March 4th, 2014
Jackie here. Do you hate spam? I do, but it seems that no matter what I do, the spammy messages always seem to find a way to my email accounts. Giving out your email address is necessary, but it can also lead to those dreaded spam messages. What’s an email user to do?
Apple has come up with an interesting potential fix and is currently in the process of patenting their new idea. This spam fighting tool consists of disposable email addresses, all linked to one central account. You get your standard email address which you keep to yourself and instead share generated disposable addresses each time you sign up for a service or give out your email. Each of these is linked to your main account and all messages received will appear in your primary inbox. When an address is compromised, simply disable it, and the spam coming your way will disappear.
The neat thing about this idea is the ability to control you’re the amount of spam you receive while still retaining the functionality of a single account. Each disposable email address protects you from spam, but the unique method of linking accounts together makes the system just as convenient as a single, permanent email address.
What do you think of this idea? I think it sounds like a great solution. Hopefully it will find its way to my favorite email provider soon so I can finally eliminate all the spam from my inbox.
February 19th, 2014
Jackie here. Identity theft continues to grow and according to a recently released Javelin report, the numbers are staggering. Take a quick look at some of the identity theft statistics from 2013. What are you doing to protect yourself?
2014 Identity Fraud Report Findings
- 13.1 million people fell victim to identity theft in 2013. This is up 500,000 from 2012.
- There was a new identity theft victim every 2 seconds.
- Are you between the ages of 35-44? If so, you are at the greatest risk for identity fraud.
- Fraudsters love the internet—44% of all fraud transactions occurred online.
- 2013 was a record year for account takeovers, which comprised 16% of all identity fraud. Utility and mobile phone account takeovers tripled.
- Have you received a data breach notification lately? In 2013 1 in 3 people that received a breach letter went on to become a fraud victim (up from 1 in 4 in 2012).
- Non-card fraud is increasing rapidly, up 3x from 2012.
This report gives us a good insight into how ID theft continues to change and evolve. With an increase in non-card fraud and account takeovers, we know to pay close attention other accounts and specifically our credit reports. Pay close attention to those data breach notices as well; if you receive one you have a 1 in 3 chance of being an ID theft victim, so make sure you take the appropriate steps.
How will use this information to protect yourself and your family from identity theft?
February 10th, 2014
Jackie here. “Ring, ring, ring.” I love hearing the phone ring. Those few seconds of wonder before you look at the caller ID are exciting. Who is calling? A best friend? Mom or dad? A favorite co-worker? All of that excitement, however, is instantly dashed when you answer and realize it’s another robocall. What can you do? Which robocalls are legal and which are not?
Legal or not? Here are a few instances when robocalls are legally permitted:
- Informative Only- Recorded messages that are only sharing information (like the recording from your child’s school or the reminder from your doctor’s office) are permitted.
- Donations Requested- Charities and political candidates may use robocalls to solicit donations and share information.
- Given Permission- If you’ve given a company written permission (electronic counts too) to contact you by phone or text, they can legally call you with recorded messages. If you change your mind about this permission, you can opt out by letting the company know.
These types of robocalls are generally illegal:
- Sales Pitch- Is a company trying to sell you a good or service via recorded phone message? This type of call is probably illegal. Do you really want to make a purchase from a company that is blatantly violating the law? These calls are also a common indicator of a scam.
- On the Do Not Call Registry- If your phone number appears on the Do Not Call Registry, you shouldn’t be getting recorded sales calls. If you haven’t signed up yet (and you should) you can do so by filling out a short form here.
When Robocalls Happen…
While many robocalls are now illegal, that doesn’t mean they’ve all gone away. What should you do if you receive one? Simply hang up the phone. Pressing buttons or asking to speak with an operator can actually make the problem worse, resulting in more of the annoying calls for you. If you like, report the call after you hang up to the FTC. Do Not Call Registry violations can be reported here.
February 4th, 2014
Jenna here. Here are our favorite articles for the week. We have a great read about connected cars and the associated privacy implications (a great follow-up to this post we wrote on the issue), an informative article about the new HP Security Research Cyber Risk Report, as well as a scam alert for the BBB that warns of an increase in utility scams due to the spike in cold weather.
Connected Cars are Here. The Good News is That Privacy is Being Taken Seriously, IAPP
Hewlett-Packard Depresses Us Some More on the State of Cybersecurity, Businessweek
Scam Alert — How cold temps are triggering utility company scams, The Better Business Bureau
February 4th, 2014
Jackie here. Is your car connected? It seems like everything can connect to the internet these days. As automakers begin to explore the possibilities of internet connected cars, consumers worry about the privacy implications this might pose. How do we find a balance between convenience and privacy? Will our cars become the next source of information for “Big Data”?
Automakers and the government both realize that connected cars are inevitable in the future, but there hasn’t been a large discussion around the privacy implications to date. Regulating privacy is hard since the conveniences consumers crave often require huge amounts of information in order to work well. Additionally, storing and using information allows further customization, a feature many consumers love despite the accompanying privacy concerns.
How do you feel about automotive privacy?
Wherever you stand on the issue of automotive privacy, there are some key points to think about. In general, customized features will lead to less privacy. If you want your car to be able to sync with your iPhone and your contacts and songs on it, that leaves more opportunities for data to be compromised. Furthermore, as geo-location tracking becomes more common, this technology may appear it connected cars going forward.
