you have diabetes,” says Joy Pritts of Georgetown’s Health Policy Institute. “That might factor into what medications you’re given.” There’s also potential for exhausting your insurance benefits—not to mention the time and effort needed to undo a thief’s work.

The Federal Trade Commission estimates that it takes 30 hours for consumers to sort out a financial-identity theft. When medical records are involved, however, it takes even longer. Chuck Ottati, 33, of York, Pa., is still fixing the mess made by an acquaintance who stole his Social Security card and used it to run up thousands of dollars in hospital services. The thief was caught and spent time in jail, but since it can take months or even years for a hospital’s collection agency to report charges to credit bureaus, Ottati continues to receive collection notices today. “ It’s never over,” he says.

Complicating matters is the Privacy Rule under the Health Insurance Portability and Accountability Act. In theory, the rule permits you access to your medical records and gives you the right to have mistakes fixed. But in reality, “once something has been put into your medical record, doctors are very reluctant to remove it,” says Pritts. Ottati, for one, had to hire an identity-theft protection service to monitor and correct erroneous charges for him.

Criminals can gain access to your health information through a lost or stolen Social Security card, driver’s license, or health-insurance card. In some cases, health-care workers with legitimate access steal your information and sell it.

To prevent your identity from becoming the next hot commodity, guard your health-insurance card carefully. Don’t carry it with you unless you’re visiting a provider, and never give out or write your policy number on health premium checks. Shred old documents containing health information, visit trustworthy facilities that require a photo ID, and use only reputable websites when applying for insurance online.

In addition, periodically request a review of your medical records to ensure that the information they contain is yours. Ask your health insurer for a statement of claims paid, and obtain credit reports from all three credit-reporting agencies yearly. Immediately dispute anything suspicious.

Brandon Sharp cleared his name in time to buy his home but says, “It’s a real hassle and a constant struggle. I’ve adapted to taking care of it, but do I wish it wasn’t there? Oh, yes.”

If You're a Victim

1 File a police report. It may be helpful in clearing charges with providers and resolving insurance issues.

2 File a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights.

3 Check your explanation of insurer’s benefits and question items you don’t recognize.

4 Put a freeze or monitoring alert on your credit. It won’t prevent medical ID theft, but it will inform you of new charges.

5 Consider hiring an identity-theft protection service. For a monthly fee, it will track, dispute, and correct erroneous charges for you.

********

Call us at (808) 645-0243 for information on how we can help protect you from medical identity theft.

The Truth Behind LifeLock's Guaranteed Protection From ID Theft

2008-12-04T06:50:00.002-10:00

Story Published: Dec 3, 2008 at 6:36 PM PST
Story Updated: Dec 3, 2008 at 7:08 PM PST
By Herb Weisbaum

How much would you pay to protect yourself from identity theft?

A company called LifeLock sells this peace of mind for just $110 a year, and it backs up its service with a $1 million guarantee.

But can the company deliver? I decided to find out.

The pitch is mighty convincing. It involves Todd Davis, the CEO of LifeLock, giving out his social security number. Consumer groups say these ads give potential consumers a false sense of security."

And I think it's misleading to imply to people that this service, the LifeLock service, is so good that you can be irresponsible, totally irresponsible and show your social security number all over the place," said Jeff Blyskal with Consumer Reports.

I met with Davis earlier this year. As expected, he had no problem sharing his social security number. I asked him to explain how he can prevent identity theft from happening.

"The primary front line of defense that we put in place is with fraud alerts that we place with the major credit bureaus - Equifax, Experian, TransUnion - and renew those for you every 90 days," he said.

Fraud alerts are designed to reduce the chances someone will steal your ID and open an account in your name. But they're not perfect. That's where LifeLock's $1 million guarantee comes in.

"If the service fails for any reason, we actually go use our expertise, hire whoever we need to hire, cover all loses, all expenses up to $1 million dollars so the victim is not out time or money because of this fast-growing crime of identity theft," Davis said.

Cover all losses? That's not what LifeLock says on its Web site. The terms and conditions clearly state the company is only responsible for failure of its service. It will not pay you "for any loss you incur."

