Archive for July, 2010
Data breaches are making headlines – how can you protect your customer’s information?
Forty-six states have now enacted data breach notification laws, whereby businesses must contact consumers to advise when personal data is lost or stolen. Laws also exist in the District of Columbia, Puerto Rico and the Virgin Islands. The remaining states are expected to also enact such laws.
But why are they necessary? Because breaches happen, and because those who are affected have a right to know that their sensitive data has been breached so that they can take action to protect themselves.
The number of incidents of data breach seems to be on the rise. Why is this? Being that most of them originate with human error, it seems likely that a combination of lack of awareness, lack of education, sloppiness and poor decisions are the reasons.
High profile breaches seem to happen on a constant basis. Among the new ideas in data protection is the banning of physical transfer of data. But it all seems to come down to one thing: training people in the proper handling of data and subsequent exercise of care. In other words, employees must show constant awareness of what they are doing, what they are putting where, why, when and how.
The culture of your organization will help you determine how to protect your customer’s information. It all boils down to electronic culture – knowing what you’re doing with electronic data and what that electronic data produces, such as paper and other physical records and repositories, or anything that can store and transport data. Policy, education and training can all lead to control.
Does your company conduct regular training sessions? You may want to include, on a regular basis, training on protecting the personal information of your client base.
Don’t let your company’s good standing be mauled by a data breach. The fallout – loss of trust, loss of reputation and reparations – can be huge.
In November 2009, Javelin conducted telephone interviews with more than 5,000 U.S. consumers to identify and track the methods used by criminals and the impact of identity theft on American consumers and businesses. Almost 4,800 U.S. adults were surveyed.
The survey reinforced the idea that consumers can learn ways to prevent identity theft and play a key role in detecting and resolving identity fraud committed against them. The report found that more consumers are pursuing legal action, with nearly 50 percent of all victims filing police reports. Increased consumer awareness of ways to prevent identity theft has empowered consumers to fight back, leading to more arrests, prosecutions and convictions. More consumers than ever before are actively monitoring their credit and financial accounts for suspicious activity and fraud and are acting faster when identity theft is detected.
Although the latest survey by Javelin Strategy and Research showed that the average cost to consumers of identity fraud cases fell in 2009, what consumers really want to know are some of the ways to prevent identity theft in the first place. The study reveals that there are ways to prevent identity theft. Increased vigilance by consumers, businesses and government agencies already appear to be having an impact on the identity theft problem. Many organizations, especially banks and financial institutions have started offering fraud monitoring services, which can sometimes detect account access and payment anomalies, as well as dispute resolution and identity theft education programs, in most cases offering these services free to customers. Mobile banking solutions allow account monitoring, alerting customers in near-real-time of account activity and possible fraud. These partnerships and increased activism on the behalf of consumers resulted in consumer out of pocket costs dropping to an all-time low of $373 in 2009.
- Eliminate as many paper statements as possible by requesting electronic statements
- Use post office boxes to mail payments rather than placing mail containing checks in an unlocked mailbox
- Secure all documents containing personal information such as social security numbers or account numbers in a locked storage box
- Purchase and use a paper shredder.
- Install anti-virus software on your computer and keep it updated
- Be sure to password protect any files that contain personal and financial records using unique or hard-to-guess passwords
- Don’t ever give out personal or account information on-line or over the phone
- Don’t publish your personal information on social networking sites such as Facebook.
- Check your bank and credit card activity periodically for transactions you don’t recognize or remember – and sign up for alerts whenever possible.
- Utilize an identity theft protection service to help detect the fraudulent establishment of new accounts in your name. Identity thieves are increasingly using stolen information to open new credit card accounts, on-line and e-mail payment accounts and cell-phone accounts.
If you’ve received a confirmation in the mail of your change of address – and you haven’t moved – consider it a tip that you’ve become a victim of identity theft.
