September 1st, 2014
Chris here, AllClear ID Investigator. In March two companies, Fandango Inc. and Credit Karma Inc., agreed to settle charges brought against them by the Federal Trade Commission. The FTC alleged that both companies deceived consumers by promising security when using their mobile apps, and then failing to take reasonable steps to fulfill that promise.
According to FTC complaints, Fandango and Credit Karma disabled a critical default process that would have verified that the apps’ communications were being transmitted securely. This process is known as Secure Sockets Layer or SSL Certificate Validation. As a result of disabling this process, among other things, the companies left their mobile app users vulnerable to “Man in the Middle” attacks. This means that any personal or sensitive information sent or received by the app could have been intercepted by a hacker or “Middle Man” via a Wi-Fi network.
For Fandango Movies app users this means that information used to purchase tickets through the app would have been at risk from March 2009 to February 2013, almost four years. This information may have included credit card numbers, expiration dates, security codes and zip codes.
Credit Karma Mobile app users may have had much more sensitive information compromised such as names, addresses, dates of birth, Social Security Numbers, phone numbers, email addresses and passwords, credit scores, and other credit report details such as names and balances.
According to the Federal Trade Commission website, the settlements against the companies would require them to each “establish comprehensive security programs designed to address security risks during the development of their applications and to undergo independent security assessments every other year for the next 20 years. The settlements also prohibit Fandango and Credit Karma from misrepresenting the level of privacy or security of their products and services.”
In response to the settlements FTC Chairwoman Edith Ramirez said, “Our cases against Fandango and Credit Karma should remind app developers of the need to make data security central to how they design their apps.” This settlement is a step in the right direction for consumer rights. It shows that the Federal Trade Commission is starting to hold businesses accountable for protecting consumer information, as well as working to prevent deceptive business practices.
July 3rd, 2014
Jackie here. Tax season is over, but that doesn’t mean you aren’t still at risk for tax scams. The FTC recently issued a warning about fake IRS calls that are tricking consumers into paying money they owe via prepaid cards. Be aware of this scam and keep yourself safe.
This scam has been circulating for a few months, but seems to still be going strong. Scammers are faking caller ID information to impersonate the IRS and are threatening people with arrest, deportation and more if they don’t quickly pay up. There are several variations to scam, including ones using robocalls. One common thread each of these scams share is a demand for money paid quickly using prepaid debit cards, wire transfer or credit card.
Keeping Yourself Safe
Be aware that the IRS doesn’t ever ask people to pay tax debt using prepaid debit cards or wire transfers. If you need to be contacted about tax issues, the IRS will typically do so by mail. The IRS also doesn’t use text messaging, email or social media to request personal or financial information.
If you are worried about tax debt you may owe, contact the IRS yourself for help with payment questions. You can reach them at 800-829-1040.
If you get a suspicious call claiming to be from the IRS or the Treasury Inspector General for Tax Administration (TIGTA) report it immediately online or by calling 800-366-4484. You can also file a complaint with the FTC using their online complaint form (make sure you include IRS Telephone Scam in the notes section).
July 2nd, 2014
Jackie here. We talk a lot about credit reports here on the AllClear ID blog. After all, this is one very important key to discovering ID theft. You can check your reports for free once each year using AnnualCreditReport.com. If you’re new to checking your credit report or if you’re looking to improve your score, you might have questions as you examine your report. There’s a helpful guide prepared by the FTC that can answer your questions and help you become credit report savvy.
If You’ve Got Credit Report Questions… Building a Better Credit Report Has Answers
The FTC’s recently revised guide, Building a Better Credit Report, is an easy to read (and more importantly, easy to understand) guide about credit. It addresses common questions about credit reports. Do you have questions? Here are some of the answers you might find in this helpful guide:
- How Do I Get My Credit Report?
- How Do I Correct Errors on My Credit Report?
- How Long Can Negative Information Stay on My Credit Report?
- What is a Credit Freeze?
- What is a Fraud Alert?
- What is a Credit Score?
- How Can My Credit Report Affect My Job Application?
- What Are My Options for Dealing with Debt?
This guide is a great read for anyone that is worried or curious about their credit. It can also be used as a wonderful teaching tool when teaching kids and teens to protect their identities. This report can give you the information you need to discover ID theft, correct problems, rebuild credit and avoid some common scams.
If you haven’t had a chance to check out this guide, head to the FTC’s website today to read your digital copy!
May 20th, 2014
Jackie here. As part of their Spring Privacy Series, the FTC recently hosted a fascinating presentation about consumer generated health data. I had the opportunity to tune in to part of the series and would love to share some of the things I learned with you. If you’d like to check out the information for yourself, check out the transcript available through the FTC’s event page.
Our Health Information is Out There
When we think about health data we often think about the information we share with our doctors. We know that we have certain protections afforded to us through HIPAA, but often we don’t realize that HIPAA is limited in its scope. While what we tell our doctor may be protected, other health information is not. Some information (like health items purchased, health information provided online or through apps, etc.) is provided to marketers and other companies by the consumer themselves. Other information is obtained through legal channels, some of which I never knew existed until reviewing this presentation.
One way marketers may obtain health data is through the states. A surprising 33 states sell or share personal health data with others. This information is called discharge data and is shared by your health providers with the state. States can then sell or share this information with others. Now this information is de-identified (names, SSNs, etc. have been removed) so no one should know who specific information belongs to, but with a little searching, this de-identified information can be re-identified, exposing your health secrets to others.
One of the presenters shared an example about how this de-identified information can be matched up to real people. They purchased discharge data from Washington state. The data included things like age, location, etc. Using various news stories about injuries and accidents, they were able to pair up de-identified health records with named parties. In fact, in their study they paired 35 of 81 records (or 43%). This same practice could be employed to match up the information you share with health websites when researching symptoms to provide employers, insurers, and others with your personal health information.
