March 3, 2015
Jackie here. How many credit cards are in your wallet? A new service called Plastc hopes to replace your many cards with just one. They offer a high tech credit card alternative that stores all of your card information in one place. Let’s take a look at some of the features.
What is Plastc?
Plastc is a one card solution to all of your cards. It can be programed to act as a credit card, debit card, security access card, gift card, and loyalty card. Once your cards are entered into the device (it can currently hold 20 cards), you can access them using the touchscreen display. The card has a magnetic stripe (like your credit card) and a barcode display. It also has NFC and Chip and PIN capabilities. It can be used with all credit cards including Visa, Mastercard, and American Express. Plastc also tracks account balances and spending.
Plastc isn’t just convenient. The creators hope to increase the security of your cards as well. The card uses a secure PIN entry to unlock the card before purchasing. Proximity alerts let you know if you ever leave your card behind. If the card is lost, it can be remotely wiped to protect all of your information.
Cards are available on pre-order right now and cost about $150 each.
Plastc is a neat idea and we’re excited to see how it works out. There is no guarantee it will boost your credit card security but the possibilities are promising. Would you be open to using such a card if it meant enhanced security?
February 26, 2015
Jackie here. ITRC president Eva Velasquez recently shared some ID theft tips we can all take advantage of. Often it’s the little things you do that make the biggest difference in keeping your identity safe.
Password Protect Your Phone- Is your phone password protected? If you haven’t taken the time yet to set up this simple, but essential identity protection, stop reading and go do it. Setting up a password just takes a few minutes and can keep your personal information safe should your phone be lost or stolen.
Keep Your SSN to Yourself- When companies ask for your Social Security Number, ask them why. In many instances, they don’t actually need it. What should you do when asked for your SSN? Eva Velasquez offers a simple solution, “You are free to tell the company that you do not give out your Social Security number, and that you’ll be happy to provide different information, such as your phone number or address.” In certain instances, however, companies do need you SSN to provide you the services you request.
Take Your Mail to the Post Office- Don’t drop that tax form or check into the mailbox outside of your house. Take it to the Post Office instead. If you’re mailing anything that contains personal information (including checks, health insurance statements, and tax documents), send it directly from the Post Office.
Change Your Password- Change your passwords often and while you’re at it, make sure you’re choosing strong ones. Hint: your birthdate or address is not a good choice.
File Your Taxes Early- We’ve told you before and we’ll tell you again, file your taxes as soon as possible. If you’re waiting to file, remember that the thieves are not. “If a thief gets there first, your legitimate return will be rejected for having a return already filed under your Social Security number.”
Take these 5 simple steps today for a safer identity.
February 20, 2015
Jackie here. Is your job hunt putting you at risk for ID theft? The internet has certainly changed the way we find and apply for jobs, both for the good and potentially the bad. The convenience of being able to submit applications online also gives thieves a convenient way to steal information. What can you do? Keep reading for some identity protecting job search tips from the Identity Theft Resource Center.
Carefully Screen Opportunities
In job hunting as well as in life, “If it seems too good to be true, it probably is.” If you see a job offer that offers great pay with little to no effort, its likely a scam. Some thieves use fake job postings to solicit identity information (like name, address, Social Security Number, etc.). If you see a suspicious job posting, contact the company doing the hiring directly and make sure the job is legitimate before you put in an application.
Don’t Provide Bank Information
Never provide your bank account information as part of the job interview process (even after hiring, your employer only needs this information to set up direct deposit if you plan to use it). Jobs that promise to pay you for cashing checks or managing money transfers through your own accounts are almost always scams; avoid them.
Offer First, SSN Second
Be very careful when providing your Social Security Number to a potential employer. You don’t need to provide it with the initial application. If a SSN is needed (for a background check or paperwork after hiring), provide it only after you have a job offer (or conditional offer).
Good luck on your job hunt! May your searches be identity theft and scam free.
Karen Taylor for AllClear ID
President Obama made an announcement that may carry implications for businesses when they are responding to data breaches in the future. At the office of the Federal Trade Commission on January 12th, he introduced the Personal Data Notification and Protection Act stating:
“Right now, almost every state has a different law on this (notification), and it’s confusing for consumers and it’s confusing for companies — and it’s costly, too, to have to comply to this patchwork of laws. So under the new standard that we’re proposing, companies would have to notify consumers of a breach within 30 days.”
The discovery of a breach would trigger what’s being called a “30-day shot clock” for notification. At first glance, this proclamation sounds effective. After all, the public deserves to know as soon as possible when their personal data has been compromised (so say supporters of the bill).
But like all governmental rulings, there are opinions on both sides of the issue. Some supporters feel that requiring companies to notify affected customers within 30 days provides consumers with more time to protect their identities and be on the lookout for fraud. Opponents of the bill, however, say that 30-day notification timeline presents challenges in some instances where the investigation phase takes longer. If a company is forced to notify customers with incomplete or inaccurate information, the response can become complicated and ineffective.
Let’s look at some of the pros and cons swirling around the industry.
Yea! — The 30-Day Rule Protects Consumers
CRM Daily reported the following: “We reached out to Rick Holland, principal analyst, Security & Risk Management, at Forrester, who told us that many companies don’t provide breach notification unless they are compelled to do so via regulatory means. He said that Obama’s proposal would address that issue. It would also reduce the extreme complexity of domestic breach notification laws … ‘A national breach notification law with a high-water mark would be a good step towards better protecting consumers.’”
Brian Krebs from KrebsonSecurity.com finds both benefits and risks in the 30-day ruling. “Depending on what is put in and left out of any implementing legislation, the effort could well lead to more voluminous but less useful disclosure … (however) a federal breach law could produce fewer yet more meaningful notices that may actually help prevent future breaches.”
Ney! — The 30-Day Rule Could Interfere with State Laws
In an article by The New York Times, experts weighted in with concerns about the 30-day national rule. “‘The problem is that the effect will likely be to pre-empt the stronger state laws,’ said Marc Rotenberg, the president of the Electronic Privacy Information Center, who favors disclosure faster than 30 days. ‘We want a federal baseline, and leave the states with the freedom to establish stronger standards.’”
NPR furthered this discussion. “The plan is intended to unify nearly four dozen disparate state data breach disclosure laws into a single, federal standard. But … much rides on whether or not any federal breach disclosure law is a baseline law that allows states to pass stronger standards.”
So what do you think? How will this ruling impact your breach preparedness plans?
Whether you fall on the side of yea or nay on this issue, one key take-away should be that having a proactive incident response plan in place will address every issue this bill is proposed to solve — by notifying consumers with the most accurate information in the swiftest time frame possible, and with an eye to abiding on all state and national requirements.