Let us know your thoughts—will you buy a connected car once they are on the market?
February 3rd, 2014
Jackie here. Last year we warned you about a tech support scam that was going around. Scammers were contacting people by phone pretending to be from major companies like Microsoft. They would then remotely access the victim’s computer, stealing information and charging for their “services”. While this scam was scary, I recently learned of a new variation on the tech support scam that is even trickier and that has the potential to claim many more victims. Be on the lookout for this scam and never share your financial information or computer login credentials with an unknown caller.
This scam is a follow up to the tech support scam we saw in 2012 and 2013. This time the callers will ask if you’ve recently received tech support. They claim that if you received services you could possibly receive a refund. There are several variations to this scam, including ones where they offer to refund those that were unsatisfied and ones where they claim the company is going out of business and refunding those that have already paid.
The scammer claims they need bank account or credit card information to process the claim. They may ask for remote access to your computer, possibly under the guise of helping you fill out paperwork. This scam has the potential to create double the trouble for those who fell victim to the last scam, as well as reaching new victims.
Avoiding this Scam
Don’t fall victim to this scam or ones like it. If you have paid for phony tech support services, file a complaint with FTC and dispute the charges with your credit card company. Legitimate companies will not call and offer to reverse the charges for you. Never provide your bank account or credit card information to an unsolicited caller.
January 31st, 2014
Jackie here. We’ve talked a lot about protecting your kids from identity theft. Have you ever considered the impact your kids might have on YOUR credit score? Children and teens use the internet a lot and if they aren’t careful they could potentially expose people in your house to identity theft. Teach your kids how to stay safe online. This important lesson won’t just protect them, but will protect your identity as well.
To keep your identity safe and teach your kids good online behavior, make sure they understand these essential internet safety rules:
Do your teens know how to create a password? A strong password should be a combination of letters (upper and lowercase), numbers and symbols. Teach your kids to avoid words found in the dictionary, names of pets and nicknames. Any ‘common knowledge’ information that can easily be discovered online by a savvy ID thief (think birthdays and maiden names) should also not be used as passwords. For more password tips, check out these articles on our blog; we talk about password safety often.
Never Download Without Approval
That free game might be a lot of fun, but it could be exposing your computer to spyware and capturing sensitive important entered on your computer. To help you kids to master the art of smart downloading, have them ask you for approval first. You can teach them which downloads are safe and which are identity theft traps—reading the data usage policies of the apps is a good place to look for information about if and how your personal info will be tracked.
Be Careful Who You Friend
Facebook and other social media sites are big draws for teen users. Make sure your children only accept friend requests from actual friends they know in-person. Accepting friend requests from unknown people can expose personal and family information to strangers. Take time to go through your children’s social media accounts with them, making sure that they are using good practices when selecting friends. You may also want to review privacy settings with your teen occasionally.
Don’t Share Personal Information Via Email
Does your child know how to identify a phishing email or a scam? Teach your child how to recognize email scams as children may be more likely to fall victim or to share personal family information that could lead to identity theft.
Teaching your teen good internet practices won’t just protect them; it could also keep you safe from identity theft.
January 30th, 2014
Jackie here. Are you a victim of identity theft? While ID theft is a growing problem, it isn’t one that you have to suffer alone. Whether you are having problems with financial identity theft, tax identity theft or have general questions, help is available. One great resource to turn to is the National Identity Theft Victim Assistance Networks Program (NITVAN), a new organization started by the federal Office for Victims of Crime. With trained professionals working in coalitions around the country, this organization is focused on getting identity theft victims the help they need.
What is NITVAN?
Every ID theft victim has a different story. Financial ID theft can devastate finances, making it difficult to obtain loans and pay bills. Criminal ID theft has resulted in false arrests and legal battles. Tax ID theft can create problems with the IRS that include lost refunds and false employment records. With many different types of identity theft, there is no one simple way to resolve the problem. NITVAN understands that identity theft is a complex and growing problem and seeks to help victims receive better support.
Coalitions across the country coordinate with the National Network to provide victims with the help they need. Their website has a rich assortment of tools for identity theft victims. Use their Resource Map to find local resources that may be available in your state.
Identity theft is a growing problem, a fact that isn’t likely to change anytime soon. Do your best to protect your information and catch the problem early and remember if you need help, NITVAN is a valuable resource to all identity theft victims.
January 29th, 2014
Jenna here. Our favorite articles for this week are here (finally). We have expert tips about how to boost the security of your payment cards in simple ways, as well as information about how the NSA might be using a favorite phone app to gather more information about you. Enjoy!
How to Boost Security of Your Payment Cards, USA Today
A Little (Angry) Bird Told the NSA What You’re Up To, ABC News
January 22nd, 2014
Jackie here. Here on the AllClear ID blog we talk a lot about ID theft including ways to protect your family, trends, scams and identity theft resources. On other sites, though, ID theft isn’t as big of a focus. While you might not be seeing identity theft news on CNN or Yahoo! every day, it’s important to remember the problem still exists. Each year, ID theft generates economic losses similar to those incurred with natural disasters (Hurricane Sandy caused $20 billion in damage; ID theft creates losses of about $20.8 billion annually). While laws are being enacted to better protect us and law enforcement is getting better at catching thieves, identity theft still wreaks havoc on lives every day. If you haven’t been a victim, you probably know someone who is.