HIPAA Doesn’t Cover Everything
One of the biggest takeaways I got from this presentation was the realization that HIPAA doesn’t cover everything. Yes, some of your health information is protected by federal law, but a lot of it isn’t. We need to understand that our health information might not be as private as we think.
What Can You Do?
In today’s digital society we must be proactive about protecting the data we share if we want to protect our privacy. It is up to you to know what you’re sharing and how that might impact you. We can all choose how much we want to share (or not share). There are risks and benefits to both sharing and keeping data private. For example, when you use health apps, wearables, and other useful connected health devices, you may be able to better monitor and manage your health. On the other hand, you may be inadvertently sharing health information you’d rather keep to yourself. Only you can decide what you are comfortable sharing.
I would recommend reviewing at least a portion of this presentation for anyone that is interested in health privacy information. It’s rather long, but packed with tips, tools, and valuable things to consider.
April 22nd, 2014
Jackie here. There’s a new scam making its way into email inboxes across the country. If you see an email that appears to be from FTC, be cautious. The emails look very official, but are actually an attempt to install malware on your computer.
Like many popular email scams, this one attempts to impersonate a well-known organization. The FTC reports that these scam emails use the official FTC seal and contain links that appear to be FTC links. The email text references the Consumer Credit Protection Act (CCPA) and informs the recipient that a formal complaint has been filed against them. They are encouraged to open an attachment to receive more information.
A good tip for avoiding this scam and others like it is to remember how companies and government agencies get in touch. They typically don’t send confidential information via email. If a company or the government needs to get ahold of your regarding a complaint or another serious matter, they will often use postal mail. You can always double check if an email is legitimate by contacting the organization in question yourself. Use a known number for them, not one listed in the suspicious email.
Stay alert so you don’t fall victim. What should you do if you do receive one of these emails? Forward a copy of the email to firstname.lastname@example.org and then delete the email immediately. Get more information about this scam from the FTC.
March 14th, 2014
Jackie here. If you think identity theft is no longer a serious problem, think again. Once again it topped the list of consumer complaints made to the FTC in 2013. This is the 14th consecutive year that identity theft ranked #1. Identity theft is still a major problem; how will you protect yourself and your family?
The FTC’s recent report shows that it is still essential to watch for the signs of ID theft. Finding problems sooner often makes them easier to resolve. Some red flags to watch for include:
- Unexplained withdrawals from your bank account
- Charges you didn’t make on your credit card
- Not receiving expected bills in the mail
- Debt collection calls about debt that isn’t yours
- Errors in your credit report
- Medical bills (or explanation of benefits forms) from doctors you didn’t visit
- Receiving a data breach notification
For more information about staying safe from ID theft, check out some of these great resources:
Keep yourself safe from identity theft this year!
February 18th, 2014
Jackie here. Several weeks back we shared an article with you on the AllClear ID blog about kids increasing the ID theft risk of their parents through unwise online behaviors. To help you protect yourself and your children, we’ve found a great new resource. The FTC just finished a revision of their guide “Net Cetera: Chatting with Kids About Being Online”. If you have kids, take a few minutes to review this guide with them and ensure the whole family is educated about identity theft and its dangers.
What Does the Guide Cover?
This informative guide from the FTC is packed with educational resources and is perfect for anyone that deals with children (parents, teachers, relatives, etc.). The new revision updates the information to make it more applicable to today’s online world (it was originally written in 2009 and a lot has changed since then).
Here are some of the sections you’ll find in the guide:
- Talking to Your Kids- How do you address the dangers of the internet with your kids? This can be a complicated topic to start discussing. This guide helps parents to broach online safety with kids, with tips for starting conversations and communicating clearly.
- Ages and Stages- At different ages children use the internet differently. The guide shares information about communicating risks for young children, tweens and teens. It also features advice on using parental controls wisely.
- Social Media- Children and teens often use the internet to interact with peers, family and others online. Learn how to use social media wisely and how to avoid some of the common risks of socialization in an online world.
- Mobile Devices- Do your kids have a smartphone or tablet? Learn how to protect them from online risks even when you can’t monitor their every move.
- Being Smart About Connecting- Just as adults can run into problems when using unsecure internet connections, kids can too. Learn how to teach your kids about smart connecting and sharing when using things like public Wi-Fi.
Keeping your kids safe online is just as important as protecting yourself from ID theft. Check out this new revision of the FTC’s guide and use it to teach your kids about online safety.
February 12th, 2014
Tamara here, AllClear ID Investigator. Identity theft is one of the fastest growing white collar crimes to date. It is very likely that you or someone you know has become a victim. There are many aspects of identity theft that are widely known, such as phishing emails, Nigerian scams, and card skimmers. Here I am going to touch on some of the lesser known areas of identity theft.
Military personnel and members are particularly vulnerable.
Every day, in a multitude of ways, members of the military use their Social Security number. The number is used for everything from labeling one’s laundry bag to checking out sports equipment. Being conditioned to provide one’s social security number can lead to inadvertently disclosing it to an unfavorable party. It also increases the risk of it getting into the hands of identity thieves.
Former Army intelligence officer, now West Point professor, Lt. Col. Gregory Conti called for a change in the policy regarding personal information use by service personnel in a report he coauthored, The Military’s Cultural Disregard for Personal Information. In December of 2010, the Department of Defense stated Social Security numbers would no longer appear on new military ID cards.
Medical identity theft is a reality.
Even if you haven’t had your personal information stolen and used to open fraudulent acounts, there’s another area where your information may be used: for medical treatment. A thief may make a fake ID and use it to obtain treatment, and you may not become aware of it until it hits your credit report or is reflected on an Explanation of Benefits. If you discover you have become a victim of medical identity theft, the FTC has a number of tips to help direct you on the path of clearing it.
Computer games and consoles are also susceptible to attack.