February 17, 2015
Jackie here. Every time I pop on Facebook, I spot a scam or two. Do you know a Facebook scam when you see one? Keep your eyes open for these red flags and use caution when you see an advertisement or offer on Facebook that looks suspicious. Make Facebook a place for friends and family, not falling victim to ID theft.
You aren’t going to receive free airline tickets just for sharing a post or receive money from a wealthy benefactor by clicking “like”. Free can be risky on Facebook. That doesn’t mean you won’t find the occasional giveaway on the site (many legitimate bloggers and companies use Facebook to spread the word about promotions), but when you do, be cautious. Remember, there’s a big difference between giving away one blender to a single winner and offering a free iPad to anyone that wants one. When in doubt, use caution before entering a contest of giveaway.
If a video promises the answer to becoming an instant millionaire, a sneak peak at a naked celeb, or a high speed car crash destined to be the next viral sensation, don’t watch it. Many of these videos are scams. Click on the video and you’ll be asked to download viewing software (complete with hidden malware). When you need that video fix, head to YouTube instead.
Don’t be fooled by offers to tweak your profile, change your Facebook background, or perform some other service to your account in exchange for your username and password. Your login credentials are yours and yours alone. Never share them with third parties.
Are celebrities sending you friend requests? It’s likely a scam. Choose your friends carefully and be very cautious when friending those you don’t know personally. Double red flag if this new friend asks you to send them money.
Facebook and other social network sites are great ways to stay in touch with friends and family, but that doesn’t mean they are 100% safe. Use caution when you come across offers that seem too good to be true, or when a distant friend asks you to send them money – these are likely scams. Which of these Facebook scams have you seen?
February 11, 2015
Jackie here. Are your cookies spying on you? I’m not talking about that box of chocolate wafers in the cupboard, but rather cookies that websites use to monitor the activity of site visitors. These cookies might not be seen, but that doesn’t mean they aren’t gathering your information.
What Are Cookies?
Do you need a refresher course about cookies? We’ve all heard of them, but how many of us actually understand what these cookies are gathering? We could all use a little reminder about cookies every now and again.
Cookies are small files that websites place on your hard drive. They basically act as an identifier (kind of like a name tag) that alerts the website to your presence and subsequent visits. Cookies aren’t necessarily bad; they bring a lot of convenience and functionality to the internet. Every time your shopping cart remains filled with items when you return to a site, that’s a cookie in action. Cookies also make it easier to use websites where you need to login. Without a cookie, you’d be forced to enter your password a lot more frequently.
Although cookies can be harmless and even helpful in some instances, they carry the potential to gather huge amounts of personal information about you. When you provide personal information to a website (to make a purchase for example) this can be paired with a cookie, letting the website know exactly who is visiting (both that time and each time you return). Cookies can also be used to monitor your web behavior, transmitting information about the sites you visit, the things you buy, etc. to advertisers and others.
Cookies and Your Privacy
Cookies have the potential to compromise your online privacy, but there are things you can do to increase your control.
Privacy Policies Are a Must- Are you reading your privacy policies? These important documents help you to know how your information is being used. This enables you to make smart choices about the websites that you choose to visit and the information you provide. Read privacy policies carefully and often (remember, policies can change).
Clear Your Cookies- Cookies do track your web behavior, but they can be removed (most can at least; some new cookies are unavoidable). You can clear your cookies easily any time you want a fresh start for your browser.
Learn about Your Options- To protect your data from cookies, learn about them. Here is a great resource for understanding cookies.
February 7, 2015
Jackie here. Let’s be honest; keeping up with passwords can be very challenging. Even after countless warnings, people still choose weak passwords to protect their important accounts. While this is not a safe practice, it is understandable as good passwords can be hard to remember. Twitter recently launched their potential solution to the problem, a unique sign in tool called Digits. Let’s take a look.
What is Digits?
Digits is a tool that app developers can use to bypass the password and make signing into apps easier. For users, they will be able to input their mobile phone number instead of a username and password to log in to apps that use this feature. A text is sent for authentication and sign up is complete.
Digits aims to make things easier for both app developers and users. Remembering your phone number is something you probably already do (no more complex passwords). Developers can tap into an easy method for authentication.
What Does Digits Mean for the Password?
Will Digits change the password? Right now Digits only impacts the a select few apps that it is affiliated with, but in time innovative password solutions like this could replace the standard combinations of letters and numbers that we use every day. Think about it… do you go anywhere without your phone? I don’t and I’m guess you don’t either. Mobile devices could someday be a great tool for identification.
There are some potential downsides to this feature, however. Mobile numbers are potentially easier to guess than your passwords. The addition of a verification text will help make this process more secure, but time will tell if Digits increases mobile security while making log-in details easier to remember.
Have you tried Digits? What did you think?
February 5, 2015
Jackie here. Tax season is upon us and for some people that means returns are around the corner. While you’re hard at work preparing your tax documents, thieves are busy too, filing returns and claiming refunds that aren’t theirs. How can you protect your refund this tax season? Here are some tips from Time to get you started.
File Quickly- If you haven’t yet started on your taxes, start as soon as you can. Filing quickly can protect your refund by ensuring that you file under your identity before thieves do. Waiting until the last minute to file can greatly increase your risk of tax identity theft.
Minimize Your Risk- How big is your refund? If you’re getting back thousands this year, you might want to change your withholding to reduce the size of your refund. This won’t protect you from tax ID theft, but will minimize the amount of money that you have at risk should you fall victim.
Protect Your Information- All thieves need to file a fraudulent refund in your name is your birthdate and SSN. Protect these numbers. When possible, have tax forms (like W-2s, 1099s, mortgage interest statements) sent to you electronically. At the very least, bring your mail in as soon as possible; thieves often steal tax forms out of mailboxes at this time of the year.
Get a PIN (when it becomes available)- The IRS is launching a pilot program where taxpayers can obtain a personal identification number (PIN) to protect their identities. This special number must be included on all tax documents. Right now the service is only available to those that filed a return from Washington DC, Florida, or Georgia last year or those that were victims of tax ID theft. Get your PIN here if you qualify. (Once you opt in, you can’t opt out.)
Don’t Use Public Wi-Fi to File- If you file online, use a secure computer and a secure network. Never use public Wi-Fi to file your taxes.
Avoid Scams- Tax themed scams are rampant this time of the year. Remember, the IRS isn’t going to call you on the phone – they communicate via snail mail. Be very careful with the sharing of personal information to keep your tax refund safe.
For more tips about protecting your refund, check out this article from Time Magazine.
February 2, 2015
Karen Taylor for AllClear ID
Judging by the success of increasingly high-scale attacks, it appears 2014 was a rewarding year for cybercriminals — and a rough year for the companies they targeted.
Further, malware with names like Heartbleed, Shellshock, and POODLE grabbed headlines while wrecking havoc in thousands of companies.
Adding to the challenges for the affected companies was a general lack of preparedness in responding to large-scale incidents.