We talk a lot about data breaches, a problem that seems to be getting worse. For the last nine years there has been an average of more than one breach each day. Due to this increase in the availability of stolen information, it is estimated that the price of an identity is just $25, less than the cost of a steak dinner.
ID Theft is Changing
While ID theft is still a big problem, it is changing. Once credit card fraud was the big worry, now tax identity theft is rising and medical records are becoming a hot target for thieves. Enforcing the law is getting more difficult too, as thieves use the internet to hide their activities and identities.
The changing landscape of ID theft makes this problem no less disastrous than it once was, but much more complex. Will we someday see the same protections on our medical records as we have on our credit reports?
While identity theft is changing, it is important to realize that it is still a problem. What can we do? Remain vigilant. Check your credit reports and bank statements. If you find an inaccuracy, report it and correct it. Don’t think your children are immune from the problem; they are at risk too. Now is not the time to stop fighting against ID theft—just because it’s not making headlines every day, doesn’t mean the risk is no longer there.
January 20th, 2014
Jenna here from the Marketing team. Our favorite articles are here. This week, we have a look at a new smartphone that promises to protect users from government and private surveillance, information about a Facebook backdoor that may expose more private information than you know, and a thought-provoking piece about what Google’s acquisition of Nest means for user privacy.
Blackphone Promises to Give Smartphone Users Their Privacy, ABC News
Facebook Backdoor Gives Clues to Private Email Addresses, Forbes
January 20th, 2014
Aaron here, AllClear ID Investigator. Becoming a victim of identity theft is not just something that happens to adults; children are heavily targeted as well. Recently, the Florida state legislature met about a new bill that they hope will prevent child ID theft, called the KIDS Act (S.B.242). Adam Putman, the Agriculture Commissioner of FL testified in favor of the S.B.246, bringing with him a former foster child who was a victim of identity theft, Ashtavia Maddox.
“I came here today to share my story with you because I want to help prevent other children from going through what I’m going through,” said Ashtavia.
“It is estimated that more than 50,000 children in Florida become victims of identity theft every year,” said Commissioner Putnam. “Identity theft can have a devastating impact on their futures. Bad credit as a result of identity theft will keep someone from gaining employment, obtaining a school loan and accessing credit. To think about the opportunities Ashtavia Maddox has missed out on because of what has happened to her is heartbreaking. The KIDS Act can prevent identity theft from destroying the lives of others.”
Ashtavia Maddox, now 22 years old, found out there was a problem with her identity when applying for her first apartment when she was 18. She filled out her application and found out she was denied. She also applied for other lines of credit onyl to be denied for those as well. She and her guardian found out this was because she was a victim of identity theft.
It is hoped that the KIDS Act, which will allow the parents or guardians of a child under the age of 18 to create a credit file, will help catch any cases of child ID theft before they get out of control. Once the file is set up, it can be frozen indefinitely, preventing thieves from gaining access to the stolen identity.
In Florida, it is estimated that more than 50,000 people fall victim of identity theft each year. It’s recorded that over a $100 million dollars is taken every year from children whose identities have been compromised.
While adults are able to protect themselves from identity theft by monitoring their credit or ordering a fraud alert or freeze on their credit, there are currently no proactive measures to protect minors from identity theft in many states. The KIDS Act could be a first step toward that sort of protection in Florida.
January 17th, 2014
Jackie here. As Tax Identity Theft Awareness week comes to a close, I wanted to share a few of the things I learned this week with you. The FTC and the Identity Theft Resource Center co-hosted a great Twitter chat this week; check out the hashtag #IDTheftChat for more great tips!
Don’t Carry Your Social Security Card
We’ve told you before not to carry your SSN in your wallet, but many people still do. I thought this was a great reminder to check my wallet for things that shouldn’t be in there. Other things you shouldn’t carry include bank PINs, account numbers and passwords. If you’re a business, safe guard your EIN just like you would a SSN.
Shred. Shred, Shred
The three items thieves need to commit tax ID theft are your SSN, your birth date, and your name. If you don’t shred your trash and personal information some of these will surely end up in the trash. Shredders are relatively inexpensive and are a priceless tool in fighting all types of ID theft. If you don’t have a shredder of your own, check with your local Better Business Bureau; they often host shred days with free shredding services.
Watch for Scams
All year round, but especially during tax season, thieves impersonate the IRS to get information. Watch for websites, emails, tweets and phone messages that claim to be from the IRS. If you don’t know whether something is legitimate, double check before you share personal information.
Keep Important Documents
When filing taxes you may need to hang on to some documents for several years. If you’re storing these digitally make sure they are encrypted. If you store hard copies, keep them in a secure place away from prying eyes. This neat chart was shared during the chat to help you know how long to keep each record.
Businesses Fall Victim Too
Consumers aren’t the only ones that are at risk for tax related ID theft. Businesses have risks too. The FTC shared a blog post they’ve created to help businesses understand tax ID theft. If you own a business or help manage one, this post is a must read.
Tax season is upon us so start gathering those records and file early. The sooner you file, the lower your risk for tax ID theft. When you do file use a secure connection if you file online, never public Wi-Fi. If you mail in your taxes, take them to the post office directly.
The FTC’s Twitter chat for Tax Identity Theft Awareness week was a great one. Check it out now!