And here's one more thing the ads don't tell you. Davis himself was a victim of identity theft even after using the LifeLock service."

A fraud alert does not make you bullet-proof to identity theft. So there was an individual who was able to go out in Fort Worth, Texas, get a $500 pay day loan because the issuing pay day loan company did not use one of the major credit bureaus," he said.

Keep in mind, LifeLock's guarantee wouldn't cover Davis in this case because he "unnecessarily" shared his social security number -- a violation of LifeLock policies.

One more thing I learned: at least eight lawsuits were filed against the company this year. The major claim is that LifeLock makes "false or misleading statements" about its services. Davis dismisses the legal action. He says he has 1.3 million happy customers and that anyone who has invoked the guarantee has been satisfied.

*****************************************************************
Call me at 808-645-0243 for information on how to protect you and your family from identity theft. Our Identity Theft Shield is the only product that provides monitoring and restoration benefits to its members. Visit www.mplss.com for more information. Happy Holidays!!!

PLEASE READ!!!

2008-12-02T00:59:00.002-10:00

Officials: Slight Increase in Identity Theft May Occur During Holiday Season
By TIFFANY WRIGHT Daily American Staff Writer
Saturday, November 29, 2008 11:56 PM EST

Consumers should use caution when swiping their credit cards or making online purchases this holiday season, as personal information can be subject to identity theft.But experts say people should take caution year-round to protect their personal information so they do not fall victim to identity theft.

“The biggest thing for people during the holidays is to watch the information they’re handing out,” said Zack Friesen, an identity theft educator and expert. He formed a program to educate people about identity theft after his identity was stolen at the age of 7, but did not know about it until he was 17 years old.

Friesen said during the holiday season people can be so busy that they fail to look at bank statements or receipts of their purchases, and may not know they had their identity stolen until after the holidays.He said people should pay attention when handing out their credit cards to make sure they are not being swiped on two machines.

“There are so many extra purchases that people are making during the holidays that they have to be careful when they hand over their credit card,” he said.

Younger people, who Friesen said are the most common victims of identity theft, need to watch the information they submit for seasonal jobs.

“With temporary jobs you fill out applications that have personal information on it and students needs to be more responsible when they fill out applications,” he said.

Identity can be stolen from applications that have been thrown in the trash or because multiple people view the information.

Nils Frederiksen, a spokesperson with the state attorney general’s office, said more people are victims of identity theft by someone stealing their identity directly rather than online.

“Be careful what you carry in your wallet or purse during this time of year because mugging and pick pockets can increase when crowds are bigger and people are more distracted,” he said. “If someone steals your wallet they have your credit card, social security card, health insurance information and drivers license, so they have your entire identity. When you shop online they can only get your credit card number.”

Frederiksen said the attorney general’s office handles several hundred cases of identity theft a year, but it is not just prominent during the holidays.

James Shaw, Somerset state police station commander, agrees that identity theft cases are consistent throughout the year.

He said consumers should protect private data by shredding old information and checking their mail daily so it does not pile up. People should check their credit record every month so unusual purchases do not go missed and contact police to start an investigation if they think their information has been stolen.

Shaw said the department handles between 15 and 20 cases a year.

Friesen said clearing credit and a name after identity has been stolen can be a long and vigorous process.“

A lot of people find out their identity has been stolen when they’re looking to get a loan and those people end up spending four times as much money and three more months clearing up their information and name,” he said.

Never give out personal information, including your social security number, to people trying to contact you through a phone call or e-mail, Friesen said. He said keep track of purchases and unsolicited attempts to get information in order to assist police during an investigation.

Frederiksen said TransUnion, Equifax and Experian are the three legitimate sources for free annual credit reports. The official site to help consumers obtain their free report is www.annualcreditreport.com.

A GREAT ARTICLE FOR THE HOLIDAYS!

2008-11-30T07:56:00.004-10:00

PROTECT YOURSELF FROM IDENTITY THEFT!