Now, security experts are reporting their early-warning predictions for 2015 — and forecasting an equally rough year ahead, especially with ever-increasing sophistication of old and new versions of malware.
Are you prepared for what’s coming?
Forewarned is forearmed, as they say. So think of this post as an early-warning system about some of the leading malware threats that experts are predicting for the year ahead.
Hindsight is 20/20
Trend reports for 2014 show that it was a rough year for companies — with a growing number of malware types to block from consumer data. This growth trend foreshadows the continuing challenges we’ll face this year in keeping customer data safe.
“From new malware families to PC grade mobile malware, from persistent PC Trojans to cloud based criminal services – cybercriminals have been keeping busy with new and advanced techniques,” according to Security Intelligence.
“Malware banking threats are escalating in sophistication, and financial institutions and bank customers are at increased risk for loss of personal data and wire transfer fraud,” reported Bank Info Security. “According to a survey on data breaches conducted by Verizon in 2014, Citadel is the preferred banking malware among criminals for personal data information theft, while Zeus continues to be the favorite banking malware for stealing money from bank accounts.”
“The growth of malware appears unstoppable,” stated Spanish computer security company Panda Security. “In total, some 20 million new strains were created worldwide in the third quarter of the year (2014), at a rate of 227,747 new samples every day.”
Forewarned is Forearmed
Predications for 2015 are equally grim.
Global computer security software company McAfee predicts trouble ahead from many directions, including ongoing problems from the sophisticated Shellshock malware. “During the second half of 2014, we learned of the Shellshock vulnerability: a weakness in Bash, a command shell found on Unix, Linux, and OS X machines. It lets an attacker perform arbitrary commands on the victim’s machine, which makes it the most dangerous type of vulnerability — rated 10 out of 10 for severity by the U.S. National Vulnerability Database. We are just beginning to understand the scope of this vulnerability.” For businesses and consumers alike, the potential for further harm as a result of Shellshock will likely be a trend that surfaces in 2015.
Attacks are expected to increase from another type of malware spotted in 2014 called CryptoLocker, noted Panda Security. “CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases, photos, etc.) and blackmails the victim into paying a ransom to recover the files…” While this malware relies heavily on paralyzing victims into compliance with the threat of not being able to access files, preventative measures such as creating an external backup of all files can go a long way in preventing the success of such an attack. Nevertheless, many experts predict 2015 will be a big year for CryptoLocker.
According to security solutions company Kaspersky Lab, a malware called Regin was first mentioned at a security presentation in 2012. Regin is a cyber-attack platform which the attackers deploy in the victim networks for ultimate remote control at all possible levels. The platform is extremely modular in nature and has multiple stages.”
Shellshock, CryptoLocker, and Regin are only three of the millions of malware strains roaming the internet today.
Prepare to Mitigate Risk
No matter where threats to your business come from, effective breach preparation is still one of three critical actions companies must take, along with detection and prevention — to thwart and recover from anything the cybercriminals can throw at us. In today’s age of increasing cyber risk, it’s more important than ever for businesses to prepare to respond quickly and effectively to the inevitable data breach. A comprehensive and tested response plan will enable businesses to successfully navigate the constantly evolving cyber risk landscape in 2015 and beyond.
January 31, 2015
Jackie here. Is your password hackable? Often, your password is the only thing standing between thieves and your identity, but most of us aren’t choosing strong ones. Many times we choose passwords that are easy to hack (and easy to remember) and basically hand thieves the keys to our identities. If you want stronger passwords, learn about ways to improve the strength of your passwords and give it a shot. A stronger, more secure password is achievable.
Easy to Remember, Easy to Hack
Are you using your dog’s name as you bank account password? It is human nature to choose easy to remember passwords and hackers often prey on this tendency. Those super simple passwords are some of the easiest to hack. Avoid using common dates (anniversaries, birthdates), names of pets or family members, common words, etc.
While easy to remember passwords aren’t the best choice for your most sensitive accounts (like bank and financial accounts, health accounts, email, etc.), they can work well on accounts where sensitive information isn’t at risk. You don’t need a 16 digit password complete with symbols for every account. Choosing the easier to remember passwords for your less sensitive accounts may save some room in your memory for the complex passwords you need to protect your most important information.
Repeated Passwords- Hack One Get them All
Do you use the same password across multiple accounts? This common password tactic can lead to hacking. Banks and other financial websites often have heavy security that can be difficult to penetrate. Other websites probably don’t have the same level of security. Thieves often take the road of least resistance and breach those easier to hack sites to gain your login credentials to more lucrative, more secure sites. If you’re using the same password for your bank account and your favorite clothing store, you’re making a big mistake.
Making a few little changes to passwords from site to site is also a risky move. Hackers can often figure out the method you’re using and determine your password for other sites too. Never use the name of the website in your password.
You’re Using a Common Password
If your password appears on the list below, change it immediately. These passwords are some of the most common passwords at the moment (and none of them are a good password choice).
- 123456 (or its variations: 12345678, 123123, 87654321, 1234567890, etc.)
- password (or password + a number: password1, etc.)
- iloveyou (also risky: ilovejohn, etc.)
- adobe123 (or Microsoft, photoshop, etc.)
You’re Trying Too Hard
Technically the most secure passwords include upper and lowercase letters, numbers, and symbols, but not every good password has all of these elements. Length has a big impact on how easy your password is to crack. A longer, easier to remember password is often more secure than a shorter password even if it’s packed with symbols, numbers, etc.
To see how secure your passwords are (please don’t use your actual password, try similar passwords instead) try the free tool at howsecureismypassword.net. This password checker will tell you how long it would take a PC to crack your password using a brute force attack. The password mN1@6p would take about 52 seconds to crack while banana bubblegum would take 2 billion years. Which one is easier to remember?
January 26, 2015
Jackie here. It’s Tax Identity Theft Awareness Week. Tax identity theft is growing at astronomical rates (levels tripled from 2011 to 2012 and its just gotten worse from there). We all need to be on high alert for signs of tax ID theft. This week gives us all an excellent opportunity to think about our identities as we roll into tax season.
Help spread the word about Tax ID theft this week and keep your friends and family safe. Here are some simple things you can do in honor of Tax Identity Theft Awareness Week.
Attend a Webinar- Education is one of the best ways to protect yourself from all types of identity theft. On Tues. January 27th the FTC, AARP, and Treasury General for Tax Administration are teaming up for a great free webinar. Find the details here (webinar information is at the bottom of the page).
Share Some Tips- Are you on Facebook or Twitter? Sharing tax ID theft tips is an easy way to share this important message. Don’t worry; you don’t have to create the tips on your own. Use these from the FTC.
Start Working on Your Taxes- Filing early is one of the best things you can do to protect your taxpayer identity. Use this week to start gathering paperwork and crunching numbers so you can file as soon as possible.