As the population becomes more aware of phishing attacks via email, the attackers are taking another route: video games and consoles. Be aware of notices claiming there are issues with your account information requesting you either click on a link, which may download malware, or provide your personal information. The best bet to avoid falling victim to a phishing attempt is to go to the legitimate compnay website if you need to interact with them and go from there.
Search engine poisoning is deceitful.
As you research what you suspect to be a scam or a phishing attack, be careful in your review of the results that are populated by your search engine. Identity thieves have been manipulating the search results so their fake site appears higher. There are a number of things to look out for to help determine whether or not the website is real, including spelling and/or grammatical errors, slight differences to the company’s logo, or an incorrect UR (hover your cursor over the URL to see where it routes you).
Fake Wi-Fi hotspots are a trap!
Generally, one should exercise caution when using public Wi-Fi hotspots, though they tend to be safe. But, there is a chance you could inadvertently be logging into a fake Wi-Fi hotspot that appears to be the airport’s, hotel’s, or coffee shop’s hotspot. Though it is not blaringly obvious as to whether or not it is fake, there are a few things to watch out for. One item to check for is the name of the hotspot. Make sure it matches the one the facility has advised you to use. Another would be to check the URL of the first page. If it matches the name of wherever it claims to be, it usually is safe.
These tips should help you avoid falling victim to ID theft from one of the less commone methods. As always, please contact us if you have a question or are in need of assistance.
January 17th, 2014
Jackie here. As Tax Identity Theft Awareness week comes to a close, I wanted to share a few of the things I learned this week with you. The FTC and the Identity Theft Resource Center co-hosted a great Twitter chat this week; check out the hashtag #IDTheftChat for more great tips!
Don’t Carry Your Social Security Card
We’ve told you before not to carry your SSN in your wallet, but many people still do. I thought this was a great reminder to check my wallet for things that shouldn’t be in there. Other things you shouldn’t carry include bank PINs, account numbers and passwords. If you’re a business, safe guard your EIN just like you would a SSN.
Shred. Shred, Shred
The three items thieves need to commit tax ID theft are your SSN, your birth date, and your name. If you don’t shred your trash and personal information some of these will surely end up in the trash. Shredders are relatively inexpensive and are a priceless tool in fighting all types of ID theft. If you don’t have a shredder of your own, check with your local Better Business Bureau; they often host shred days with free shredding services.
Watch for Scams
All year round, but especially during tax season, thieves impersonate the IRS to get information. Watch for websites, emails, tweets and phone messages that claim to be from the IRS. If you don’t know whether something is legitimate, double check before you share personal information.
Keep Important Documents
When filing taxes you may need to hang on to some documents for several years. If you’re storing these digitally make sure they are encrypted. If you store hard copies, keep them in a secure place away from prying eyes. This neat chart was shared during the chat to help you know how long to keep each record.
Businesses Fall Victim Too
Consumers aren’t the only ones that are at risk for tax related ID theft. Businesses have risks too. The FTC shared a blog post they’ve created to help businesses understand tax ID theft. If you own a business or help manage one, this post is a must read.
Tax season is upon us so start gathering those records and file early. The sooner you file, the lower your risk for tax ID theft. When you do file use a secure connection if you file online, never public Wi-Fi. If you mail in your taxes, take them to the post office directly.
The FTC’s Twitter chat for Tax Identity Theft Awareness week was a great one. Check it out now!
January 15th, 2014
Jenna here. As this is Tax Identity Theft Awareness Week, and as we head into tax season, we think it’s important for you to know how to spot tax-related identity theft.
How to Spot It
Fortunately, tax identity theft isn’t like traditional identity theft in that it is usually discovered fairly quickly. In most cases, consumers don’t have to play detective in order to discover tax ID theft—The IRS will contact you via letter if they notice an instance of more than one person using the same SSN. Please remember that they will not contact you via email, text, or social media and that this sort of communication is likely a scam.
If someone else uses your SSN to get a job and their employer reports their income to the IRS using your SSN, the situation is a bit more complicated. Chances are, when the IRS notices that you filed your own return (which didn’t contain the fraudulent income), they will send you a letter stating that you received wages that you failed to report. If you ever receive one of these letters, do not simply disregard it and think it is a mistake—contact the IRS immediately via a verified number on their website. Be sure you keep record of your communication with them (date, time, name of the person you spoke with) to ensure the issue is resolved.
For more tips, visit this helpful FTC page.
January 13th, 2014
Jenna here. This is our first post for Tax Identity Theft Awareness Week, so we wanted to start with the basics. Tax identity theft may seem like a simple topic to understand, but there can be a lot of misinformation out there and we don’t want anyone to fall victim simply because they didn’t get the right info. The following information was disseminated by the FTC specifically for this event, so rest assured it is reliable. Be sure to check back each day for a new tax identity theft post.
What Is Tax Identity Theft?
Tax identity theft happens when someone files a phony tax return using your personal information — like your Social Security number — to get a tax refund from the IRS. It also can happen when someone uses your Social Security number to get a job or claims your child as a dependent on a tax return. Tax identity theft is the most common form of identity theft reported to the Federal Trade Commission. The IRS says tax identity theft is a top priority and says it has hired new staff, explored new technologies, and adopted new procedures to fight it.
What You Can Do
- File your tax return early in the tax season, if you can.
- Use a secure internet connection if you file electronically, or mail your tax return directly from the post office.
- Shred copies of your tax return, drafts, or calculation sheets you no longer need.
- Respond to all mail from the IRS as soon as possible.
- Know the IRS won’t contact you by email, text, or social media. If the IRS needs information, it will contact you by mail.
- Don’t give out your Social Security number (SSN) unless necessary.
- Research a tax preparer thoroughly before you hand over personal information.
- If your SSN has been compromised, contact the IRS ID Theft Protection Specialized Unit at 1-800-908-4490.
- Check your credit report at least once a year for free at annualcreditreport.com to make sure no other accounts have been opened in your name.