By John Few
Demopolis Times
Published Friday, November 28, 2008

Shoppers may spend less this holiday season, but it’s unlikely crime will take a holiday in the final months of 2008.

It’s important to protect yourself, your property and your hard-earned cash from thieves — especially identity thieves — while you’re holiday shopping this year.

Law enforcement agencies across the county routinely report crime spikes during the holiday season, and there’s no reason to think this year will be any different. Identity theft — the unauthorized use of personal information like your name, Social Security or credit card numbers — generated the most consumer complaints in 2007, according to the Federal Trade Commission.

Victims spend an average of 300 hours repairing the damage wrought by ID thieves.

Marengo County Chief Deputy Sheriff Tommy Reese says this kind of theft is on the rise in the county, leading local law enforcement agencies to warn people of possible scams.

“We’ve seen a significant rise in identity thefts, consumer fraud and scams in the past six months,” Reese said last month.

“As the economy gets tighter, criminals tend to get a little more bolder with these types of scams and innocent people looking for a quick fix to their money problems are quick to take a gamble and fall for such schemes.”

Each month, more arrests are being made for ID theft.

“It used to be that robbers would use guns and knives to steal your money. Now they use the computer, the telephone and the mail,” said Reese.

“We expect to see a rise in these kinds of crimes during the holiday season. People need to take caution.”

Here are a few ways to protect yourself from identity thieves during the holidays and throughout the coming year:

• When shopping at the mall or other retail centers, never leave your purse, wallet or purchases in the car.

• Likewise, minimize the identifying information and financial cards you carry in your wallet.

• You may be tempted to clean out your car when you stop for gas, but never leave receipts, especially bank receipts, bill stubs or any other identifying paperwork in a public trash can.

• When shopping online, stick with sites that have the closed lock icon at the bottom of your browser. It means you’re dealing with a site that practices security measures.

• Smart safety and shopping practices, and the right protection tools, can help ensure the holidays stay bright for you this year, and not for the identity thieves.

*******************************************************************************
Identity theft is for real. You are at risk! Let us help protect you and your family from this horrible epidemic. Please call me at 808-645-0243 for more information.

-Mel Rapozo

PLEASE DON'T FORGET!!

2008-11-28T07:31:00.001-10:00

When doing your Christmas cards this year, take one card and send it to this address. If everyone sends one card, think of how many cards these wonderful special people who have sacrificed so much would get. When you are making out your Christmas card list this year, please include the following:

A Recovering American Soldier
c/o Walter Reed Army Medical Center
6900 Georgia Avenue,NW
Washington,D.C. 20307-5001

Thank you and may God bless each and every one of you.

Stay on guard: Identity theft can happen to anyone

2008-04-07T07:09:00.002-10:00

By By Kathy Aney
The East Oregonian

Erica Sandoval knows firsthand that just about anyone is vulnerable to identity theft. Sandoval of the Hermiston Police Department trains the public about how to thwart criminals as the department's crime prevention officer. But being an expert in crime prevention and criminal behavior didn't save her from becoming a victim.

One day, Sandoval noticed a couple of strange withdrawals on her bank statement. "The first was a $12 charge from a make-believe company," she said.A subsequent charge increased the damages to $210 before she noticed the withdrawals. "They were quick about it - both withdrawals happened within a week's time," she said. "I can only imagine, if I hadn't caught it, it would have continued."

Sandoval was savvy enough to monitor her statements closely and alert her financial institution. She caught the fraud quickly and her bank replaced the cash. But sometimes it doesn't work out that way. If a thief gets ahold of your personal information, they can rack up huge bills that can become your responsibility and threaten your credit rating.

Identity theft comes in many forms. Shoulder surfing, skimming, phishing and dumpster diving - they are some of the myriad ways identity thieves separate you from your hard-earned cash. Shoulder surfing happens when someone looks over your shoulder to see your personal identification number as you type it in at an ATM. Skimmers use electronic devices that record data from the magnetic strip when a person swipes their debit or credit card and transmit the information to another location where it is re-encoded onto fraudulently made credit cards. Dumpster divers rummage through trash looking for bank and credit card statements and pre-approved credit card offers. Phishing is posing as a bank or other business and requesting personal information such as one's date of birth or social security number. E-mails sometimes direct the person to a certain Web site that has no connection with the business but looks genuine.