How will you protect your family from tax ID theft this year?
Jackie here. If privacy is important to you, do something about it. Data Privacy Day is January 28th and there are many great ways to get involved this year. What will you do?
Data Privacy Day is an annual celebration of all things privacy. It’s a chance to renew your commitment to protecting your privacy and an opportunity to educate and inform others about privacy’s importance. Here are some excellent ways to celebrate Data Privacy Day this year.
Share on Social Media
Take a break from laughing at cat pictures for a minute and do something useful with your social media accounts. Sharing privacy tips is a great way to spread the word about privacy and to give your family and friends a chance to celebrate Data Privacy Day too.
Data Privacy Day on Facebook- The official Facebook page for Data Privacy Day has some easy to share tips about privacy. Pick your favorite and share with your friends.
Join in a Twitter Chat- On January 28th at 10 am EST IBM is hosting a Twitter chat. To join in simply use the hashtag #identitymixer.
Have a “Privacy Talk”
Do your children understand the ins and outs of privacy? A family privacy talk is a wonderful opportunity to reinforce good privacy practices for everyone. Don’t come to your talk unprepared; you’ll find a variety of great resources to use here.
Join a Webinar
There are a couple of informative webinars taking place as part of Data Privacy Day. Both are focused on privacy for businesses and organizations. If you want to step up good privacy practices at your company, these can give you the jumpstart you need.
Reducing Costs and Liabilities Through Privacy Awareness- 35% of data breaches are due to human error and 29% are caused by problems in your business practices. Learn how to reduce your risk and better protect your business.
Both webinars require registration (and some a small fee), so if you want to attend, follow the links and register now.
Pass Along Resources
Spread the word about privacy by sharing some of these tip sheets. Hang one up in your office or display a few on a community message board.
Give Yourself a Privacy Check-Up
How are you doing with privacy? Data Privacy Day is the perfect day to check up on your privacy settings. Find out how here.
How will you celebrate Data Privacy Day?
Jackie here. Do you have a webcam? If you do, there’s one type of malware you need to be aware of: the Remote Access Trojan (RAT). RATs have been used to hack into webcams and spy on their users without their knowledge. It isn’t just celebrities and politicians that are at risk; everyday people have been victims of RAT spying using their webcams and the spying is becoming more common. Here’s what you need to know to protect yourself.
Remote Access Trojans (RATs) – What Are They?
Remote Access Trojans, also known as RATs, are a type of malware that allows for remote control of a device. This malware allows the perpetrator to access your computer files, to view your computer activities (and to obtain account information, passwords, etc.), to alter programs on your computer, and to spy on victims through their webcams (basically anything you can do, the perpetrator can access too). This type of malware is hard to catch as it doesn’t really change how your computer works and doesn’t typically show up in lists of running programs.
Webcam Spying- How Common is the Problem?
RATs are a common type of malware, but it is unknown exactly how prevalent they are since they aren’t easily discovered. Last year, hundreds were arrested for selling access to computers infected with RATs. A recent article on the problem from the Atlantic also mentions cases of school districts, computer stores, and others using RATs to spy on people without their knowledge.
RATs sound scary and they are, but luckily good computer practices can go a long way in protecting your device. If you follow the advice we share often here on the blog, you’ll likely be doing most of the
things on this list already. Here are some important ways to protect yourself from RATs.
Use Antivirus Software- Your computer should always be protected with an up to date antivirus program. Make sure you’re performing your regularly scheduled scans.
Install Your Updates- Updates to software programs might be annoying, but they often include security fixes. Automatic updates are a great way to make sure your computer is always up to date.
Be Careful with Attachments- Be extremely careful when downloading attachments even if they appear to be from someone you know. Legitimate accounts can be compromised, so if an email seems suspicious (even if it’s from someone you know) don’t open the attachment.
Avoid Illegal Downloads- Sites where you can download pirated movies, games, etc. are a big source of malware. Steer clear of illegal downloads.
Cover or Unplug Your Webcam- When you aren’t using your webcam, unplug it or cover it. This applies to both webcams that are part of your computer and those that clip on.
January 23, 2015
Jackie here. We share many scams here on the AllClear ID blog. Each is a little different from the ones before, but many are surprisingly similar. Thieves have their tried and tested scams that they turn to again and again to trick unsuspecting victims. I can’t tell you what scams 2015 will bring, but odds are the majority of them will resemble these scams found on the list top 5 reported scams from StaySafeOnline. Keeping watch for variations of this scam will help you protect your identity this year.
Fake Check Scams
In this scam, you receive a check and are asked to cash it through your account. You get a portion of the money received as ‘payment’ and send the rest off to another bank account or by wire transfer. Turns out, the check is fake. Fall victim to this scam and you’ll be on the hook for the full amount of the check plus any fees.
Internet Merchandise Scams
You buy an item online from a bogus retailer and it never arrives. Spot this scam by looking for deals that are too good to be true – any deal that promises to sell you top shelf items at less than half the cost, for instance. Protect yourself by paying with a credit card (they offer protections against fraud like this).
“You’re a winner!” Only if you fall victim to this scam, you’re not. This scam tells you that you’ve won a prize and asks for money to cover the fees, taxes, etc. There is no prize; pay out and you’ll simply lose the money and won’t receive the promised prize.
Pay a fee and get a loan. This scam offers a line of credit in exchange for a sign-up fee. Once the fee is paid, the loan never materializes and you’re out the money you paid.
You receive an email (often from an organization that you’re associated with) that asks for personal information or asks you to follow a link. Share your info and you’ll likely fall victim to ID theft or fraud very soon. Avoid phishing scams by clicking on email links carefully. If you’re not sure if an email is legitimate, contact the company in question yourself and ask. Most legitimate companies will not ask you to share your personal information over email.
Watching out for scams such as these will help you protect your identity this year. As always, we will keep you updated with new scams as they arise.
January 22, 2015
Jackie here. One of our ID theft predictions for this year is a rise in mobile malware. One big way that malware infects mobile devices is through apps. The best way to protect yourself from this threat during 2015 is to carefully choose the apps you install. Which apps are safe? Here are some tips for choosing the safest apps for your device.
Shop the App Stores
Where you find your apps has a big impact on their potential for being malicious. Both Apple’s app store and Google Play screen apps looking for malicious software before offering them to consumers. Should a malicious app make it through the screening process, it will likely be removed shortly after problems start arising. Shopping in the official app store for your device is one of the easiest and most effective ways to dramatically cut down on malicious apps.
Use Tools to Find Malicious Software
Android users that choose to install apps outside of Google Play do have options for screening malicious apps. The feature is called app verification and can be turned on through the “Security” section of the “Settings” app. To enable app verification, switch “Scan device for security threats” to “On”. App verification will warn you before installing apps outside of Google Play, block known malicious apps from being installed, remove some harmful apps, and recommend uninstalling apps that might be harmful to your computer. This feature can help you find and detect malicious apps earlier and will alert you to potentially harmful apps that you may already have on your phone.