What To Do If You Do Fall Victim
Tax identity theft victims typically find out about the crime when they get a letter from the IRS saying that more than one tax return was filed in the their name, or IRS records show they received wages from an employer they don’t know. If you get a letter like this, don’t panic. Contact the IRS Identity Protection Specialized Unit at 1-800-908-4490.
More information about tax identity theft is available from the FTC at http://www.ftc.gov/idtheft, the IRS at http://www.irs.gov/identity-theft. We’ve also talked a lot about tax identity theft on our blog. You can find your state/local office contact information here: http://www.irs.gov/uac/Contact-Your-Local-IRS-Office-1
January 9th, 2014
Jenna here. We have exciting news! The FTC is hosting their first ever Tax Identity Theft Awareness Week January 13th-17th. That’s next week! To do our part to raise awareness about this growing issue, we will be posting helpful information and links on our blog, Facebook, Twitter, and Google+ pages every day, so be sure to check them out for great information. To make the most out of next week, here are some helpful resources you should take a look at to ensure you don’t miss out on the action:
FTC Press Release about the event:
FTC’s Tax Identity Theft Awareness Week website:
Regional Events for Tax Identity Theft Awareness Week:
Check back next week to learn all about tax identity theft just in time for tax season!
December 24th, 2013
Jackie here. What have you shared today? We talk a lot about privacy here on the blog and as you well know, our information may not be very private, especially when we’re online. I recently found a great video from the FTC. It’s called Sharing
Information: A Day in Your Life. It highlights how much information we are really putting out there each day (hint: you might be surprised). The video inspired me to showcase a few of the ways we share information. Be aware of what you share!
Where You Are: Most cell phones, tablets and mobile devices are equipped with location trackers. These trackers help to provide location sensitive information (for example GPS navigation services). While location tracking can be a useful tool for you, it can also be handy for marketers and others. Your location may be shared, even when you aren’t the one sharing it. Be aware that computers, cell phones and even some digital cameras may share geo-location data about you.
What You Buy: Do you use a loyalty card when you shop? If so, you might be sharing your purchase history in exchange for a discount. Loyalty programs are notorious for collecting and selling personal information. If you want the discount without having to sign-up for the program, you may be able to get a loyalty card (or a discount) without having to register. Purchase history may also be tracked on coupon sites, cash back sites, etc.
Online Browsing Habits: Which websites do you visit? Each time you click on a link or visit a website, your actions may be tracked, providing valuable personal information to third-party marketers. You may be surprised at how prevalent online tracking is. In May, Allison explored the problem using an online plugin and found over a hundred websites tracking her movements.
Your Health History: Did you know that your prescription history is often sold to outside parties? Health information is highly valuable to marketers and your prescription purchasing patterns, medical symptom searches and other information is commonly sold. Be aware that using symptom checkers and other medical search tools can reveal a great deal about your health to outside parties.
What do you share in a single day? Be aware of what you share to better protect your privacy.
December 23rd, 2013
Jackie here. When a debt collector comes calling, it doesn’t always mean you have a debt to collect. Some debt collectors use deception to try and trick consumers into paying debts they don’t owe. The FTC recently reported about this phantom debt on their consumer blog. Be aware of the problem and if you worry a debt isn’t yours, ask questions before you pay.
The FTC indicates that they have received more than 3000 recent complaints regarding phantom debt. They offer a few tips for protecting yourself from scams like this:
- Ask for Information- Don’t simply trust that a purported debt is legitimate. If you think a caller may be a fake collector, ask for their name, company name, address and phone number.
- Get a Validation Notice- Before you discuss the debt, ask for a written validation notice. This will include information like the amount of your debt, the name of the creditor and more information about your rights regarding debt collection. If a debt collector won’t provide this information, don’t pay and report the problem.
- Don’t Share Personal Information- If you are worried about a fake debt collector don’t share personal or financial information. Some will use this information to commit ID theft. If you’re worried a debt isn’t real, verify before you pay.
- Paying Might Not End the Problem- Some people think that paying a phony debt will make the problem go away, but this isn’t always the case. Sometimes a new debt will then be created, leaving you out the initial payment you made and struggling to fight the problem yet again. Worse is the potential for thieves will use the information you shared to pay the debt (credit card or bank account numbers) to commit ID theft.
Some debts are real and others are not. Before you pay, make sure that your debt is one you really owe.
December 3rd, 2013
Allison here. Furniture and home good rental company Aaron’s was involved in a 2011 lawsuit in which the plaintiffs claimed they knowingly installed spyware on the computers they rented out to customers. This October, Aaron’s settled with the Federal Trade Commission. In the case against the Atlanta-based retailer, claims were made that they not only installed computer spyware that tracked keystrokes, took screenshots, and snapped webcam pictures of renters, but knowingly did so without notifying the renter that they were being monitored.
Is This Legal?
Although Aaron’s does need to notify renters that monitoring software is installed on the laptops they rent, it isn’t illegal for the company to install the software on their products. Peter Swire, an Ohio State professor, told the Huffington Post that using software such as a “kill switch” is legal because companies can protect themselves from fraud or related crimes. Furthermore, the company is legally allowed to have a way to shutdown the computer should the renters stop making payments. Aaron’s still owns the laptop, and has the right to protect itself and their property. However, the rental company made a mistake by not taking steps to inform renters of the software and its capabilities. In addition, they saved all collected data, casting doubt that this software was only used to ensure that the laptops weren’t stolen or tampered with.
About the Settlement
The settlement with the FTC prohibits the company from using any monitoring technology or software on any computers unless it’s to be used to provide technical support to a customer. If such technology is to be used, then Aaron’s needs to obtain expressed consent from the customer at the time of purchase and must clearly note the technology’s capabilities and when the software is activated. To protect the privacy of previous customers, Aaron’s also had to destroy any and all data it collected from the software, and can’t use any of it against their customers in any way. To prevent this from happening again, the settlement agreement also states that Aaron’s will conduct annual monitoring and oversight of its stores and franchisees, ensuring that they are upholding the rules of the agreement.