Identity theft, however, isn't limited to the old favorites. The manager of a Subway restaurant in St. Helens recently was charged with 40 counts of identity theft when she allegedly stole employment applications from Subway and gave them to a man accused of stealing identities. Sandoval said the Hermiston Police Department sees plenty of identity theft, mostly in the form of check fraud. Thieves sometimes cruise mailboxes, stealing checks and altering them using a technique called check washing. "They're able to wash the written ink down to where they can write over it," she said. "They can write it out to whomever and for whatever amount they want. "The check thieves sometimes are fairly brazen. "They'll go to merchants who don't routinely ask for identification and write checks," said Rita Rosenberg, vice president of operations at Pendleton's Columbia River Bank. Sometimes they even make checks out to themselves and deposit them into their personal accounts.

Sandoval and Rosenberg both urged people with public mailboxes to use extra caution. "You can have checks mailed to your financial institution and pick them up there," she said. People can make it tougher for thieves by having only the minimum information printed on checks. There's no need, Rosenberg said, to have driver's license numbers or social security numbers on checks. "Make the merchant ask for your driver's license number," she said. Don Daggett, senior vice president at Banner Bank in Hermiston, admonished against keeping Personal Identification Numbers (PINs) in wallets or next to your computer at home. "Don't keep your PIN number on a sticky note on your computer or written on your blotter or tucked under your keyboard," he said.

All three experts recommended careful monitoring of checking accounts, keeping PINs to oneself and checking credit reports. Prevention, they agreed, is preferable to cleaning up the damage later. "It takes a person at least - at the minimum - 30 hours to clean up the smallest identity theft," Sandoval said. Large ones can take months of forms, telephone calls and hair pulling. HPD's Web site has a downloadable "Identity Theft Victim's Packet" with forms to fill out and advice about who to call and things to do, such as closing accounts. It also advises what documents to gather in order to start an investigation.

Sandoval's fraudulent debit card charge is a fairly common type of identity theft and usually involves a small electronic charge followed by a larger hit. Often, it happens fast, but not always. "Sometimes they'll wait four or five months before they make their next move," Rosenberg said. If you notice something amiss, Rosenberg said, do what Sandoval did. "When you see that first small charge go through, cancel your card and let your financial institution know. "If you do find yourself the victim of identity theft, you can take a certain amount of solace in knowing you aren't alone. Consumer Sentinel, which tracks identity theft for the Federal Trade Commission, received more than 800,000 fraud complaints in 2007 and 32 percent of those were identity theft complaints. The majority of the complaints involved credit cards and most involved electronic funds transfers. Metropolitan areas reported a higher rate of identity theft activity with Napa, Calif.; Madera, Calif.; and Greeley, Colo.; with the highest rates per capita.

Identity Theft Leads to Child-Porn Arrest Nightmare

2008-04-05T07:00:00.002-10:00

By Marc Sigsworth

With ID fraud on the rise, the assumption is you'll lose money which can be claimed back. But Simon Bunce lost his job, and his father cut off contact, when he was arrested after an ID fraudster used his credit card details on a child porn website.

Simon Bunce used to be a keen internet shopper, delighted to escape the hordes and have goods delivered to his door. Wary of fly-by-night operators, he bought only from big name retailers with secure websites. But then, four years ago, he was astonished to find himself embroiled in Operation Ore, the UK's largest ever police hunt against internet paedophiles. He was arrested on suspicion of possession of indecent images of children, downloading indecent images of children and incitement to distribute indecent images of children. Hampshire Police took away his computer and data storage devices including flash drives, CDs and floppy disks, as well as examining the computer and storage devices that he used at work.