Third party app stores aren’t really a problem for Apple devices, but you’ll want to use caution should you ever install a custom enterprise app. These apps are typically created by companies to provide employees, etc. with custom tools. Use extreme caution when installing this type of app and only install them from your organization’s secure website.
Check Your Apps Often
Finally, check your apps often. Remove any apps you are no longer using. Before installing a new app, make sure you are aware of what information the app will be gathering and how your information will be used and stored. It’s a good idea to recheck this information periodically as policies can change.
Protect yourself from malicious apps this year on all of your devices. A little caution now can save you from potential headaches down the road.
January 20, 2015
For businesses to successfully navigate today’s threat landscape and craft effective response strategies for data security incidents, understanding the true costs associated with data breaches is critical. Please join AllClear ID for a complimentary webinar that will help attendees understand the real cost of a data breach. Industry leaders will explore findings of 117 data breach insurance claims and resulting losses.
Speakers will share perspectives on:
- 2014 NetDiligence Cost of a Claim study
- Tips for cost savings in key areas of breach response
- Insights on cyber insurance, notification, consumer protection and legal services
Register for the webinar here: https://cc.readytalk.com/r/7gmgib66m96c&eom
Speakers include Mark Greisiger of Advisen, Andy Obuchowski of McGladrey, John Mullen of Lewis Brisbois Bisgaard & Smith, Jamie May of AllClear ID, and Vinny Sakore of Verizon Business and ICSA Labs
January 19, 2015
Jackie here. Are you reading your terms or service and privacy notices like you should? With so many documents filled with complicated legal terms it is certainly easy to be tempted to skip reading a few, but this can come with big consequences for your privacy. Reading those documents might be dull, but it will help you know what you’re agreeing to each time you sign up for an account.
What Are You Giving Away?
An interesting article from the ITRC details the real consequences that can come with not reading privacy policies and terms of service agreements. They detail two specific cases where terms of service gave companies some pretty extensive access into users’ lives. The first example involves user emails that were used by the company in a court case. The company in question was able to access private accounts to prove theft of proprietary information due to a provision included in their user agreement.
Another company providing a residency program for authors included provisions in their terms of service that granted them full rights to the author’s work, something that created quite the outrage among some of the program’s applicants.
The lesson to be learned from both of these instances (as well as countless others out there) is to carefully read the policies associated with your accounts to protect your privacy. Terms of service and privacy policies are legally binding documents and not reading them doesn’t make you immune from their provisions. If you struggle with reading the entire policy, at least skim for the clauses that include how your data can be used and accessed.
January 16, 2015
Jackie here. Did you receive any gift cards for the holidays this year? While we won’t tell you how to spend them, we do have a few tips for how NOT to spend them. Scammers are hoping you’ll fall victim to one of the many gift card scams that are making the rounds after the holiday season.
Great Deals if You Pay with a Gift Card
When it comes to gift cards, scams abound. The latest scam encourages its victims to buy hot ticket items from a low priced selection on an unknown website. In order to pay for your bargains you’re encouraged to purchase an Amazon card and then to use this card to pay for your purchase.
Don’t let these bargains fool you into providing Amazon gift card information to a site that isn’t Amazon. If you use your Amazon gift card for payment, you’ll lose the balance on your card to the thieves and you won’t receive any merchandise in return. The website is just a front for stealing gift cards. While this scam is currently looking for Amazon cards, it could easily be replicated to target any big name retailer.
To avoid this scam, use your gift cards only at the corresponding retailer (Amazon cards at Amazon, Walmart gift cards at Walmart, etc.). Don’t share your gift card numbers with anyone. Register your card at the retailer’s site if that is an option as soon as possible (linking your card to your account can help you catch fraud sooner).
Other Gift Card Scams to Avoid
Since gift cards are a hot commodity for scammers and since you likely have several from the holidays, here are some other tips to keep you safe from gift card scams:
Buy Gift Cards from Reputable Sites Only- Gift cards are best purchased from reputable sources. Don’t buy heavily discounted cards from websites (or people) you don’t know or trust. It is worth paying a bit more for a legitimate card. If you have cards you don’t want, here are some tips for selling them.
Don’t Buy Gift Cards from Auction Sites- Auction websites like eBay are a common source of gift card fraud. Don’t buy your gift cards from these sites.
Keep Your Receipt- When you buy gift cards save your receipts until the card is fully used. Some retailers will replace stolen cards if you have your receipt.
Use Your Cards Quickly- Use your gift cards as quickly as you can once you receive them. Holding on to them for long periods of time can lead to fees and forgotten cards (as well as giving scammers more time to drain your balance).
Did you receive any gift cards this year? These tips will help you avoid scams both when you purchase and redeem your holiday cards.
January 9, 2015
Jackie here. If you think that ID thieves are only after credit card information, think again. Medical records are highly valuable to thieves as they contain information that can be used to commit ID theft (SSNs, birth dates, etc.) and also information that can be used to obtain medical treatment fraudulently (insurance information, etc.). Thieves love medical records and this form of theft is growing rapidly (up 20% from last year, according to the Ponemon Institute).
The Problem with Digital Medical Records
One reason for the uptick in medical record theft is the conversion of medical records from hard copies to digital. Digital records can be stolen remotely by hackers and don’t take near the amount of space that actual paper files do.
There isn’t anything you can do about digital records; this is the only type of record offered by many practices and in many cases the digital records are required by law, but there are still ways to protect yourself from medical ID theft. Here are some tips to try:
Don’t Provide Your SSN without Reason- Many medical practices ask for SSNs even though they aren’t necessarily needed. If you’re asked for your Social Security number, ask why. Don’t provide it unless it is absolutely needed.
Don’t Share Your Driver’s License Number- Another number that is often requested, but rarely needed is your driver’s license number. If you are asked for it, see if there is another method of identification available.
Remove Unneeded Information from Old Records- Odds are you’ve already shared your SSN and driver’s license number with many medical providers. This doesn’t mean these numbers have to be a part of your record forever. You can ask to have this information removed.
Check Your Records- Obtain copies of your medical records from your doctors at least once a year and analyze them like you would a credit report. Look for treatments you didn’t receive, fraudulent charges, etc.
Don’t Just Toss Old Records- When disposing of old medical records, explanation of benefits forms, etc. dispose of them properly. Always shred or destroy records you’re tossing out and keep any records you need in a secure place.
Help Your Children- Young children and the elderly are especially popular targets for medical ID theft. Help those in your care to understand the importance of caution when sharing medical information and assist with checking records as needed.
Medical ID theft is a growing problem, but with a little caution there is much you can do to protect yourself and your family.