November 23rd, 2013
Ben here, AllClear ID Investigator. The Federal Trade Commission (FTC) has moved to shut down an international network of scammers that sent millions of unwanted text messages, luring consumers in with an offer of “free” gift cards and electronics to entice them into an elaborate scheme designed to take their money and target them with illegal robocalls. These messages promised consumers free gifts or prizes such as gift cards worth $1,000 to major retailers such as Best Buy, Wal-Mart and Target. In most cases it would be impossible for someone to receive this “free” card without spending money, having their credit score hit, and releasing personal information to be sold to marketers.
The complaint names nine defendants who allegedly were involved in operations violating the FTC Act and Telemarketing Sales Rule. According to the complaint, a consumer would follow a link in the unwanted text message and be directed to a site that collected a large amount of personal information. This information ranged from name, address, and telephone number to health information, and would then be sold for targeted marketing purposes. If a consumer was to put in their information for the $1000 gift card they would have to participate in several offers to qualify. These offers would include recurring subscriptions, paying upfront and shipping costs, and even submitting applications for credit that would be reflected on their credit score.
This complaint builds on a nationwide sweep conducted by the FTC in March to crack down on scammers. The FTC files a complaint when it has reason to believe that the law has been violated and that a trial is in the public interest. The FTC works for consumers to prevent fraudulent and unfair business practices, which they feel applies to these robocalling and texting operations.
September 11th, 2013
Jackie here. What do you do if you notice fraudulent accounts on your credit report? One of the first steps is to work with companies to get these false accounts removed. It sounds easy, but in practice can be quite complicated. Who do you call? What do you say? Here are some tips for dealing with companies after ID theft.
Call the Fraud Department
If you notice a fraudulent charge or account, don’t waste your time with customer service. A company’s fraud department will be much more adept at addressing your concerns. If you don’t have the number to the fraud department, contact customer service and ask for it.
Ask to Have Accounts Immediately Closed
After reporting the fraudulent account to the company in question, ask them to immediately close or freeze the account. Request a closure letter from the company detailing any actions taken. It is a good idea to keep a record of who you talked to, when you called, and roughly what was agreed upon in addition to requesting a closure letter.
Send Dispute in Writing
You’ll need to provide your dispute of the account or specific charges in writing. Along with your written dispute, send an Identity Theft Affidavit.
Obtain Needed Documents
As an ID theft victim, you are entitled to obtain copies of transaction records relating to the theft. This includes credit applications. You may choose to authorize law enforcement to obtain these for you directly. If you authorize law enforcement, no subpoena is necessary for them to obtain needed records.
Dealing with companies after ID theft can be a long, complicated process. But, these tips will help make it a little easier to navigate the complex process. For more information, check out this report from the FTC.
August 6th, 2013
Aaron here, AllClear ID Investigator. Many of us have been targeted by an ad stating we qualify to receive a “free grant” that we can use to pay for education, home repairs, home business expenses, or unpaid bills. These self proclaimed “government agencies” promise that your application for the grant is guaranteed, and you will never have to pay the money back. However, the Federal Trade Commission warns that the “something for nothing” grant offers are most likely scams, regardless of whether you see them in your local paper, a national magazine, or are contacted by phone. Scammers will also advertise “free grants” in classifieds, instructing readers to call a toll free number for more information. Another method is for the scammer to call you directly. The caller will lie about who they are calling on behalf of, giving a seemingly legitimate name, such as the “Federal Grants Administration.”
About the Scam
Often, the intended victim will be asked certain questions to find out if they “qualify for the grant”. These scammers usually follow the same script, starting with congratulating the victim on their eligibility. Then they will ask for their account number so the grant can be deposited directly into that account. Or they may ask for a one time processing fee. The scammer will promise a refund should the victim not be satisfied. While in truth they will never get the grant money as promised, and will be robbed of any other money they give to the scammer during the process.
How to Protect Yourself
The FTC attorneys say calls and come-ons for free money are most likely scams. While protecting yourself from these scammers may seem like a daunting task, it is possible. The FTC lays out a few simple instructions to keep consumers from losing money to these government scams.
First, do not give out your bank account information to anyone you don’t know. A common tactic used by scammers is to pressure people into giving out their bank information. Consumers should always keep their bank account information private, unless it is being requested by a company you are familiar with and trust.
Second, you should not pay money for a “free” government grant. Being asked to pay a fee for a supposedly “free” grant no longer makes it free. No government agency will ask anyone to pay a processing free for a grant they were awarded.
Another way for consumers to protect themselves is to look into the companies they are being contacted by. You can find the listing in the blue pages of your phone book to determine if that company does in fact exist. A quick google search will also verify whether or not the organization is a legitimate one. The direct listing for federal grant making agencies is http://www.grants.gov/.
Consumers should be aware that scammers often use internet technology to disguise their area code in caller id systems. While the caller ID may state they are calling from Washington DC, they- could be calling for anywhere.
To reduce the number of telemarketing calls a consumer can place their number on the National Do Not Call Registry. Registration can be done online at donotcall.gov or by phone at 1-866-290-4236. Make sure to call from the number you want to add the the Do Not Call Registry.
Finally, you can file a complaint with the FTC. If you are concerned you may have been a victim of a government grant scam, file a complaint with the FTC. This can be done online at http://www.ftccomplaintassistant.gov/. Or a complaint can be filed by phone at 1-877-382-4357. The FTC enters internet, telemarketing, identify theft, and other fraud-related complaints into Consumer Sentinel. This is a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad. It is worth noting that almost 23,000 people who lost money to free grant scammers will be getting $1.7 million in refunds because of the FTC efforts.