January 13th, 2014
Jenna here. There were so many good articles to choose from this week, but we’ve managed to narrow it down to our top 3. This week, we have a look at the future of big data in 2014, a really interesting (and long—you may want to save it til after work) read about tax identity theft, and some tips for how to protect your personal information. Enjoy!
2014: The Year Big Data Adoption Goes Mainstream In The Enterprise, Forbes
Beware of Gangsters Filing Tax Returns, Bloomberg Businessweek
How To Keep Your Private Information Safe, USA Today
January 10th, 2014
Tamara here, AllClear ID Investigator. The Consumer Financial Protection Bureau announced November 6th, 2013 that it is now taking complaints against payday loan lenders. Payday loans are generally a few hundred dollars and are meant to be paid back in comparatively short amount of time, though usually with a high interest rate. Now, consumers are able to file complaints to the agency if they have a dispute with a payday lender.
The complaints may be filed under six different categories: unexpected charges, incorrect or unauthorized charges, payments not credited to accounts, problems contacting lenders, consumers being granted loans they did not apply for, and businesses failing to provide the funds for which consumers had applied.
After a complaint is filed, the CFPB will forward the complaint to the lending institution, which in turn responds within 15 business days. More involved cases may take longer.
In a recent investigation, the CFPB has ordered Cash America International, Inc. to refund consumers (up to $14 million) for the discovery of robo-signing court documents. It is also alleged that Cash America destroyed records prior to the CFPB’s investigation. That, and other findings, led to a $5 million fine.
After many years of consumers not having a place to turn when experiencing issues with payday loans, it is beneficial to have the CFPB be a resource to employ. To file a complaint, one can go to their website or phone them at (855) 411-2372.
January 9th, 2014
Jenna here. We have exciting news! The FTC is hosting their first ever Tax Identity Theft Awareness Week January 13th-17th. That’s next week! To do our part to raise awareness about this growing issue, we will be posting helpful information and links on our blog, Facebook, Twitter, and Google+ pages every day, so be sure to check them out for great information. To make the most out of next week, here are some helpful resources you should take a look at to ensure you don’t miss out on the action:
FTC Press Release about the event:
FTC’s Tax Identity Theft Awareness Week website:
Regional Events for Tax Identity Theft Awareness Week:
Check back next week to learn all about tax identity theft just in time for tax season!
January 8th, 2014
Jackie here. As we roll into the New Year, our thoughts turn to getting things in order for taxes. As tax identity theft is a big problem, it’s important to always turn to trusted sources when looking for tax information. Did you know the IRS has several different resources for you to use? Whether you like Tumblr, YouTube, iTunes, or Twitter, there’s an official IRS resource to help you get through tax season successfully. Which of these resources will you check out? Let us know which is your favorite!
- Official Smartphone App- Interact with the IRS using your Android or IOS smartphone via the IRS2Go V3 app. With the app you can check refund status, get tax receipts, tax tips and advice and stay up to date with the latest IRS news.
- Tumblr- If you’re on Tumblr, be sure to check out the IRS’ official page. The page was new for 2013 and already has received more than 200,000 views. One identity-friendly feature is the scam alerts and warnings posted on the site.
- YouTube- Need help with your taxes? The more than 130 videos on the IRS YouTube channel might help. There’s even a video specifically created to help victims of ID theft.
- Twitter- With five official IRS Twitter accounts, there’s one for every situation. For IRS news and tax related announcements follow @IRSnews or @IRSenEspanol. Tax preparers might also be interested in @IRStaxpros and job seekers can find information at @RecruitmentIRS. The final Twitter page is devoted to the IRS Taxpayer Advocate Service and is found @YourVoiceAtIRS.
- iTunes- Love Podcasts? Check out the IRS collection of helpful audio files. We recommend “Protect Yourself from Identity Theft” and “Are You a Victim of Identity Theft?”
- Facebook- Although not commonly updated, the IRS official Facebook page is available for those that want to interact with the agency; you’ll likely get more information, however, by accessing some of their other informational channels.
As you get ready for tax season, check out these helpful IRS resources; be on the lookout for ID theft warnings and scam alerts from us as well!
January 7th, 2014
Jenna here. Our first favorite articles of 2014 are now here! This week, we have information about Facebook’s denial of claims that they are reading unpublished posts, details of a SnapChat security incident that ocurred last week, and a LinkedIn lawsuit aimed at discouraging hackers from using their site.
Facebook: We Are Not Collecting Unpublished Posts and Comments, ABC News
4.6M Snapchat User Names, Partial Numbers Leaked, ABC News
LinkedIn Sues Unknown Hackers Over Fake Profiles, Bloomberg
January 7th, 2014
George here, AllClear ID Investigator. In October 2012, the U.S. Secret Service detected a security breach at the South Carolina Department of Revenue. The attack exposed 3.6 million Social Security numbers and 387,000 credit and debit card numbers. The stolen data also included consumer tax return information and businesses’ Tax ID numbers. South Carolina hired a cyber-security firm to stop the attack and install new hardware and software at the Revenue Department to strengthen their security. The state also paid for one year of credit monitoring and identity theft protection for those affected.
Consumer Affairs documented 84 security breaches before the DOR breach in October 2013, affecting more than 1 million state consumers, and 36 more security breaches since, affecting 77,000 South Carolinians. Consumer Affairs officials said South Carolina ranks 17th in the nation for identity theft complaints, it was ranked 36th in 2005.