January 7, 2015
Jackie here. Now that 2015 is underway, it’s time to think about upcoming trends that will impact our privacy and identities. Here are some predictions (and for fun, take a look back on 2014’s predictions).
More High Scale Hacks- Throughout 2014, it seemed like a new breach was announced every day. The same trend will likely continue into 2015. Hackers are highly adept at cracking even the strongest security measures, making no one immune, including large companies or government organizations. Medical records are expected to remain a big (and profitable target) for hackers.
Increase in Mobile Malware No Matter Your Platform- Mobile malware is on the rise. From 2012 to 2013, McAfee reports the number of cases jumped by 197 percent. Until now the number of users actually infected was very small, but 2015 may be the year this changes and that mobile malware becomes a serious problem for all phone users (not just high profile targets and celebrities). Keep your phone safe by securing it properly; this guide will help you find instructions for any operating platform.
Mobile Payment Fraud- Mobile payment options are becoming more common, especially since the release of Apple Pay. Security experts warn that 2015 may be a bad year for mobile payment fraud, especially if thieves are able to find vulnerabilities in Apple’s system.
Targeted Spam- Most of us have learned to quickly and easily identify spam. Misspelled words, generic greetings, etc. are dead giveaways that you might be dealing with spam. Thieves are looking for new ways to trick their victims. Highly targeted spam emails will likely be the answer. During the coming year thieves may spend more time researching their victims, allowing them to send emails that use specific details about your life or career. Be on the lookout for a new kind of spam this year and don’t fall victim.
Elusive Cyber Attacks- Security experts see 2015 as the year of the elusive cyber-attack. Thieves will likely employ new methods to avoid detection, allowing them to obtain more information and keep from getting caught.
While only time will tell what 2015 will really bring, your best bet for keeping your identity safe this year is vigilance. We will do our best to keep you up-to-date with the latest scams and threats, but it is also important to trust your judgment and be on the lookout for situations that don’t seem legitimate. Regularly checking your bank statement, credit reports, and medical records for suspicious activity is also an important step in protecting your identity.
January 6, 2015
Jackie here. We’re right in the middle of open enrollment season for insurance and that means that scammers are out in full force looking for opportunities to trick consumers out of their personal information. Be on the lookout for health care scams this time of year and use these tips to help spot and avoid scams.
Watch for Grammar and Spelling Errors- If you receive an email riddled with grammar and spelling errors, send it to your spam folder immediately. It is very unlikely that a legitimate company will send emails packed with errors. This is a great first level screening for any spam, healthcare related or otherwise.
Look Deeply at the Sender’s Address- Even emails that appear to be from your health insurance company could be from scammers. Hover over the sender’s address to see where the email is really coming from. – if the real address doesn’t match who is supposedly sending the email, use caution before you click any links or take any action.
Avoid Clicking Links- If an email asks you to click a link immediately to input personal information, don’t do it. This is a common tactic used to direct you to malicious sites that may install malware on your computer. Avoid clicking links in unsolicited emails.
ACA not “Obamacare”- Scammers often refer to the nation’s health law as Obamacare. While this is a commonly known nickname for the law (actually called the Affordable Care Act or ACA), you won’t see it on official insurance correspondence. If you see “Obamacare” know that the email is likely spam.
Call Customer Service Yourself- If you receive a call or email from your insurance company, call them back yourself using the number on your card. This is a great way to check in and make sure your coverage is setup and working without disclosing personal information to the caller. When in doubt, call yourself.
These simple tips will help you to avoid many of the healthcare scams this year. Check out more tips from the Identity Theft Resource Center (ITRC).
December 31, 2014
Jackie here. One of the best ways to spot ID theft early on is to regularly monitor your credit. There are several ways to do this, but if you want to do it for free, you can visit www.annualcreditreport.com and claim your free yearly reports. Each person is entitled to one free report from each of the three credit bureaus every 12 months. You can get all three reports at once or spread them across the year.
The process is simple, but if you’re new to checking your credit it might seem a bit intimidating. Start by watching this helpful video from the FTC and then use some of the tips in this guide to navigate the process. Checking your credit is easy and is a wonderful tool for fighting ID theft. If it’s been a while, make the commitment to do it today.
The Only Source for Your Yearly Free Credit Reports
You can get your credit report from several different sources, but the only place for your free annual report that you are legally entitled to is annualcreditreport.com. If you don’t have reliable internet access, don’t worry; you can call 877-322-8228 or fill out an annual credit request form and mail it in.
Getting Your Report
When you visit annualcreditreport.com you’ll need to verify your identity and provide some personal information before you can access your report. Have all your information handy so you don’t have to scrounge for it while you’re filling out forms. The information you will need includes: Name, Address, Social Security Number, Birth Date, and Verifying Information – to make sure you’re really who you say you are, you’ll have to answer a few questions that only you would know the answer to. These can vary from person to person, but you should be able to accurately answer the questions. Some questions I’ve been asked include balances on loans (multiple choice), previous addresses, former employers, etc.
What Do You Do Once You Have Your Report?
Getting your credit report isn’t enough. You need to check it carefully for accuracy if you want to spot ID theft and other problems early on. Here are some things to check in your report:
Correct Information- Is your basic information like your name, address, and employer correct? Check all your basic information for accuracy and report any problems you find.
Accounts- Next, check your accounts. You should verify that each account listed is one that you actually hold and that information related to these accounts is accurate. Check your balances, look at your payment history, etc. If you find any accounts you didn’t open or find incorrect information relating to your accounts, don’t ignore it.
Finding an Error- What’s the Next Step?
Hopefully, your credit report doesn’t hold any surprises, but if it does, here are some steps to try:
Tell the Credit Reporting Company- Let the credit reporting company know about any inaccuracies you find in your report. You’ll want to do this in writing (and keep a copy of any correspondence you send). They have 30 days from receiving your request to investigate. After the investigation is complete you should receive written notice of the findings. You’ll also receive a new copy of your credit report if the investigation leads to any changes.
Contact All Three- If you find an error in one credit report, make sure that you check all your credit reports for a similar problem (and take the steps to fix
it on all three reports too).
Have you gotten your free credit report lately?
December 26, 2014
Jackie here. During the 2012 presidential election, the Obama campaign leveraged Facebook to reach out to supporters and friends. Obama garnered 45 million users to his online app that year, generating a lot of support in a tight race (and more than 690 million dollars). When the 2016 election rolls around, political campaigns will have to use a different method; Facebook recently instituted changes to its policies to prevent the site from being used in this manner again and potentially keeping friends from sharing your personal information with political parties.
How Did the App Work?
Obama’s campaign used a specialized app that supporters could install to their Facebook pages. The app gave supporters an option to share their friend list with the campaign (an option many utilized). The campaign then took these lists, compared them with the voter file, and provided recommendations to each participant about which friends they should share campaign materials with. By using information shared with the app, Obama’s team was able to target those most likely to support the campaign and even differentiate priorities based on location, etc.