August 5th, 2013
Jackie here. Identity theft is difficult to resolve in any situation, but can be especially hard for foster children who are already at an increased risk of the problem. To help foster children resolve id theft issues before they are out of state care and on their own, several different programs have been established including a new helpful guide from the FTC.
The guide entitled “Youth and Credit” was designed by the FTC in conjunction with ChildFocus Inc. and the Annie E. Casey Foundation. Its overall goal is to assist youth, foster agencies, and others involved in foster care with tools and information for fighting id theft. Id theft might be a big problem for foster children, but like other struggles it is a problem that should be faced head-on.
The guide has three goals: educating youth about credit, clearing credit reports of errors and fraud, and helping youth to maintain good credit in the future. Each of these goals is further addressed in the guide and a variety of id theft resources are presented.
This guide is a valuable resource for those in foster care and will hopefully help many to understand id theft and resolve their problems. If you know someone in foster care or any adults that work with foster children, make sure they know about this id theft tool. Even if you don’t work with foster children, this guide has a wealth of valuable information that can be used to teach children and young adults about identity theft.
Check out the guide here.
July 24th, 2013
Jackie here. Do you have questions about id theft? The FTC recently hosted a Q and A style Twitter Chat where they answered 10 common questions about identity theft. Keep reading for some highlights from the chat or check out the full transcript on Twitter (July 10th). You might just find the answers to your id theft questions on the list.
What Are the Signs of ID Theft?
There are many different signs of id theft. Some of the potential red flags the FTC shared include:
- Missing mail
- Unexpected bills
- Bank withdrawals
- Health Claims
- IRS notices
- Turned down for credit
- Car Repossessed
- Unexpected phone calls from creditors
One reason we recommend regularly checking your credit report is to catch id theft early. I know I wouldn’t want to experience some of the red flags on this list (getting turned down for credit or having a car repossessed for example) and catching id theft early might help you stop the problem before it gets out of control.
If I Suspect ID Theft, What’s the First Thing I Should Do?
Finding out you are potentially an id theft victim can feel debilitating. The FTC offers a few simple steps to take if you suspect you are an id theft victim: put a fraud alert on credit cards, contact companies where fraud occurred, file a report with the FTC, and file a police report.
What’s the Difference Between a Fraud Alert and a Credit Freeze?
Fraud alerts and credit freezes aren’t the same thing. A fraud alert is free and requires creditors to take extra steps to verify your identity before they can issue credit in your name. A credit freeze is more extensive. It locks your credit down to everyone (including yourself). There may be a fee for starting and stopping a credit freeze.
What Are Some Ways I Can Protect My Personal Papers?
The FTC offered some great tips for protecting your personal information. They recommend locking up and shredding personal papers, removing labels from prescription bottles and picking up your mail as soon as possible. I would add protecting papers from roommates and house visitors, keeping your wallet in a safe place, and keeping your Social Security card at home (not in your wallet).
What Can I Do If I Think My Kid is an ID Theft Victim?
Child id theft is tricky since children don’t already have a credit report, but there are things you can do. The FTC recommends contacting the credit bureaus and asking them to perform a manual search using your child’s SSN.
The full chat is available on Twitter and has some great id theft tips. Check it out today!
June 10th, 2013
Jackie here. This week the FTC hosted a special seminar on senior id theft. It was available online as well, and I had the opportunity to tune in and catch some of this all day event. If you’re interested in watching an archived version, you can do so here.
While id theft is a growing problem for all age groups, it is especially concerning to the elderly. Senior citizens often have limited financial means, and the financial strain that comes along with id theft can be especially traumatic. Here are a few points I gleaned from the seminar about the special id theft concerns seniors face:
• Many elderly victims of id theft live alone, possibly in nursing homes or other care facilities. They may be far from their families or have recently lost a spouse. Often, they struggle to know who they can trust, especially if they need help with their finances. This problem is compounded even more if that trust is violated by id theft.
• Redirecting of government benefits and tax returns to fraudulent accounts or prepaid cards is a common form of id theft amongst the elderly. Seniors that rely on these benefits to pay their monthly living expenses are placed in a very challenging position while the issue is resolved.
• The death master file is a tool that id thieves may use to file fraudulent tax returns for deceased people. In cases such as this, surviving family members often have to resolve id theft issues to file tax returns after the loss of a spouse. Dealing with id theft can be an especially heavy blow for those already struggling with the loss of a loved one.
• ID theft can be a difficult issue to resolve, sometimes taking up to a year or more. For all id theft victims, but especially older victims, this year of waiting can be a scary and stressful time.
• Seniors that are victims of tax id theft, social security misuse or benefit theft can take action. Some steps to take include (more tips are found in the broadcast):
o File an ID theft affidavit with the IRS.
o Go into local Social Security field office and file a report.
o File a report with the Office of the Inspector General by calling 1-800-269-0271.
o Block electronic access to Social Security records by visiting: http://www.socialsecurity.gov/hlp/block-access.htm
o File a Direct Deposit Auto Enrollment Fraud Block at your local Social Security Office- This will prevent id thieves from being able to redirect your benefit direct deposit.
If you’re a senior and concerned about id theft or if you care about a senior citizen and want to learn more how protect them, watch the full seminar. It’s a little long, but it’s packed with valuable information targeted towards seniors.
June 3rd, 2013
Jackie here. What does a fraud victim look like? Are they your friends? Your neighbors? Or maybe even yourself? An FTC survey found that almost 11% of US adults purchased fraudulent products in 2011. This means that 25.6 million people were victims of some sort of fraud. The FTC has created a profile that can help you to understand the factors that may increase your likelihood of becoming a fraud victim and give you some ideas to better protect yourself.
Commonly Reported Fraudulent Products
While any product or service could be used to commit fraud, some of the common culprits included weight loss products, prize promotions, unauthorized billing for clubs or internet, and work from home programs. If you are purchasing or looking to purchase an item in these categories, keep your eyes open and be aware of the increased potential for fraud.