The effect was devastating. When his employers became aware of the reason he had been arrested, he was abruptly dismissed from his £120,000 a year job, and close members of his family disowned him. "I made the mistake of telling my father, and he cut me off," Mr Bunce says. "He then told all my siblings and they also cut us off." Suddenly deprived of his income, Mr Bunce had to consider selling the family home. But his wife, Kim, stuck by him, and supported his mission to clear his name.

Mr Bunce knew he was innocent - he had never downloaded indecent images, and so he knew that the police would not find any evidence on the computers or storage devices they had taken away. But the police's computer technicians take several months to examine these, and Mr Bunce could not afford to wait to repair the damage done to his reputation. "I knew there'd been a fundamental mistake made and so I had to investigate it."

Identity fraud occurs when personal information is used by someone else to obtain credit, goods or other services fraudulently. Recent surveys suggest that as many as one in four Britons have been affected by it. In 2007 more than 185,000 cases of identity theft were identified by Cifas, the UK's fraud prevention service, an increase of almost 8% on 2006.

Operation Ore targeted suspected paedophiles believed to have been downloading indecent images of children, those whose credit card details had been used to buy pornography via an American portal called Landslide - the gateway site and central credit card handler for hundreds of websites.

Hundreds of successful prosecutions ensued, with extensive media coverage given to high profile suspects, including actor Chris Langham of The Thick of It. As Landslide was based in the United States and under investigation there, Mr Bunce was able to use the US Freedom of Information Act to obtain a complete copy of all of the relevant material, including databases, access logs and credit card information, together with detailed information of the webmasters, which allowed him to find out how his credit card details had been used.

Each computer has a unique internet protocol number, or IP address, which identifies the specific computer and its geographic whereabouts whenever it is used to access the internet.
Mr Bunce discovered that the computer used to enter his credit card details was in Jakarta, Indonesia, and the date and time that his credit card details were entered onto the Landslide website was at a time when he could prove that he was using the same card in a restaurant in south London.

"I can't be in two places at once, so somehow my data had got to the man in Indonesia."
He was also able to discover that his credit card details had been obtained from a popular online shopping site, but he doesn't know how these came to be in the hands of a criminal.
The man responsible for using his credit card details hid behind the online name "Miranda" - a webmaster who hosted and produced pornographic websites and received a commission from Landslide for subscriptions to his website which were paid by credit card. "Miranda" had used Mr Bunce's credit card details - without his knowledge - to take out a subscription to one of his websites.

In September 2004, the police told Mr Bunce they would not proceed with any action against him. They had not found indecent material, and accepted that it wasn't him who had entered his credit card details on the Landslide website. It took another six months before he got another job, earning a quarter of the salary he'd earned before his arrest. Mr Bunce has also reconciled with his family, having explained to them how he came to be implicated and then cleared. Are bygones bygones? "I've forgiven them [my family] - there's no point in bearing a grudge."

Four years on, he is bringing a High Court action against the shopping website for allowing his personal details to be compromised. So no more internet shopping? "No, no, no. Once bitten, twice shy," says Mr Bunce, who now sells encryption services. "I wouldn't say that I live in the cash economy now, but I'd rather go to the bank to withdraw money to buy petrol, as you hear of card details being harvested at garages. I'm paranoid about data security. I shred everything, I never use credit cards anymore.

"Being arrested and accused of what is probably one of the worst crimes known to man, losing my job, having my reputation run through the mud, it's a living nightmare."

Marc Sigsworth is the producer of BBC One's Identity Fraud: Outnumbered.

Keep an Eye on Your Medical ID

2008-03-24T06:56:00.002-10:00

By Michelle Andrews U.S. News and World Report

If identity thieves were to disregard your financial accounts and instead target your medical information, your first thought might well be, "Take my medical identity. Please." What nut would want your high cholesterol, trick knee and family history of Alzheimer's? The answer is simple: One without health insurance who needs surgery or prescription drugs, or someone who sees a medical ID as the open sesame that will allow him or her to collect millions in false medical claims.

