Archive for August, 2008

Identity thieves capture “holy grail” of PINs

Thursday, August 14th, 2008

If you’ve been following the news from the Department of Justice about the 11 people charged in an international identity theft ring, you may be feeling a little sick to your stomach about now. Well, take a Tums, because the news only gets worse.

It looks like they’ve found away to use your super-secret PIN.

When you swipe your debit card at the cash register and enter your personal identification number, the data is encrypted into a long string of text that looks like meaningless gobbledygook called a PIN block. If, however, identity thieves gained access to the encryption key that translates that gobbledygook into a PIN again, they would have gained what’s being called “the holy grail” of card theft.

It seems these guys have done just that, and profited from it over a five-year period.

(more…)

ATMs another opportunity for identity theft

Wednesday, August 13th, 2008

Need cash? Hit the ATM. What could be easier? Unfortunately, it’s easy for identity thieves to hit the ATM for cash too…yours.

How do they do it? They’ve got all sorts of tricks to make you an unknowing victim of identity theft.

Shoulder surfing: This is an easy and low-tech way to get at your money. Look around some time when you’re using an ATM. That guy that’s crowding up behind you might be watching you as you punch in your PIN. Now, be sure to hang around the machine long enough to get your receipt. Otherwise, the ATM is going to come back with a “Do you want another transaction?” message. If you’ve already walked away, that guy that was standing behind you can clean out your account.

Skimmers: This a clever little electronic device that duplicates the debit card slot on an ATM. In fact, it slips right into that slot like a hand in a glove and is almost undetectable. The skimming device reads the data encoded in the magnetic strip of your card. Once the info is “harvested,” the thief can create a duplicate. The best way to protect yourself is stick a finger in the slot before you put in your card. If the slot jiggles around, find another machine.

Keypad covers: Check out the keypad at the ATM. If it seems a little odd, there’s a good chance someone has put a touch-sensitive overlay on it. If the keypad appears to have tampered with, find another machine.

Fake ATMs: Further evidence that you can buy anything on eBay—used ATMs have been purchased online for as little as $1,000. If you ever approach an ATM and see a sign posted re-directing you to another machine, move on and report it to the police.

Life Lock is the industry leader in ID theft protection. Go to LifeLock.com to learn more about the service LifeLock can provide to help protect your identity and your money. Use promotional code Defense to get a discount.

Four of your majors risks for identity theft

Monday, August 11th, 2008

Data breaches. Organized crime. Methamphetamine addicts. Illegal aliens. What do all of these have in common? Each increases the risk that you’ll become a victim of identity theft.

  • TJX (TJ Maxx and other retail stores); 94 millions records
  • Card Systems (Visa, MasterCard, American Express); 40 million records
  • America Online (AOL); 30 million records
  • US Department of Veterans’ Affairs; 26.5 million records
  • From the Thurston County Sheriff’s Department in Wahsington: “ID theft is so easy to do,” said Detective Jim Dunn “They can steal mail. They have the time, meth keeps them up so long. They have the time to sit and make counterfeit checks, fake driver’s licenses.”
  • From Joe Morales, director of the Denver district attorney’s economic crime unit: 60 percent to 70 percent of his office’s identity theft cases involved methamphetamine users or dealers, often in rings of 10 or more.

Data breaches

Approximately 250 million records have been lost by corporate and government entities in the since January, 2005. The four largest account for roughly 80% of all compromised records.

Organized crime

The US Department of Justice charged 38 people as part of an organized crime ring that used the Internet to defraud thousands of individual victims and hundreds of financial institutions.

Regarding international racketeering, U.S. Attorney for the Central District of California Thomas P. O’Brien said, “Just as street gangs don’t respect municipal borders, computer criminals can reach into other countries and prey upon unsuspecting victims who have no idea their identities and money are going to another country.

Methamphetamine addicts

Heroin or crack users can’t stay focused on any one task long enough to accomplish anything. But meth’s mechanism in the brain creates a high that allows users to stay up for days on end, working on detailed, repetitive tasks. Much of the time the task at hand is stealing mail from mailboxes or trash cans.

  • “Anybody I knew that did meth was also doing fraud, identity theft or stealing mail,” former meth addict Tammie Carroll, said.
  • In a survey of 500 county sheriffs, 27 percent said methamphetamine had contributed to a rise in identity theft in their areas.

Illegal aliens

Ever heard of the Earnings Suspense File? Since 1984, more than $500 billion of wages 9 million mismatched names and Social Security numbers has ended up in it. The Earnings Suspense File is where the Social Security Administration records the withdrawals employers subtract from employees’ paychecks that don’t match the name on the Social Security Administration’s records.

In some cases, the error can be explained by something as commonplace as a woman who doesn’t notify the Social Security Administration when she marries and changes her surname. Sometimes the mismatch can be attributed to a clerical error.

Neither the Social Security Administration nor the IRS has never put effort into tracking the source of the confusion. However, one study the SSA did undertake determined that most of the unmatched payments are coming from agriculture and restaurants—the largest employers of illegal aliens.

LifeLock can help you safeguard your identity. More than 1 million customers trust Life Lock to protect their financial security and their good name. For more information about how LifeLock can help you, go to LifeLock.com. use promotion code Defense for the best available discount.

Experian’s singing spokesman an impostor!

Friday, August 8th, 2008

If you read the New York Times, or keep up with Federal Trade Commission rulings, or follow the Florida Attorney General’s investigations, you probably already know that Experian’s widely advertised offers of F-R-E-E credit reports aren’t free—at least after the seven-day trial period of the credit monitoring service.