Where You Find the Product Matters
How do you learn about new products and services? The FTC found that people who made a purchase after learning about a product from a telemarketer, TV ad, or spam email were three times more likely to become victims of fraud.
Life Events Impact Risk
Negative life events like divorce or the death of someone close to you can also impact your risk. Those that had undergone a serious, negative life event in the two years prior experienced more fraud than those that had not undergone these events.
The FTC also found that people aged 45-54 were the most likely to spend money on a fraudulent product or service.
Potential victims of fraud could be anyone you know. To learn more about ways to protect yourself from fraud check out these great fraud prevention articles on our blog.
May 31st, 2013
Jackie here. The Children’s Online Privacy Protection Act or COPPA serves as a series of guidelines that online businesses and websites must comply with if they come in contact with personal information for children under the age of 13. In an online world, you can’t keep your children entirely off the internet, but understanding their rights will help you better protect your children.
Parents Should Give Consent
Parents Can Access Information Collected
Once information is collected, parents have a right to access and review this information, including the right to ask that information be deleted. Parents can also prevent further use or collection of their child’s information.
What is Personal Information?
COPPA recently underwent some changes and had new categories of personal information added to it. Here is the current list of items that are considered personal information by the FTC:
• Name (first and last)
• Address (home or other physical address- includes street name and city name)
• Online Contact Information
• Screen or User Name
• Phone Number
• Social Security Number
• Photograph, Video or Audio of Child’s Image or Voice
• Geolocation Information
• Information About Child or Parents that Ties to Other Identifier on this List
• Persistent Identifier that Can Recognize Child Over Time or Across Multiple Websites
If you believe that a website or online service is violating COPPA and would like to report it, you can report it online here or by calling the FTC at (877) FTC-HELP.
Learn more about COPPA from the FTC by reading their revised FAQ.
May 15th, 2013
Benjamin here, AllClear ID Investigations. Scams when you’re renting property can play out several ways. First, there are those scams that hijack a real rental or real estate listing and change the contact information on the site (this may include links or ads that bring you to an alternate site). The altered ad may use the name of the agent or representative who posted the original ad. Second, there are scams in which the scammers make up listings for places that are not for rent or do not exist, using promises of extra low rent to lure you in. In these scams, the goal is to get your money before you find out the listing is a fake.
Tips to Spot Rental Scams
So what red flags should you look out for to spot a rental scam?
- Avoid renting from people who ask you to send money via a wire transfer. This is the surest sign of a scam, as there is never a good reason to wire money to pay your security deposit, application fee or first month’s rent. Scammers typically like this method of payment as it is virutally the same as cash, and can’t be traced back to them.
- Don’t pay the security deposit or first month’s rent until you have seen and signed a lease. It is never a good idea to send money to someone you have never met in person for an apartment or home you have not seen. I understand a lot of individuals are looking to rent in faraway cities and cannot afford to go back and forth. If you cannot visit an apartment or home yousrself, then have someone you trust go and confirm that it is for rent.
- Do your research on the landlord and the listing, if you find the same ad listed under different names, this could be a clue it may be a scam.
- The agent says they are out of the country but have a plan to get the keys to you through a lawyer or “agent” working on their behalf. Do not send money overseas, and if you cannot meet in person to sign a lease or view the apartment or home, then keep looking.
If you do find yourself a target of a rental scam, you should report it to your local law enforcement. Also, report it to the Federal Trade Commission and contact the website where the ad was posted.
May 7th, 2013
Jackie here. I hate spam text messages. It’s frustrating to think you have a message from a friend only to find out you’ve just received spam. For a while I was getting quite a few of these spam text messages, but luckily the FTC has taken action. You should see a definite decrease in the number of spam gift card offers you receive via text message in the coming weeks and months.
About the Text Message Scam
As a result of various complaints filed with the courts, the FTC charged 29 defendants for sending millions of unwanted text messages. Many of the texts were received by consumers without a text messaging plan, meaning the consumer had to pay for these unsolicited texts.
This text message scam offered consumers free gift cards by visiting a website. However, once consumers arrived at the site it would become apparent that claiming the free card was a lot more difficult. Typically, the card was offered as a prize for signing up for various offers, many of which required a credit card. Consumers that did sign up for the offers were then told that they had to recruit others to sign up in order to receive their free gift. Personal information was obtained from many consumers over the course of this scam, and the information was then sold to third parties for marketing purposes.
The FTC was able to crackdown on the operators of this scam since they were using deceptive practices to obtain information and they were not clear about the conditions behind their free offers.
To avoid id theft and keep your personal information safe, it is important to always be on the lookout for scams, whether you’re checking your email, reading a text, or hanging out on Facebook. While many of the operators of this scam have been shut down, there will certainly be many more scams to take its place. Read the official press release from the FTC here.
April 26th, 2013
Allison here. The Consumer Sentinel Network collects fraud and identity theft complaints from all over the country, including those reported to the Federal Trade Commission and state law enforcement agencies. Over two million complaints were received last year, and a few months ago CSN released their 2012 Databook, a 100-page catalog containing tons of data and details about these complaints. One of these details is the states that received the most complaints per 100,000 people. The 10 worst states for identity theft, ranked by complaints per 100,000 people, are:
5. New York
Not only did Florida top the list again, but it’s apparent that highly populated states topped the list. Hawaii and the Dakotas, three states with small populations, were on the bottom of the list. Identity theft was also the top complaint in 2012 for CSN, followed by debt collection, banks and lenders, and shop-at-home and catalog sales. The most common type of identity theft complaints was government documents or benefits fraud, followed by credit card fraud, phone or utilities fraud, and bank fraud.
April 18th, 2013
Jackie here. We always love seeing new resources designed to educate people and help them avoid id theft. Recently the FTC launched a new site called Consumer.gov. It is designed to help consumers understand debt, credit, money management, and id theft. If you haven’t had a chance to check out the new site, head on over to Consumer.gov and see what you think.