This type of scam is becoming more and more common, and it’s easy to do. Scammers first obtain a change of address form from a local post office. Then, using information as simple as mail they’ve swiped from your mailbox or the phone book, they submit a change of address. Soon, all your mail comes to the thief, giving him all the information he needs to steal your identity and ruin your credit.
But the U.S. Postal Service does sort of help you out in this circumstance. When a change of address is submitted, the USPS sends a verification letter to both the old address and the new one. The letter will instruct you to contact the post office if the change is inappropriate. If you receive such a letter and you didn’t request a change of address, contact the post office immediately, The local postmaster will forward your mail if you don’t tell him or her to do otherwise.
This scam has happened all over the country, but there have been a multitude of cases reported in New Mexico and Texas.
Some tips to remember:
- If you receive mail at your home, pay attention if you don’t get any mail for more than a couple of days, even if other people at your home are getting mail. A change of address does not necessarily redirect mail for everyone at a particular address.
- Consider mailing your letters and bills from a secure public mailbox or at the post office, rather than from your home mailbox.
- Pick up your mail as soon as possible after it arrives at your mailbox. Don’t leave it sitting in the box overnight.
- Consider purchasing a locking mailbox.
Synthetic identity theft is fraud that is committed using a completely fabricated identity, as opposed to a stolen one. It’s widely regarded as one of the most prevalent forms of identity theft.
In this particular type of identity theft, the perpetrators literally create new identities, either by combining real information with fake information to establish new accounts with fictional identities, or by creating a new identity from completely fake information. Typically the thieves use a real Social Security number and combine it with a name other than the one associated with the number. The combination doesn’t often show up on the consumer’s credit report.
While there are no reliable figures documenting losses from synthetic identity theft, some experts estimate that these schemes constitute at least 20 percent of credit charge-offs, and 80 percent of losses from credit card fraud.
Synthetic identity theft is elusive because the individuals whose information was used may never become aware of the crime, and those who do rarely report it to law enforcement agencies because the combination of the name, address and Social Security number in the particular incident doesn’t correspond to one particular consumer.
In this type of theft, creditors are the hardest hit, but consumers are affected in three ways:
• Consumers partially pay for it. Creditors may bear the brunt of it, but they do often pass on this cost to consumers.
• Debt collectors could come after innocent consumers based on the use of Social Security numbers. Creditors could ignore the fictitious name and pursue the real individual attached to the number. Collection agencies have the capability to perform “Social (Security) searches” on numbers to find current addresses on delinquent debtors.
• Synthetic ID fraud creates file variations at the credit bureaus. This means that any information in another credit file, good or bad, can be linked to a consumer’s file.
How can you avoid becoming a victim? Check your credit report. Look for accounts that don’t belong to you. You’ll also want to check your mailbox, and look out for suspicious mail, such as change-of-address notices and credit offers with significant variations of your name.
Make sure to monitor your Social Security number. You can use services that look for illegal activity on your personal information, but pay special attention to monitoring just your number, so that you are notified of any suspicious activity using your number.
Identity theft is a complex crime. It usually starts with some grain of information about you, and a thief will use that grain to obtain another one, and another one, etc. Once he’s got enough information, the thief will be able to impersonate you, gain access to your credit accounts and create havoc in your life.
The key to preventing identity theft is to pay attention to the details, such as what you carry in your wallet and how you create passwords. These can make all the difference in the world when it comes to preventing identity theft. Passwords, in particular, can be a huge factor.
Your passwords online really are the key to your identity. Behind the passwords is personal information that’s worth a fortune to the right buyer. If you’re protecting that information with your date of birth, your child’s date of birth or your anniversary, you’re not as protected as you could be.
When creating your password, be sure to use letters and numbers; at least eight characters. Don’t use whole words. One of the best ways to create a strong password is to think of a phrase that can be represented numerically. Think in terms of personalized license plates.
Avoid sequences and repeated characters. Longer isn’t better if the letters and numbers you use are sequential or repeated. Use the entire keyboard when creating your password, and include symbols.