After the attack, legislation was proposed to revamp security procedures at state agencies to prevent it from happening again. Lawmakers authorized and funded a new identity theft division at the Department of Consumer Affairs; the unit was officially announced on October 1st 2013. The four person team will educate South Carolinians in preventing ID theft, enforcing state identity theft laws, and guiding consumers through credit restoration. The Consumer Affairs ID Theft unit will help anyone in South Carolina, not just those affected by the DOR breach. Unit director Marti Phillips says, “We’re going to provide education and outreach to consumers across South Carolina about what identity theft is, the steps that consumers can take to protect themselves, and then what they need to know if they’re the victim of identity theft.” More information can be found at http://www.consumer.sc.gov/. The website also provided a toll free number, 1-800-922-1594.
January 6th, 2014
Jackie here. Our world is increasingly connected. While our connected devices do bring us a virtually endless supply of conveniences, they also pose some privacy risks. I had the opportunity to tune in to a public workshop hosted by the FTC called the Internet of Things- Privacy and Security in a Connected World. The workshop was fascinating and addressed both the conveniences and the privacy concerns associated with today’s internet driven world. It’s fascinating to watch… consider taking a few minutes to watch part for yourself. I’ll share a few of the insights I obtained below.
We Need to Know What We Share- Transparency is something that is often lacking in our current connected world, but as more devices become connected to the internet, it is essential that as consumers we have access to what we share. We need to know what data is being collected and we need to understand what devices are collecting about us. This isn’t just a responsibility of our device manufacturers. As consumers we need to demand transparency. Be informed and know what you share.
We Need to Own Our Data- Our data belongs to us. As our devices collect this data to make things more convenient for us, it should remain under our control, at least partially. Hopefully, the future will return data to the consumers that own it. Companies shouldn’t be able to sell our information just because we choose to buy their devices. Opt-in features, and more transparency are steps in the right direction.
Security is Essential- Companies will be able to collect huge amounts of data as more devices become connected. Security is a big concern. How will companies secure our data? What requirements should be in place? Data and device security will likely become a hot-button issue in the coming years.
Finding the Privacy Line- Privacy is a big concern. It was one of the main themes of the workshop. Most of the presenters agreed that companies need to put privacy first. Privacy shouldn’t be an afterthought, but instead should be an integral part of the coding of each device. Consumers have a right to privacy, even when our homes are becoming increasingly connected.
If you have a few minutes to spare, I highly recommend the FTC workshop. While there are several hours of presentations, you can learn a ton from just a few minutes. It brings up interesting points about consumer privacy and connected devices from experts in the industry.
January 2nd, 2014
Jackie here. How many passwords do you have? I have too many to count (email accounts, online banking, various stores and online shopping sites, companies where I pay bills online, social media, etc.). Remembering all those passwords is difficult, if not impossible at times. I find myself having to reset passwords that I can’t seem to remember at least once a month.
The Password Problem
I’m not the only one with this problem. A 2012 study found that 38% of adults think that solving world peace would be easier than remembering all of their passwords. With more than half of adults having more than 5 passwords (and 8% having more than 21) the password problem is certainly one that needs addressing. What’s a person to do in a world where passwords abound?
We’ve talked about several potential password solutions here on our blog like biometric passwords and even using typing style to self-identify. Facial recognition is a new idea that some companies are exploring as a solution to the password problem.
An Innovative Solution
One company is using facial recognition as the key to unlocking their password storage app. Most password storage programs use yet another password to identify users; this one instead uses facial recognition. The user simply holds their smartphone in front of their face and allows the app to scan. Once identified, the user can access the passwords stored in their vault. To prevent unauthorized access using a photo, the app is able to identify blinking to ensure that the user is actually present and not merely a picture.
Maybe someday in the future, a facial scan will be used in place of a password on all of our favorite websites. Would you prefer facial recognition or do you like the traditional password? It will be interesting to see how passwords evolve as more accounts move online. A person can only remember so many passwords, and companies are coming up with increasingly innovative ways to get around this problem.
What’s your solution to too many passwords? Whatever method you choose for remembering a long list of characters, numbers and symbols, don’t make the mistake of choosing a highly guessable password. The word ‘password’, your name, 123456 and other similar choices aren’t a secure option when it comes to securing your information online. Check out this article about password safety for some more tips about creating a password that’s hard to crack.
January 1st, 2014
Jackie here. As we say goodbye to 2013 and welcome in the new year, it’s always interesting to look back on ID theft trends and make a few predictions for the coming year. Let’s take a quick look at our list of threats and predictions
for last year… did they pan out? Then I’ll give you a few predictions for the ID theft trends that may be coming in the future.
- “Child ID Theft Will Continue to Rise”- Although the numbers aren’t out yet showing the number of child ID theft victims in 2013, a 2012 report found that the problem was certainly prevalent. The study found that 2.5% of U.S. households with children had experienced child identity fraud at some point. Legislators have been passing child ID theft laws as well. This year, several states either passed or are working on laws to allow parents to freeze their children’s credit, requiring foster agencies to help clean up children’s credit reports and creating child ID theft prevention programs.