Privacy Concerns Spark Changes
Privacy can be a big challenge when using social media. As a result of this app and others like it, Facebook users felt violated. They didn’t want their friends to have control over sharing their personal information. So Facebook made some changes. The site now only allows apps to see the friends of users that already use the app, cutting in on the number of contact names apps are able to receive. This change took effect early last year for new apps and is being phased in slowly for already existing apps (changes should be finalized by April 2015).
The story of an election shows just how easy it is for your personal information to be obtained on social media. Hopefully these changes will soon give us more options for protecting our privacy online.
December 22, 2014
Jackie here. What can be done about data brokers? We’ve talked about the potential problems and benefits of data collection here on the blog many times, but the one thing that stands out is the limited amount of power consumers have to control their information. Even with stringent privacy practices, if you use the internet, pay with a credit card, receive supermarket loyalty points, look up health information online, etc., your data is out there.
If you feel like you’re fighting a losing battle for privacy, you’re not alone. So far, however, there isn’t a clear solution to the big data problem. I recently read an opinion piece from the NY Times that suggests that legislation is the key to resolving some of the issues with “Big Data”. What do you think? Is increased legislation necessary to protect our privacy in an online age?
A List for Everything
When it comes to data marketing there is a list for almost everything imaginable. There are lists of those with various diseases (like diabetes, depression, AIDS, etc.), lists of impulse buyers, lists of home owners, and certainly many more. These lists are filled with names of consumers and sold to interested parties including advertising agencies, potential employers, banks and creditors, insurance companies, and others. There is no way to know which lists you’re on and no way to edit the information on these lists, even if things are incorrect.
While it might not seem like a big deal if your name appears on a list of impulse buyers, should you make a list of those with a terminal illness, people with STDs, or methamphetamine dealers (yes, these are all real lists), you might find yourself struggling to get jobs, find credit, or obtain new insurance policies. Consumers cannot be certain how this data is used, so being able to control what lists.
What Needs to Happen?
The author of the NY Times articles suggests that data marketers be required to register with the FTC and that a requirement for notification to consumers as their names appear on sensitive lists should be required.
What steps would you like to see taken to protect consumer information?
December 19, 2014
Jackie here. Letters to Santa might seem as innocent as they come, but in this new holiday scam letters from the man in red are actually a ploy to steal your identity. Scammers love to use current events and upcoming holidays to trick potential victims; this scam is an excellent reminder to keep your eyes open for tailored scams created just for a specific event. Here are the details:
The Scam: A Custom Letter to Your Child from Santa
The scam sells a custom written letter from Santa to your child. Right now the price is typically set at $19.95, but this could easily change. The initial sales offer comes via email with a link to click if you’re interested in purchasing.
Once you click the link, you are directed to a website selling the letters. There may be a free shipping offer that ends in just a few hours to encourage you to purchase immediately.
If you provide your credit card info, you’ve just shared some personal information with potential scammers. You’ll likely be out the money for the letter and have the potential to become a victim of ID theft or credit card fraud.
Also, be on the lookout for variations of this scam that provide free letters from Santa. While they may not need a credit card, they will ask for lots of personal information which can be sold to scammers. Learn more from the Better Business Bureau.
Holiday scams are abounding at this time of the year; be on the lookout for this letter from Santa scam and others like it.
December 17, 2014
Jackie here. Have you ever wondered how they figure out what problems malware causes or how to eliminate the problem once you’ve got it? I recently read an interesting article on the topic. It’s quite technical if you’re into the nuts and bolts of things and it provides a look into the hidden world of malware detection. Here are a few simplified points for those of us that don’t thrive on the overly technical, but if you do, check out the full article for all the details.
The Old Way- Deconstructing the Code to See What it Does
Back when computers were simpler and malware wasn’t so prevalent, malicious programs were often analyzed by hand. The coding language would be carefully examined to figure out what it did. Then the malicious program was run on a clean computer to test if the results were as expected.
Today things aren’t so simple. There are many different programming languages used, making it harder to take the code apart and analyze it. Additionally, there is so much more malware out there and new programs are designed every day. There’s simply too much to analyze malware using the old, manual method.
What Are They Doing Today?
Today they use a variety of methods for figuring what malware does so they can find it when it does infect your computer. Let’s take a look at a few:
Compare Before and After- One useful method runs malware on a device and then compares the “after” files with the “before”. Seeing how malware changed a device can help to determine what the malware is doing. This can often be tricky though as thousands of changes are made, some important and some not.
Virtual Computers- Often they’ll run malware on virtual computers, basically a software program that functions like a computer, to see how it functions. This works well most of the time, but not on some malware that functions differently in a virtual environment. This allows multiple malware programs to be run at once and keeps malware from shutting down a machine or hiding in inaccessible files. Virtual machines also speed up the process of finding malware since they can track changes and save analysts a lot of time.
The changes found can help to spot malware, rootkits, and other problems quickly, keeping your information and identity safer. Thieves are stepping up their game and looking for new ways to compromise computers, but it is comforting to know that computer security companies are too.
December 15, 2014
Jackie here. Do you use mobile check deposit and other similar banking features? This feature is certainly convenient (and the only way to deposit checks in some online only accounts), but before you snap that photo make sure you know the potential risks of this service as well as other mobile banking options. Fraud.org, supported by the National Consumers League, warns consumers that scammers are transforming old scams by adding technology. Here’s the scoop.
The Risks of Mobile Depositing
Not long ago, banks needed a physical check to make a deposit into your account. This limited the risk of fraud by ensuring that whoever had the check would be the one to obtain the money. With mobile check depositing, the physical check is only necessary before the photo is taken. Once the picture is taken, the check can be destroyed or, if it falls into the wrong hands, reused. When a check is deposited more than once it is called duplicate presentment and can lead to financial losses both for banks and consumers.
When depositing checks using your mobile device, be careful. Make sure you use the approved app provided by your bank so the funds actually make it to your account. Store your checks in a safe place and destroy them once the funds are deposited into your account. Never deposit checks for someone else, especially those you don’t know personally, through your account. The check might look real, but there is always the possibility the check has already been deposited or that it is fraudulent.
Old Scams- New Twists
Be on the lookout for new variations to tried-and true-scams. Mobile technologies have given scammers a new opportunity to reinvent scams and claim more victims.
Ways to Protect Yourself from Banking Scams
The best protection against banking scams is a little precaution. With a few simple tips you can avoid most scams and keep your family safe. Try these tips:
Avoid Easy Money- If you’re being promised money for completing easy tasks like depositing a check in the bank, it is probably a scam. Don’t use your bank accounts to help others move money. They are your accounts; use them for your personal purposes only.