Information Available on Consumer.gov
The site is very easy to use and navigate. It is divided into four main categories. Let’s take a look at what you can learn in each section of the site:
- Managing Your Money- Have you ever wondered how to make a budget or open your first bank account? This section is for you. It teaches consumers money management basics. This is a great resource for those that are just starting out, or those that need a refresher. Learning to manage your money wisely can help you to recognize the signs of id theft early on. If you have a budget and know exactly what you should have in your bank account, you’ll notice if id thieves start taking money.
- Credit, Loans and Debt- A credit report is one of the first places people notice signs of id theft. This section of the site will teach you about your credit history, including your credit report, as well as ways to build credit and manage debt.
- Scams and Identity Theft- This section of the site teaches consumers about common scams and ways to avoid id theft.
- Help for You- You’ll find tons of great resources in the Help for You section of the site, including budget worksheets, links for ordering a credit report, quizzes and videos.
Consumer.gov is a great resource for learning about id theft and ways to better manage your money. Parents may even want to consider sharing portions of this site with their teenage children to help them gain the skills they’ll need to effectively manage their finances once they are out on their own.
What do you think of the new FTC resource Consumer.gov?
April 17th, 2013
Jackie here. With talk of sequestration, lay-offs, pay cuts and other economic woes, many are looking to boost their income with side ventures and small projects. While extra money can be great and in some cases is necessary, don’t let your financial need lead you to fall victim to id theft or other work from home scams. Just over a month ago, the FTC mailed refund checks to more than 50,000 consumers that were a part of a work from home scam.
About the Work From Home Scam
The FTC refunds were part of a crackdown on a company called Real Wealth. The company claimed to offer opportunities to make a substantial income from home doing tasks like mailing postcards, filling envelopes, and applying for government grants. They sold booklets and brochures to consumers that explained the process as a part of their scam.
While the refunds to consumers affected by this scam are great, it is important to note that even with the refund, each victim did still lose money. Each consumer is receiving a check for $13.63 (68% of the average amount lost). While the losses in this scam per consumer are relatively small, many work from home scams can result in substantial financial losses. Protect yourself by learning how to recognize potential employment scams. While many offers for easy income from home are scams, this article on our blog will help you find legitimate work from home opportunities.
Money is tight right now for many families, which means that work from home scams could potentially be on the rise. If you’re considering working from home, make sure you’ve found a real opportunity, not a scam. Here is a great article from the FTC about this type of scam and the official press release concerning the Real Wealth refunds.
April 10th, 2013
Jackie here. The elderly are often a target for scammers and identity thieves; this new pension scam focuses on elderly, retired veterans. The scam involves convincing vets to transfer their assets to a special trust and charging hefty fees for the assistance with paperwork. The scariest part of this scam is that it could potentially cause long-term problems for veterans, such as losing the ability to qualify for Medicaid.
For many veterans, a pension is an essential part of their finances. Scammers posing as financial advisors or attorneys offer to help secure this asset and assist with pension paperwork. They may convince their victims to move their assets into trusts, or to invest in insurance products. By moving assets around, the scammers can make it appear that the vet qualifies for Aid and Attendance benefits, even if they do not.
Restructuring assets using methods like these can have some serious consequences. Medicaid has strict qualifications standards, and if they aren’t followed future benefits could be lost. Additionally, veterans that are disqualified from the Aid and Attendance program could be required to repay all the benefits received. Losing important health care benefits can be a devastating blow to those who truly need care.
Adding to the damage, the financial planners and advisors may be paid hundreds or thousands of dollars for their advice, even if the advice wasn’t worth taking. Once the damage has been done it can be impossible to reverse, leaving veterans without their hard earned benefits.
Tips for Avoiding this Scam
If you or someone you know is a veteran, be aware of this scam and keep your eyes open for it. Here are some tips for avoiding the scam and identifying potential problems:
- Applying for Veterans Benefits is Free- If you are entitled to veteran’s benefits, you shouldn’t have to pay to apply. The forms are free and those with VA accreditation to help complete forms aren’t allowed to charge. If someone asks you to pay for their services, it’s probably a scam.
- Choose Your Financial Advisors Carefully- Be careful where you get your financial advice. If you need help with paperwork for your benefits, ask for references from those you know and trust.
February 22nd, 2013
Christopher here, with the AllClear ID Investigations team. The FTC (Federal Trade Commission) has released its National Do Not Call Registry Data Book for the year 2012. The National Do Not Call Registry allows consumers to register both home and cell phone numbers that they do not wish to receive telemarketing calls on. The 2012 version of the Data Book now contains over 217 million consumer phone numbers. This number is up from the, just over, 209 million that were actively registered in 2011.
According to the FTC the Data book also contains:
- The number of active registrations and consumer complaints since the Registry began in 2003
- Fiscal Year 2012 compliant figures by month and type
- Fiscal Year 2012 registration and complaint figures for all 50 states and the District of Columbia by population
- Rankings of the number of Do Not Call registrations by state population
- The number of entities accessing the Registry by fiscal year
- An appendix on registration and complaint figures by state and area code.
The National Do Not Call Registry also serves as a complaint center for consumers to report telemarketers that aren’t abiding by FTC regulations. In 2011 the number of consumer complaints about unwanted telemarketing calls was reported at 2,273,516. In 2012, that number increased to 3,840,572. The Data Book is also reporting large numbers of complaints specifically regarding automated telemarketing calls, or “robocalls”. According to the FTC, “most robocalls have been illegal since September 2009”. However, in October 2011, there were 149,363 complaints made to the FTC regarding robocalls. That number steadily increased to 216,338 in March of 2012, and has continued to remain around this number in the months since then.
If you are receiving unwanted telemarketing calls and wish to register your phone with the National Do Not Call Registry, or if you need to make a complaint regarding the calls that you are receiving, you can visit the official registry website at https://www.donotcall.gov/.