Untangling the mess is hard. Unlike financial identity theft, there's no straightforward process for challenging false medical claims or correcting inaccurate medical records. Medical identity theft currently accounts for just 3 percent of identity theft crimes, or 249,000 of the estimated 8.3 million people who had their identities lifted in 2005, according to the Federal Trade Commission. But as the push toward electronic medical records gains momentum, privacy experts worry those numbers may grow substantially.

Microsoft, Revolution Health and Google have announced they're developing services that will allow consumers to store their health information online. Consumers may not even know their records have been compromised.

In February, Democratic Reps. Ed Markey of Massachusetts and Rahm Emanuel of Illinois, with support from several privacy groups and Microsoft, introduced a bill that would strengthen safeguards protecting access to consumers' medical information and make it a federal requirement to notify patients if their health care data get exposed.

Brandon Reagin didn't realize someone had snatched his medical identity until his mother called to tell him he was the lead suspect in a car theft in South Carolina in 2005. The 22-year-old Marine had lost his wallet more than a year earlier while celebrating with friends after completing boot camp at Parris Island, near Beaufort, S.C. After his training, he was posted to California. But in South Carolina, Reagin lived on, as an impostor used his military ID and driver's license to not only test-drive new cars and then steal them but also to visit hospitals on several occasions to treat kidney stones and an injured hand, running up nearly $20,000 in medical charges. Reagin found out about the unpaid hospital bills when he asked for a credit report following the car theft. Reagin got nowhere with local police, but with the help of a state senator, he finally connected with the U.S. attorney's office in South Carolina. Staff there notified the Secret Service, and Reagin's doppelganger, a 30-something guy named Arthur Watts from a tiny Midlands town called Blythewood, was eventually arrested. Watts pleaded guilty to identity theft and is awaiting sentencing.

But there's another potential problem: The hospitals Watts used may have medical records in Reagin's name for treatment he never received. And if those medical records someday become electronically linked to one big nationwide health information network, as envisioned by the Bush administration, some privacy experts worry it may be impossible to find and correct the errors once they percolate through the vast interconnected system.

Victims of financial identity theft have a much clearer path to recovery than those whose medical identities are stolen. If someone swipes your wallet and goes on a spending spree, you can ask any of the three major credit bureaus for a free credit report, place a fraud alert on your account and get inaccurate charges expunged. With medical identity theft, it's not that simple. In the first place, your records are most likely scattered among many different providers, and there's no medical records clearinghouse that keeps them.

Ultimately, no matter how sophisticated the technology or diligent the health care provider, patients themselves may be the best first line of defense against medical identity theft.
"Most of the time, these problems are consumer reported," says Byron Hollis, managing director of the national antifraud department for the Blue Cross Blue Shield Association. "They know what procedures they did or didn't receive."

Been breached? If you know, or even suspect, that your medical identity has been stolen, take these steps now:

• Get a copy of your medical records from health care providers and review them to make sure they're consistent with treatment you've received.
• Ask your insurer for copies of all "Explanation of Benefits" statements for the past year. (You may be able to get them online.) Review these for accuracy, too.
• Get a free copy of your credit report from one of the three credit bureaus. (Through AnnualCreditReport.com, you can obtain a free report once a year from each of the three companies.) Sometimes collection notices for unpaid bills alert victims to theft.
• File a police report if you're a victim. It may encourage providers and your insurer to correct your records promptly.

Identity Theft Still Going Strong in the U.S.

2008-03-22T06:46:00.002-10:00

Identity theft continues to be a major problem in the United States. The FTC recently released a list of the top consumer fraud complaints in 2007, and identity theft is still the number one consumer complaint for the eighth consecutive year thanks to the 258,427 complaints filed last year. Identity theft occurs when someone uses your personal information, such as Social Security number or credit card without your permission to commit fraud or other crimes, according to the FTC Identity Theft website.

Fraudsters will use stolen information to obtain a credit card, rent an apartment, purchase goods online, and even withdraw money from a bank account, and sadly, you won't find out about the crime until it's too late. The worst part is that identity theft victims are left to clean up the mess alone, which can sometimes take months, even years depending on the damage.
How did they get my information?