Keep Banking Information Private- If someone is asking for your bank account numbers, PINs, debit card numbers, etc., it is probably a scam. Don’t give this information out. Sometimes sharing account information is needed (with your employer to set up direct deposit for example), but you should only share as needed and with those that you trust.
Think Before You Act- If you’re faced with a suspicious situation involving your bank account, take your time. Anyone that tells you that immediate action is needed is probably trying to get your information before you have time to realize that you’re actually being faced with a scam.
As you make use of new mobile technologies in banking always remember to be on the lookout for mobile scams!
December 12, 2014
Jackie here. The Identity Theft Resource Center released their most recent victim impact study which sheds light on the many ID theft victims working to resolve their ID theft cases. We’ll share some of their findings here, but before we jump in I want to share the one quote shared on Twitter that stuck out most to me, “Behind each statistic is a person dealing with the emotional impact of identity theft.” We can talk about numbers all day, but when it comes down to it, each number represents a person who is working to restore their credit.
Now on to the study… Here are some highlights from the ITRC report (if you’re on Twitter you can also check out #IDTheftImpact for findings from the study and expert opinions on what this means for you).
No One is Immune from Birth to Beyond Death- In their 2003 Identity Theft Aftermath report the ITRC shared the quote, “No one is immune from birth to beyond death.” Although it’s been more than 10 years, this still remains true. They point out that even your finances can’t protect you. We often assume that ID theft strikes those with good credit or a bit of money, but more than a quarter of the victims in the study had household income levels below $25,000.
Check Your Credit- Experience is often the best teacher. Of the ID theft victims in the study 50% or more now check their credit regularly. Don’t wait to become a victim to take this advice. Learn from the experiences of those fighting ID theft and check your credit often.
Most Victims Learn about ID Theft from Others- Odds are you aren’t going to be the first one to know about your identity theft. Financial institutions informed 33% of victims about the problem. Other victims learned about their ID theft when receiving a bill for an account that wasn’t theirs (29.4%), after being contacted by a collection agency (26.6%), or when they were denied credit (17.5%). Just over a quarter (26%) discovered the theft by spotting unauthorized accounts on their credit report. Luckily, people are catching ID theft quicker than ever before with 48% discovering the theft within 3 months of it first occurring.
Identity theft has a real impact on each and every one of its victims. Take a look at the full report from the ITRC for more insight into the statistics.
December 10, 2014
Have you started holiday shopping yet? This year, give your loved ones the priceless gift of a more secure identity. These fun ID theft themed gifts are perfect for everyone on your list, including that uncle that already has everything. You might not have a fortune to spend on your holiday gifts, but that doesn’t mean you can’t give a valuable gift that everyone needs.
Tablet Cable Lock
Stealing devices is big business for ID thieves and others. Not only is a stolen device easy to sell, it is often packed with your personal information that can be used to commit ID theft and fraud. For the device lovers on your list, consider the gift of a tablet cable lock. These little locks allow you to lock your device to table legs, desks, etc. You lock up your bike, why not your tablet?
RFID Blocking Sleeves
For an affordable and practical ID theft gift, an RFID sleeve is the perfect option. You can buy a 10 pack for under $20. Split it up amongst a couple friends for a really affordable gift, or give all 10 to one deserving pal. These little sleeves can be used to protect everything from credit cards to employee badges and more. Best of all, you don’t need a big special wallet to use these sleeves; put your card in and slip it right into the wallet you already have for enhanced protection.
I Love My Identity Tee
What better way to spread identity theft awareness than with a cute tee like this one. One of the best ways to protect against ID theft is vigilance (with checking credit, watching bank statements, keeping personal information secure, etc.). Your loved ones will remember how much they value their identity every time they put on this shirt, helping them to find the motivation to keep their identity safe all year round.
VPN for Secure Browsing on the Go
Do you have a friend that loves Wi-Fi? Free public Wi-Fi is certainly convenient, but not without risks. Help your friend protect their sensitive information when logging in to the internet away from home with a VPN. A virtual private network (VPN) can keep others from snooping on your internet activity at home or away. If you need help choosing a VPN for your friend, here’s a great list from PC Mag. Many cost just a few dollars a month, a small price to pay for more security.
DIY ID Theft Resources Kit
For those of you that like to DIY holiday gifts, consider putting together a packet of ID theft resources and information for your friends and family. This is a thoughtful and useful gift for anyone that needs to learn a little more about ID theft. Here are some resources you may want to use:
ID Theft Fact Sheets- You can print off informative ID theft fact sheets from several places including the Identity Theft Resource Center, the IRS, and the FTC. From ID theft basics to more advanced topics, you’ll find information for everyone on your list.
A packet of identity theft resources is a thoughtful gift on its own or can be paired with another identity protecting gift from this list to show just how important protecting your identity really is.
Crosscut or Better Shredder
Hopefully everyone on your holiday gift list has a shredder and uses it, but you’d be surprised. Shredding is an easy way to destroy personal documents before you throw them out. Everyone should use one. Don’t just buy a regular shredder; make sure it is crosscut or better (confetti cut, diamond cut, micro cut, etc.) to make it almost impossible to reassemble shredded documents.
What identity theft themed gifts will you give this year?
Jackie here. Are you confused about smartphone security? What steps do you need to take to keep your device safe? If you don’t know where to start, the FCC has created a helpful tool that will provide you with 10 customized steps for increasing your mobile security. Just choose your operating system to create your list. In the meantime, here are a few simple tips to get you started:
Set Up PINs and Passwords- Is your phone password protected? This one simple step takes just minutes to complete and provides an added layer of security to your phone. Not only will a password provide additional protection if a phone is stolen, it can also keep your personal information, saved passwords, etc. from the prying eyes of those that may have access to your phone.
Double Check Your Apps- What apps have you installed on your phone? Take a few minutes to double check the apps you’ve already installed and to delete any that you no longer use. Before installing new apps make sure they are from a trusted source and carefully examine any permissions you’re granting (we know this takes time, but it’s worth it).
Stay Up on Your Updates- Updating each of your various apps is kind of annoying, but is an essential step to keeping your phone secure. Stay up to date on those updates; consider having them auto-install if possible. In many cases, developers release security patches and updates with the latest version of software, so updating regularly helps keep your apps and device secure.
Be Careful When Getting Rid of Old Phones- When it comes time to trade in your old phone for the newest model, do so carefully. Lots of data remains on your phone and in the wrong hands this information could lead to ID theft. Always wipe your phone erasing data and restoring factory settings before selling, trading in, or giving away your device. Here’s a quick overview we did on how to safely dispose of old phones.
These few steps will get you started, but be sure to head on over the FCC Smartphone Security Checker for customized advice for your phone. It takes just a few minutes to secure your phone and may save you from headaches down the road. Don’t forget to repeat the process every time you get a new phone and to encourage the other smartphone users in your home to secure their devices as well.