Identity Theft Secrets           Videos             News               SuperSleuths                Articles               About          Solution           Contact          Links

Join the IDT SecretsSuperSleuths.    Your Name:      E-mail:

Is your employee making more than a paycheck while working for you? If so, your business could be held responsible according to the Fair and Accurate Credit Transaction Act. For more facts, every employer should know about their employees and identity theft, read more . .

When it comes to identity theft, consumers should take care but employers should beware!

Identity theft by employees is on the rise. As law enforcement takes prosecuting identity theft more seriously and states like Texas toughen penalties, consumers can benefit from the awareness of how easy and common the practice of identity theft is. However, employers need to beware of the threats to their business when employees who are unscreened, untrained and unsupervised take advantage of their access to personal information and misuse it to commit identity theft.

Identity Theft Cases By Employees

Pizza Hut

A thirty-year-old employee of the Pizza Hut, was charged with making $6,700 worth of internet purchases using bankcard numbers and names of Pizza Hut customers.

As a rash of complaints about unauthorized purchases were made, police found one common denominator among the identity theft victims- all of them had dined and used a credit card in the Ebensburg Pizza Hut within one month. The identity thief was charged with seven counts of each identity theft, access device fraud, theft by unlawful taking, theft by deception and receiving stolen property.

Police have encouraged all customers to check their statements carefully, as they could have been victims and not even know it. There was a similar rash of identity theft crimes being investigated that are linked to the Subway restaurants in the Pittsburg area. Makes you wonder if you should just pay cash for that pizza or sub.

Southeast Missouri State University

It is not just convenience food restaurants in the news, a former Southeast Missouri State University employee downloaded over 800 students names and social security numbers. The investigation didn't reveal the social security numbers had been used to apply for credit or financial gain but at least two had been used in an attempt to log into student accounts. However, students are being advised to obtain fraud alerts and security freezes on their accounts. The former employee, a hall director, was indicted on two charge of identity fraud and one charge of computer trespass.

"In Georgia, unauthorized possession of such data is a felony. In Georgia you don't have to show the person used the data in any inappropriate way. Possession is enough," said Dr. Dennis Holt, vice president for administration and enrollment management.

Facts on Employee Identity Thefts

The number one source of identity fraud involves the theft of employee records.

A Michigan State University Study found that over half of identity thefts occur in the workplace.

Employees hired to perform low-level tasks, such as data entry, commit the majority of identity thefts.

Only about 10 percent of record thefts involve customer information, while 90 percent involve payroll or employee records.

The Fair and Accurate Credit Transaction Act hold employers responsible.

Any employer whose action or inaction, leads to breach of employee information can be fined by state and federal governments and can be sued in civil court. Class action lawsuits can be brought against employers for both actual and punitive damages.

These stories are red flags for employers to screen, train and monitor employees to protect their businesses and their customers. It is important to be aware of state laws for possessing, using and even disposing of customer's personal information. Companies can be held liable for employee actions that even put people at risk for identity theft, even it an identity theft hasn't occurred. Individuals aren't the only victims of identity theft. Employers can reap the consequences of employee identity fraud and identity theft. Being informed, proactive and vigilant is the only way to protect your customers, employees and your business.

Posted by Lisa Carey at 09:57 AM | Permalink | Comments (0)

Small, seemingly innocent pieces of information can add up to identity theft. But how do identity theives find these little pieces of information? Read more, you might be surprised!

The internet offers so many opportunities to work, shop, stay in touch and even play games but users beware: personal information shared on the web can be pieced together by identity thieves looking to steal your pie. Small, seemingly innocent pieces of information can add up to identity theft.

Consider this: Police have went to on line chat rooms and later appeared at ball games to illustrate to children that something as seemingly unimportant as a sports uniform provides enough information for a criminal to find them. Children and adults alike must beware of not just stalkers but identity thieves. Identity thieves don't want to find you, they just want to be you-at least long enough to get credit cards, mortgages, utilities or medical services in your name.