There are plenty of sites (including this one) that frequently warn the public against the different types of phishing scams. Clever thieves will stop at nothing to get account information electronically, or physically by stealing a victim's mail. But sometimes, no matter what you do to protect yourself, the reality is the integrity of your identity relies on the security measures taken by merchants you deal with.

Sophisticated identity theft rings aren't wasting their time with petty phishing scams, they're going after the big guys. Their targets are now retailers, banks, schools, government agencies, and other companies with data banks that host millions of credit card and debit card numbers, as well as identity records. How scammers acquire this information varies, but we've all heard of the occasional missing laptop or retail hack job that compromised millions of account numbers.

What's infuriating, as Bob Sullivan points out, is that card associations like Visa and MasterCard are the first to notice when a large block of account numbers are stolen, yet for whatever reason, they won't reveal the name of the compromised retailer to banks or the public immediately. This means it may take months before a victim realizes their account information has been stolen, which gives identity thieves plenty of time to do more damage.

Fed up with the lack of identity theft reporting by lending institutions, Chris Hoofnagle, a researcher at the University of California at Berkeley, conducted a study that reveals which institutions had the most identity theft incidents. After analyzing over 88,000 complaints submitted to the FTC over a three month period, Hoofnagle found that Bank of America, AT&T, and Sprint had the highest number of identity theft complaints, while Macy's Comcast, and DirectTV had the least number of incidents. He admits the study is not perfect, but it's a good first attempt at getting lenders to disclose more information that would help consumers choose safer institutions.

What can I do to protect myself?

Research like Hoofnagle's could greatly benefit consumers, because it would give us a better idea of who to deal with in the future. Until then, I recommend you take a few safety measures of your own to protect your identity. Here are a few tips:

Buy a shredder, and shred any junk mail that has your name on it before you throw it away. Keep a lock on your mailbox if you can, or get a P.O. box. You might also want to take your name off any junk mailing list.
The best thing to do is to monitor you bank and credit card transactions regularly. Some banks offer daily alerts that notify you every time a transaction was made over a certain dollar amount.
Request a copy of your credit report semi-annually or annually if you can.
It's important for all victims of identity theft to report any discrepancies immediately after they happen to minimize the damage.
Always use your home computer when conducting online transactions.

From http://tech.yahoo.com/blogs/hughes/25149

Woman, 79, Sentenced for Social Security Fraud

2008-03-19T06:37:00.001-10:00

**From The Honolulu Advertiser, March 18, 2008**

A tax auditor who pleaded guilty to Social Security and theft offenses was sentenced Monday in Honolulu by a federal judge to five years probation, six months home detention, and ordered to make restitution of $46,000.

Seventy-nine-year-old Patricia "Pat" Pendleton, also known as Patricia Blackburn and Patricia Uehara, set up two different identities and Social Security numbers in order to receive pensions resulting in an overpayment of about $50,000 between 2002 and 2006, according to the U.S. attorney's office for Hawai'i. Pendleton was paid widowers benefits from her marriage to a deceased former wage contributor to the social security system that were electronically deposited into a bank account. She also received benefits under a fictitious name and falsely acquired Social Security number based on her own wage earner contributions that were electronically deposited into an account at another bank.

The Social Security Administration discovered the fraud in an investigation targeting beneficiaries receiving multiple benefits under fake identities and/or multiple Social Security numbers.

Pendleton, a former tax auditor for the state of Hawai'i and private industry here, started using a fraudulent identity and falsely acquired Social Security number in the 1960s and began collecting benefits in the late 1980s and early 1990s while she was in her 60s. Pendleton, who was indicted by a federal grand jury in August 2007, was sentenced by Chief District Judge Helen Gillmor.

What is Identity Theft?

2008-03-10T06:38:00.002-10:00

Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.

The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft. The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not find out about the theft until you review your credit report or a credit card statement and notice charges you didn’t make—or until you’re contacted by a debt collector.

Identity theft is serious. While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record. Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit.

How long can the effects of identity theft last?

It's difficult to predict how long the effects of identity theft may linger. That's because it depends on many factors including the type of theft, whether the thief sold or passed your information on to other thieves, whether the thief is caught, and problems related to correcting your credit report.