What? You’ve never heard about that last part? Well, get out the magnifying glass and read the really, really, really fine print. Hence, the hot water the corporation seems to be in perpetually with all the agencies named above, as reported earlier this week by the New York Times.

But what about those wildly popular commercials featuring the lovable, curly-haired, cutie-pie slacker with the rotten credit? How could such a nice guy get caught up in such sleazy misadvertising? Has yet another tragedy befallen our hero?

(more…)

Two million vulnerable to identity theft after huge Countrywide data breach

Friday, August 8th, 2008

Two million records containing Social Security numbers and private financial information were stolen and sold by a former employee of the corporation’s sub-prime mortgage division.

So far, the identities of 19,000 customers are confirmed to have been compromised.

Every Sunday for two years Robert Rebollo Jr., a senior financial analyst, went into the office and downloaded the files of 20,000 customers. The batches of files were then sold for $500 each. (more…)

Internet flaw creates massive identity theft opportunity

Thursday, August 7th, 2008

Yesterday’s bad news was that a “gaping hole” in the internet’s essential design allows identity thieves to invisibly redirect internet users to their own sites. This redirection to an “evil twin” website means the thieves can then intercept the unsuspecting user’s personal and financial information.

As if that wasn’t bad enough, Dan Kaminsky, the security guru who discovered the flaw, announced today that email is also vulnerable to interception by criminals bent on stealing identities.

How does that increase your risk of ID theft? You know that email you got from your credit card company, bank or stockbroker when you initiated your online account? The one that confirmed your user name, password and account number, or the one they sent you when you forgot your password? You might not be the only one who received it.

(more…)

Federal charges brought again global identity theft ring responsible for steal 94 million records and $40 million

Wednesday, August 6th, 2008

Federal prosecutors have brought charges against 11 identity theft conspirators. The suspects arrested for being part of an international identity theft ring hail from the United States, China, Estonia, Belarus and Ukraine. The massive identity theft that led to their arrest began in 2003 and involved TJ Maxx, BJ’s Wholesale Club, Office Max, Barnes & Noble, Marshalls and Sports Authority.

The identity theft ring was able to steal 94 million records and then used them to steal more than $40 million. The debit and credit card information was sold and traded on the internet. The stolen data was imprinted on blank credit and debit cards, allowing the withdrawal of thousands of dollars at ATMs all over the world.

Feds are calling this the largest, most sophisticated identity theft ever committed.

A Miami man, Albert Gonzalez, has been identified as the ringleader, and could face life in prison if he’s found guilt on charges of computer and wire fraud, conspiracy and aggravated identity theft.

Gonzales was first arrested by the Secret Service in 2003 on the same kind of charges. He avoided prosecution by agreeing to work as an informant helping officials crack an internet site where an international ring of identity thieves bought and sold stolen identities and financial information. Gonzalez used the opportunity to work as a sort of double agent, informing other criminals before they were arrested by the Secret Service.

TJX, the parent company of many of the victimized stores has so far paid out $130 million in legal settlements and other related expenses, and will pay out another $23 million next year.

Life Lock is the industry leader in identity theft protection. Visit LifeLock.com to see what they can do for you. Enroll in LifeLock’s services using LifeLock discount code Defense and receive the lowest price available.

What you need to know about Experian and LifeLock

Tuesday, August 5th, 2008

FREE! FREE! FREE! Get Your FREE Credit Report Online in Seconds!!!!
Click here to get a FREE copy of your online Credit Report Instantly!
And that’s not all. . . along with your INSTANT credit report, we’ll give
you 30 FREE days of the Credit Check Monitoring Service at no obligation.

What’s wrong with this ad? The free credit reports Experian advertises aren’t free; they’re a teaser for Experian’s credit monitoring service, Triple Advantage. When callers requested their “free” credit reports, they were asked for credit card information and assured it was necessary only to establish their accounts, but would not be charged…and then they were enrolled in Triple Advantage and their cards were charged $79.95.

Adding insult to injury, Experian again used the credit card information to renew accounts without notification or consent, a violation of federal law.

In 2003, the Electronic Privacy Information Center (EPIC) asked the Federal Trade Commission to investigate Experian. When the investigation was completed in 2005, the FTC had determined that Experian deceptively marketed their credit reports and credit monitoring service in radio, TV, email and internet ads. (more…)

Identity theft, false advertising and Experian

Monday, August 4th, 2008

Today’s New York Times features an article on Experian and their commercials touting free credit reports. The article focuses on Experian’s wildly popular commercials that feature catchy tunes with the lyrics “Free credit report dot com,” or “F-R-E-E that spells free.”

The first problem with these commercials is that when you order your “free” credit report from their website, freecreditreport.com, you’ll be enrolled in a $15 a month credit monitoring program. The Federal Trade Commission has already fined Experian almost $1 million for misleading advertising, but the commercials continue, and there’s another one coming out this week.

Experian calls this “aggressive marketing,” in spite of their previous legal problems and continued complaints to the FTC by consumer protection agencies United States Public Interest Research Group, ConsumerInfo.com and Consumer Action. (more…)

Data Breach of Supreme Importance

Friday, August 1st, 2008

A data breach of supreme importance recently occurred at the Wagner Research Group. The personal information of over 2,000 of their clients was exposed. This would normally constitute a very small scale data breach compared to many recent incidents. What sets this incident apart is the individuals whose data was compromised. Most of these clients were upper level lawyers with a lot of power and money associated with their names. Among these was Supreme Court Justice Stephen G. Bryer.

(more…)