- “Monetization of Social Networks”- Social networks certainly expanded their money making efforts this last year. Twitter went public with their stock, generating a few IPO related scams along the way. Social media scams are still big business for scammers, so keep an eye open for offers of fake gift cards, airline miles, etc. in the coming year too.
- Tax ID Theft- Tax ID theft continues to be a problem. As the numbers roll in for 2013, we are seeing fairly large increases in the tax ID theft rates across states. In all of 2012 there were 1.2 million taxpayers with tax id theft problems. In just the first 6 months of 2013, there were 1.6 million victims.
Now that we’ve reviewed a few of last year’s predictions, let’s move on to what we see coming as we roll into 2014.
- More Companies Shift to the Cloud- Industry leaders predict that companies will continue to shift their data storage needs to the cloud. What does this mean for you? It means increased risk. When information is stored online it can be accessed from anywhere, both by the companies themselves and by hackers. Sure, it’s convenient, but it also means an increased risk of data breaches and security incidents related to data stored in the cloud.
- Mobile Malware- The days of not having to worry about viruses on your mobile phone are coming to an end. It’s likely that we will see increases in mobile malware, especially on Android phones. If you haven’t secured your phone yet, do so. Thieves always like an easy target. This fact sheet from the Privacy Rights Clearinghouse has some great tips for securing your smartphone.
- Passwords That Aren’t Passwords- People are notorious for creating bad passwords (think “password” or “1234567”). As companies seek to create more secure devices and accounts, this means finding solutions to the password that aren’t as easy to compromise. Biometric technologies are one possible solution. Maybe in 2014 we will see a smartphone that uses a heartbeat for identification or an online bank account that uses fingerprints to log you in.
- Increased Medical ID Theft- As medical records continue to shift online, the odds of a medical record breach continue to increase. Medical professionals have been warned to expect increased data security risks for 2014.
- Increased Mobile Payment Fraud- It is expected that the mobile payment industry will grow by more than 30% a year for the next several years. As this payment method grows, thieves will likely get in on the action too, leading to an increase in mobile payment fraud.
May your 2014 be filled with health and happiness and, of course, be ID theft free.
December 31st, 2013
Jackie here. We’ve warned you numerous times not to click on links in unknown emails (here, here and here recently), but this scam proves that phishing doesn’t always involve email links. Emails can still be malicious even if there isn’t link in the text. Keep on the alert for link-free phishing and protect yourself from ID theft and fraud.
We’re all familiar with the traditional phishing scams. You receive an email that appears to be from a legitimate company or person that encourages you to follow a link contained in the email. Some phishing emails promise a great deal on a new TV, others alert you to a problem with an account, but they all lead to malicious content. Some lead you to look-alike websites that get you to enter usernames and passwords, while others lead to malware that will track and capture your personal information.
This twist on the traditional phishing scam doesn’t include links in the email body, but instead hides them in unexpected places. When checking your email, remain alert. Scams can be lurking in places other than the email body.
Beware of Attachments
One new tactic is to embed malware in email attachments. You click on the attachment and the file causes your browser to crash while installing malware. This approach is fairly common, and you may already be aware of it.
If the attachment opens successfully however, most people assume they’re safe. But, danger can be lurking inside of the attachment—some scammers use innocent looking attachments to hide malicious links. That link in the PDF file you just opened is just as risky as a link inside of an email.
Don’t click on links in emails, even if they come hiding inside of an attachment. As always, we will keep you updated with any new scams that pop up!
To learn more about this scam and to see some examples of the scam in action check out this article.
December 26th, 2013
Jackie here. What would you do if you received an e-receipt from a retailer where you hadn’t shopped lately? Would you contact your credit card company to report fraud? Would you call the retailer to dispute the purchase? E-receipts are convenient, but if you aren’t careful they have the potential to increase your ID theft risk. Make sure you keep your information protected and that you know what problems to look out for when choosing an emailed receipt over a paper one.
Ask Questions- Before signing up for an e-receipt program you should carefully review the company’s privacy information. How will they keep your information secure? A company should have a concrete plan in place for keeping your email address and credit card information secure. You may also want to find out if signing up will put you on their promotional email list. Sometimes you can opt out of promotional emails at sign up if you ask.
Watch for Spam- E-receipts can lead to more spam emails, so be on the lookout. You may want to create a separate email address just for receipts so you can easily monitor for spam without filling up your regular inbox. Be cautious when reading emails, clicking on links, etc.
Update Your Computer- Keep your anti-virus and other software up to date. This is important whether you receive e-receipts or not.
Contact Companies Using Known Numbers- If you receive an e-receipt for a purchase you didn’t make and you want to contact the company, call a known number for them, not the number listed in the email. A phony e-receipt could potentially be a phishing attempt searching for your personal information.
Learn more about the danger of e-receipts from the Better Business Bureau.
December 24th, 2013
Jackie here. What have you shared today? We talk a lot about privacy here on the blog and as you well know, our information may not be very private, especially when we’re online. I recently found a great video from the FTC. It’s called Sharing
Information: A Day in Your Life. It highlights how much information we are really putting out there each day (hint: you might be surprised). The video inspired me to showcase a few of the ways we share information. Be aware of what you share!
Where You Are: Most cell phones, tablets and mobile devices are equipped with location trackers. These trackers help to provide location sensitive information (for example GPS navigation services). While location tracking can be a useful tool for you, it can also be handy for marketers and others. Your location may be shared, even when you aren’t the one sharing it. Be aware that computers, cell phones and even some digital cameras may share geo-location data about you.