And finally, don’t use the same passwords everywhere. Even a strong password is useless if it’s cracked. Create a different password on every Web site that you access, even though it’s a lot of work.
But making things harder for identity thieves is the name of the game when it comes to the safety of you and your family.
Many internet bloggers and commenters have expressed their dislike for identity theft protection services that offer ways to help you protect your credit. One question for them is: do you actively protect your own identity?
Commenting that you don’t want to pay for a service that helps to protect you is fine. Many can do their own hair, but prefer to pay someone at a salon to do it for them. Many know how to change their own oil, yet they prefer to pay someone to do it for them. It’s the same with identity theft protection, only many do not know how to protect their identity on their own or are not aware that they should.
Advice to shred sensitive documents before discarding, keep sensitive information in a locked place, etc is extremely helpful and useful. However, no matter where you keep sensitive information or how you discard of it, companies and agencies are still likely to have your social security number, driver license number and more in their data files. These files can be accessed by dishonest employees and computer hackers.
What have you done to protect your own identity in this regard? Do you check your credit report, card statements regularly? Do you check for any loans or accounts opened in your name or address changes in your name that you did not personally authorize? Do you know how to find out whether someone has filed a change of address in your name?
This is why many people chose a service like LifeLock to protect them. Read thoroughly through the list of benefits that this company can offer and then decide for yourself whether you still choose to decline paying for a service that can help you.
A woman, who was employed as a police officer in Daytona Beach, was arrested last week for “uttering a forged check” and other charges. The Volusia County Headlines Examiner notes that Annie R. noticed on her credit report that an automobile was purchased in 2007 in her name. She was denied a loan in March of this year, which prompted her looking into her credit report. A Daytona Beach arrest report notes that $32,000 loan was given in the name of Ms. Robinson and her granddaughter, who is a Daytona Beach police officer.
Many don’t take into account that fact that family members, who have access to personal information, might use their identity to get a loan. Many identity thieves use their family members as bait, especially if they know that the person does not often check their credit report or would not otherwise be aware of the fraudulent loan. Many don’t feel they will ever be caught stealing the personal identity of a family member.
It is good to always be aware of how you store and use your personal information. Who has access to it in your family that might be in desperate need of money or a loan?
Check your credit report often for any fraudulent activity. If you find that accounts were opened in your name that you were not aware of, report this to the proper authorities immediately.
Consider using a proactive identity theft monitoring service, that can alert you if new credit is issued in your name. Representatives can also be extremely helpful to you if you find that you do become the victim of identity theft and you are a member of an identity theft protection service.
There are so many stresses that are associated with travel: making sure that everything is packed, hoping that all arrangements for flights and accommodations have been taken care of adequately and being sure that you have access to the fund you will need to take your trip.
The Identity Theft Resource Center offers many tips that travelers will find valuable and helpful to review prior to traveling, whether business or pleasure. These tips include many facts that travelers never consider, and should be taken seriously:
-Do not carry checks and bills with you on your trip. Pay your bills at home prior to leaving for your trip or upon your return. They can easily be lost or stolen during travel, especially if stashed away in your hotel room while you visit the pool, local sight seeing, etc.
-Carrying credit cards is much safer than carrying debit cards. Debit cards can be used as credit (requiring a signature and ID when applicable) and can be PIN activated, so that no signature or ID are required. This is an identity thief’s dream, so avoid using them when possible. Debit cards are often PIN activated in a public area and it is easy for someone to look over your shoulder and get the PIN number to the card. Also, these are directly linked to cash in your bank account and can cause you to lose all funds if the account is accessed.
-Be sure that you carry as little information as possible. It is not normally necessary to carry your social security card, more than one credit card, checks, health insurance cards and identity information of family members not with you, etc.
-Have photocopies of all important documents in case you need the information contained on them to report them lost or stolen and keep them in a separate place from your wallet. This will prove helpful when you are reporting any lost documents to the police.