Victims of identity theft should monitor financial records for several months after they discover the crime. Victims should review their credit reports once every three months in the first year of the theft, and once a year thereafter. Stay alert for other signs of identity theft.

Don't delay in correcting your records and contacting all companies that opened fraudulent accounts. Make the initial contact by phone, even though you will normally need to follow up in writing. The longer the inaccurate information goes uncorrected, the longer it will take to resolve the problem.

What can you do to help fight identity theft?

A great deal. Awareness is an effective weapon against many forms identity theft. Be aware of how information is stolen and what you can do to protect yours, monitor your personal information to uncover any problems quickly, and know what to do when you suspect your identity has been stolen.

Armed with the knowledge of how to protect yourself and take action, you can make identity thieves' jobs much more difficult. You can also help fight identity theft by educating your friends, family, and members of your community.

Get Educated and Protected!

2008-03-09T11:23:00.002-10:00

Aloha everyone. As the old saying goes, "The best defense is a good
offense." Make sure you are up to speed with the threats of identity theft. Be
aware that we are all very vulnerable to this menacing crime. You must realize
that only about 25% of identity theft is financial. What about medical
identity theft? Character identity theft? Social security number identity theft?
Drivers license identity theft? This is a serious and growing epidemic that is
not going away. What is the solution? Here is a list of things you should
do:

Protect your personal information
Check your credit report and score
Subscribe to a credible credit monitoring service

If you have any questions, feel free to contact me at (808) 245-3539 or visit our website at www.mplss.com.

ID THEFT NOT ONLY FINANCIAL!!

2008-02-17T12:07:00.000-10:00

Across the country, the threat of identity theft continues to climb. Lawmakers at every level are introducing legislation aimed to slow down these identity thieves. These measures propose stiffer penalties, more uniform reporting procedures, as well as better communication between retailers and consumers.

Identity theft is the fastest growing crime in the United States. According to a report released in January 2006 by the Federal Trade Commission (FTC), identity theft constituted 37 percent of all fraud complaints in 2005. Defined as the deliberate assumption of another person’s identity, you most commonly hear about identity theft related to financial gain. However, only 28 percent of the identity theft complaints reported to the FTC have to do with financial or credit fraud. What does this mean? Simply that these thieves are becoming increasingly creative with the way they use your personal information.

There are five major types of identity theft affecting individuals. They are: Driver’s License Identity, Medical Identity, Social Security Number Identity, Character/Criminal Identity, and Financial/Credit Identity. From using your medical benefits to enabling illegal immigrants to more insidious crimes – identity fraud criminals are continually inventing new ways to use stolen information.

No one is immune. An experienced thief can assume your identity and ruin your credit and your reputation. It is essential that all of us become vigilant in the protection of our personal information. How do we do this? First of all, it is also imperative that everyone obtain a free credit report from www.annualcreditreport.com as soon as possible. From this website, you can get a free copy of your credit report from each of the three credit reporting bureaus. Next, you need to be very careful with giving out personal information about your self. Now remember, identity thieves are not only looking for financial or credit information. As I mentioned earlier, on 28 percent of all identity thefts reported were financial/credit related. Any information can be used by the identity thief. Do not give out any information unless it is necessary. If you find that you are a victim of identity theft, immediately call your local police department. From this point, you can expect a turbulent and stressful experience in the restoration of your identity.

The grim reality is that identity theft is here to stay. Everyone must be aware of the effects of identity theft. We must all be extremely protective of our identities. We only have one, and when it gets into the hands of an identity thief, the result can be devastating. In addition, the time to correct the problems caused by this horrible crime can be years. Be aware and be careful.

Mel Rapozo is a licensed Private Detective on Kauai and a Certified Identity Theft Risk Management Specialist. He has been researching Identity Theft for the last four years, and has conducted free seminars and workshops throughout the state. For more information on identity theft, or to inquire about a free workshop or seminar, call (808) 245-3539 or toll-free at (800) 306-3063.