What You Buy: Do you use a loyalty card when you shop? If so, you might be sharing your purchase history in exchange for a discount. Loyalty programs are notorious for collecting and selling personal information. If you want the discount without having to sign-up for the program, you may be able to get a loyalty card (or a discount) without having to register. Purchase history may also be tracked on coupon sites, cash back sites, etc.
Online Browsing Habits: Which websites do you visit? Each time you click on a link or visit a website, your actions may be tracked, providing valuable personal information to third-party marketers. You may be surprised at how prevalent online tracking is. In May, Allison explored the problem using an online plugin and found over a hundred websites tracking her movements.
Your Health History: Did you know that your prescription history is often sold to outside parties? Health information is highly valuable to marketers and your prescription purchasing patterns, medical symptom searches and other information is commonly sold. Be aware that using symptom checkers and other medical search tools can reveal a great deal about your health to outside parties.
What do you share in a single day? Be aware of what you share to better protect your privacy.
December 19th, 2013
Jackie here. While I hate the inconvenience of lost keys (which happens all too often at my house), a lost wallet or purse is when the real panic sets in. The thought of all that personal information in the hands of someone else can be downright terrifying. What do you do? Where do you begin? To help you start the process of securing your identity once again, here are some simple steps to take after losing a wallet or purse.
Write Down an Inventory
To start repairing the damage caused by a lost wallet, you first need to know what needs protecting. Grab a notebook and jot down everything that was in your purse or wallet. You list should include things like keys, checks, credit cards, health insurance cards, etc. Try to take this step sooner rather than later so the contents are fresh in your mind.
Contact Credit Card Companies
Thieves often start using credit cards as quickly as possible since they know they are likely to be canceled soon. Contact your credit card company as soon as you discover the missing wallet. Your
legal protections are tied to how quickly you report the loss. Most credit card companies will cover all fraudulent charges as long as you report them quickly.
Get a Police Report
A police report can be a valuable tool in resolving ID theft. Contact your police department and file a report immediately. Get a copy of the report (it may take a day or two for it to be available) and keep it for your records. You’ll probably need to provide copies of this report to your credit card companies, the credit bureaus, etc. Always send copies, never the original.
Freeze Your Credit
Next you’ll want to contact the three credit bureaus and put an alert or freeze on your files. There is a small fee for those that aren’t ID theft victims (the fee is waived for victims with proper documentation). You’ll need to register for a freeze from all three credit bureaus. Learn how on their websites:
Replace Your Driver’s License
If your driver’s license or state issued ID card was in your wallet (and it probably was) you’ll need to replace that as well. Find out the requirements for a new card online and bring the proper identification with you when you head to the local offices. Many states let you make an appointment beforehand which can save you from having to wait in long lines.
Contact Your Health Insurance Company
Medical ID theft is becoming more common and medical identities are often more valuable than financial ones to thieves. If your health insurance card was in your wallet you’ll need to get a new one. Contact your health insurance company and report the loss. Often, they’ll issue a new card number for you and cancel your old cards to ensure that thieves can’t use your insurance to obtain medical services. If you have pending claims you may need to submit your new insurance information to providers.
Change Your Locks
Do you keep a key in your wallet? Were your keys in your lost purse? If so, consider changing your locks. Anyone that ends up with your keys will also have your address, increasing the potential for a home break-in as a result.
What About Your Social Security Card and Passport?
Hopefully you’ve taken the advice about not keeping your Social Security card in your wallet. If not, you’ll need to replace your missing card (and hopefully vow to keep your new one in a safer place). You can get a new Social Security card by following the instructions at the Social Security Administration website.
If your passport is missing, report it to the government. Once a passport has been reported missing it is invalidated and can no longer be used for travel. Even if you find it, it cannot be re-validated so make sure it is really missing before you file a report. Get the instructions for reporting and replacing a missing passport here.
Keep an Eye Out
ID theft doesn’t always happen instantly. After cleaning up the aftermath of a lost wallet, keep an eye on your credit to make sure you don’t notice any problems. Look for signs of ID theft so you can fix any problems quickly should they occur.
While a lost wallet is traumatic, it doesn’t have to result in ID theft. Make sure you act quickly to keep yourself safe should your wallet go missing.
December 18th, 2013
Jackie here. Have you finished your holiday shopping yet? If you still have to hit the stores for that last pre-holiday shopping spree, bear in mind that shopping can increase your risk of ID theft. A little caution now can save you from a lot of hassle later. These holiday shopping tips (and the the ones we posted a few weeks ago) will help keep your identity safe while you search for the perfect Christmas gifts for friends and family.
Online shopping is convenient, but it carries a unique set of shopping risks. Be on the lookout for scams and only shop from reputable companies.
- Head to Sites Directly- Rather than following a link in an email, head to stores directly by typing in their web address in your browser. Scammers can embed false links into emails, sending you to malware infested and other harmful sites instead of the legitimate website.
- Skip the Scams- While you can score some amazing deals this holiday season, be careful of bargains that sound too good to be true. A free flat screen TV with purchase or an all-expense paid cruise for $10 should set off some warning bells in your mind. If a deal seems like a once in a lifetime offer, it might be a scam.