There are several common ways you can unwittingly put yourself at risk on-line. On-line communities, like Facebook and others, can put users at risks. Did you know? There are over 8 million active users on Facebook. Think they are all friends?

Reduce Your Risk of Identity Theft in On-line Communities

• Birth Dates
Many community profiles post birthdays. You should never give out your birthday. Your birthday is often used for confirmation of your identity. Leave it blank or be creative with responses like "comes annually."

• Phone numbers
Giving your phone number on-line even to "friends" is a no no. Again, a phone number makes a fraudulent use of your identity easier. What's more, with reverse search giving out your phone number on line is the same as giving out your home address.

• Photos
They say "a picture paints a thousand words." You can be sure that savvy identity thieves can find the details. Sports or cheer leading uniforms, work uniforms or badges, house numbers in the back ground are details that can be used to piece together and steal your identity.

Other On-line Identity Theft Risks

Gaming Site Pop Ups

"You've just won a free digital camera." It's hard to resist filling out that simple claim form but are you a winner or a sucker? Likely it's a marketing scheme unworthy your time but it may be an identity thief just waiting for you to fill your personal information. Instead of a free camera, you could be the winner of huge bills and bad credit.

Watch Out for Spearphishing

Spearphishing is isn't a nautical sport. It is con in which people get what seems like a legit and serious e-mail from their bank or other financial service like Paypal warning of a security breach and asking customers to log in with their password to protect themselves. Never respond within one of these e-mails. Call the bank or log in from the site where you normally do and inquire and report. Serious security threats will not be reported to you by e-mail. Spearphishers count on your fear and cooperation to gain access to enough information to clean out your accounts.

Remember, one plus one equals too many facts. Small pieces of information you share can be added together to create a profile perfect for identity theft. The internet can be useful and fun, but protect yourself as if your life savings depends on it, because it just might.

Posted by Lisa Carey at 12:40 PM | Permalink | Comments (1)

Shared computers are common in libraries, colleges, coffee house cyber cafes, and other places. These simple precautions can help keep your personal information out of the hands of others:

With the popularity of the internet and the widespread usage of personal computers to transact business, it is inevitable that security issues arise. Credit card theft is one potential and widely known problem, but there are plenty of other concerns for internet users. Even web sites that are not used to transact business still contain personal data that needs to be protected and shared computers represent the greatest threat.
Just recently, a young twenty- two year old former Drexel University student pleaded guilty to identity theft and she openly admitted stealing more than $116,000 worth of money through various schemes. What can an individual do to keep their personal information as secure as possible when working on a shared computer?

Shared computers are common in libraries, colleges, coffee house cyber cafes, and other places. These simple precautions can help keep your personal information out of the hands of others:

Avoid checking the "Remember My ID" box:

When a web site is visited and an account is accessed, it is common to see a box to click (or receive a message) that offers to save your id on that particular computer. This is a handy option when the computer is your own, but this should never be selected on a shared computer. If selected, the ID will likely remain logged into the site, even after logging off and shutting down.

Avoid Saving Passwords:

Much like the option to "remember my id", the option to save your password is present in many web sites. This option usually appears when you logon and it can save time with password input. With shared computers, however, this option should not be chosen. A saved password is a gold mine to an identity thief because the ID/password combination is already there.

Always Remember to Sign Out Completely:

Think of this as an addendum to the above two tips. Even if you don't select options to remember your ID or password, you still must remember to sign out of all web sites. If you fail to sign out and then leave a browser window open, your account will be fully exposed to an identity thief. There will be no protection at all. It's like handing a thief your logon id and password information on a special invitation.

Get Into the Habit of Changing Passwords Frequently:

Changing passwords is a great away to thwart an attempt to steal your identity and it is a good idea to change passwords for both shared and non- shared pc's. With shared pc's, changing passwords serves another useful purpose: It protects against problems caused by spyware and malware. A shared computer that has been infected by spyware or malware can obtain your password and logon id combination because these programs record every key stroke that is made. It is a good idea to change these passwords on non- shared pc's, of course, for optimal safety.