- Update Your Software- Is your firewall up to date? What about your anti-virus software? Scan and update your computer (and smartphone and tablet, etc.) often. The most recent versions of operating systems, browsers, etc. will better protect you from known vulnerabilities.
- Skip the Wi-Fi- Don’t use public Wi-Fi for online shopping; that deal can wait until you get to a secure connection.
Many people associate online shopping with an increased risk of fraud and identity theft, but there are risks with heading to the store too. Stay alert and aware at all times; theft increases each year during the holiday season.
- Take It Out- Do you keep your Social Security card in your wallet? If so, take it out. We’ve talked about the dangers of keeping your SSN in your wallet before, but it’s always a good time for a reminder. In addition, you may want to leave your checkbook at home when holiday shopping. A stolen checkbook could give the thief access to your bank accounts; instead take checks only if you plan to use them and then limit yourself to just one or two. You may even want to write the retailer’s name on the check before you leave the house.
- Save Your Receipts- I have a hard time remembering how much I spent and where I spent it when it comes time to review my credit card statement. Save your receipts; it makes the process a lot easier. Often, ID theft and fraud can be stopped early on if you’re paying attention to your bank statements and looking for signs of a problem.
- Shield your PIN- If you choose to pay with a debit card (credit cards offer more fraud protection by the way), shield the keypad as you enter your PIN. Also be aware of where you’re flashing your credit card number. Don’t leave the number exposed for long periods of time; thieves may snap a picture or quickly write it down.
For more holiday shopping tips check out this article from the Wall Street Journal. Hurry up; the holidays are almost here and it’s time to finish up that last minute shopping!
December 17th, 2013
Jackie here. Privacy… sometimes it can feel like we have no control over what is shared, tracked and collected about us. How do you protect your privacy in an ever changing world? I recently found an interesting article about removing
your house view from Google Street View. While this isn’t a privacy step everyone will want to take, it is good to know the option is available should you have concerns over sharing the image of your home online.
Privacy Concerns with Google Street View
Have you taken the time to check out Google Street View? This tool from Google allows users to browse neighborhoods, cities and exotic locations around the world. It can be useful for figuring out directions in an unfamiliar location or for taking virtual trips to your favorite cities. Google uses a team of bikes, cars, etc. to drive various streets, capturing images and uploading them to their Street View service.
While the tool can be useful, there are privacy concerns as well. Depending on the time the images are taken, children playing in the yard, license plates and even the contents of a garage may be on display for the world. In addition, others may worry about their home being on perpetual display. If this concerns you, check out your home view and take the needed steps to block your home images from display.
Blocking Your Home
The process is simple. Just pull up the view of your home and select the “Report a Problem” icon. I found this in the bottom right hand corner of the screen. Select a reason for the reporting (inappropriate content may be the most relevant) and complete a simple form to report the problem. Some people find that license plate numbers aren’t blurred (Google attempts to blur all of these automatically). You may also decide to blur faces, cars, etc.
Requesting blurred images is free. Check out your home on Google Street View and if you’re concerned, ask for the image to be blurred out.
December 16th, 2013
Jenna here. Our favorite articles have arrived! We have tons of great information for you this week, including some privacy concerns associated with customized airline packages, the truth about apps that supposedly offer you privacy, and a scary new development in malware.
Customized Airline Deals Raise Privacy Concerns, The Los Angeles Times
Disruptions: Internet’s Sad Legacy: No More Secrets, The New York Times
Listen Here: Malware Can Be Transmitted Through Audio, Reviewed.com
December 12th, 2013
Jackie here. Which stop lights do you stop at on the way to work? What stores do you frequent? Thanks to new law enforcement tracking initiatives, this information may soon be available to police and others. Is increased surveillance a valuable tool for fighting crime or a violation of personal privacy?
Law Enforcement and Surveillance- What Methods Are Being Used?
Technology has had an impact on crime fighting in many cities across the country; Oakland, CA has been using federal grants to create a new, multi-faceted surveillance system that will provide law enforcement with troves of data starting next summer. Other areas of the country have similar systems already in place including Texas, Massachusetts, and New York City. Surveillance drones are also being used in various places across the country.
About the New System
Oakland’s new system will have a variety of features, from gunshot detection sensors in high crime areas to automatic license plate scanners. These surveillance systems will give law enforcement access to larger amounts of data than they have been previously able to gather. For example, by inputting a license plate they should be able to track it over the past several weeks, seeing where it has gone and potentially revealing the driver’s schedule, habits, and activities.
Law enforcement is excited at the prospect of having new tools to capture criminals. Once prosecuting a crime meant gathering little bits of information (witness statements, credit card records, etc.), but with the new system they will be able to present a more complete picture, possibly increasing the conviction rate and deterring crime before it starts.
Unfortunately, the system isn’t without privacy risks. While the information can be useful in sensing the movements of suspected criminals, it will also provide a window into the daily lives of others, possibly those that have done no wrong. How long will be the data be kept? What controls are in place to ensure that information gathered is used properly?
Another potential risk is the compromising of a system by hackers. If recent events have taught us anything it is that no system is entirely safe. Hackers can, and do, regularly compromise even the most secure systems. How will privacy be protected when so much surveillance information is available?
What do you think? Do you welcome crime fighting tools even if they come at a risk to your personal privacy, or do you worry the risk is too great?