Delete the Contents of the Browser's Cache:

Every personal computer utilizes a cache that contains a copy of all the web sites visited. This should be cleared after using a shared computer. Not all shared computers allow this, but each individual user should check the cache before exiting a shared computer to see if clearing is possible. Some libraries and schools do not allow individual access to this area, but it doesn't hurt to check first, just to see if it is possible.

Don't Sign Into a Computer and Leave it Unattended:

This is a common occurrence at libraries, schools, and other places where shared personal computers are common. Someone will logon and, in an effort to avoid giving up their computer to someone else, the person will leave the computer logged in while they search for books, visit the restroom, or purchase a snack. While away from the computer, an identity thief could go to the computer and access the personal information exposed in front of him/her. This is why it is best not to take any chances and logoff immediately before leaving a shared computer- even if the absence is only going to be for a few minutes.

Avoid Transactions Involving Secure Financial Data

Always avoid using shared computers for logging into web sites that contain personal financial information. This would include web sites used for banking, purchases (that contain stored credit card information), and other secure data. It is one thing to have an identity thief discover your logon ID and password for a specific blog. Nothing serious can be lost in a site such as that. But it is another thing entirely for an identity thief to gain access to your personal bank account. The first issue is a minor annoyance. The second issue can cause serious financial problems.

Shared computers are commonplace in libraries, workplaces, schools, and other environments and while they offer convenience, they also increase the chances for identity theft. Because shared computers are utilized by a large number of people, it is imperative that individuals take the necessary precautions to prevent theft of personal information. Taking the above steps can help to prevent identity theft before it begins. These methods won't stop every type of theft every time, but they will certainly place roadblocks to identity theft and send most thieves on their way.

Posted by Lisa Carey at 09:36 PM | Permalink | Comments (0)

As physicians and hospitals transition from paper to electronic medical records there are concerns that medical information will be even easier to access on an even larger scale. What can you do about it to keep your family and your health safe.

Consumers have become more and more aware of the threats of identity theft that rob them of their money and good credit and take months and months to correct. The aggravation of rectifying an identity theft can cause major stress. However, there is a form of identity theft can cause more than just a headache. It's medical identity theft and medical identity theft can ultimately threaten a victim's health.

What is medical identity theft?

Medical identity theft happens when identity thieves access and use other people's personal information, such as their name or insurance account information, without the individuals' consent or even knowledge. Medical identity thieves may use other people's information to get medical services or products or to make false medical claims.

Why would someone steal a medical identity?

There are generally two reasons. One motivation for medical identity theft is when a person without insurance needs a surgery or prescription drugs and sees your insurance as free ticket. Another motivation for medical identity theft is the money, sometimes millions, which thieves can collect in false medical claims. Victims of medical identity theft can be left unpaid medical bills and ultimately ruined credit.

What's worse...

Because medical records and insurance information follow a patient, fictitious data added to medical records can put victims at great risk when they are treated in the future. While a falsified credit report can be a pain, a falsified medical report can be a serious threat.

Statistics on Medical Identity Theft:

Medical identity theft is currently the least investigated identity theft crime, however, some estimates are available.

In 2005, medical identity theft accounted for 3 percent of identity theft crimes. That sounds small but you understand that there were an estimated 8.3 million identity theft victims in 2005, three percent still represents 249,000 victims.

Fears for the future:

As physicians and hospitals transition from paper to electronic medical records there are concerns that medical information will be even easier to access on an even larger scale. Microsoft, Revolution Health and most recently Google have been developing products that will enable consumers to have their medical information stored on line. Many fear that if the U.S. moves to a nationwide health information network that electronically links medical records that errors may be more difficult to catch and correct once they've been spread through a massive system. Others believe that this technology would make it easier to discover and correct errors. The truth is uncertain and in the mean time there are real victims of medical identity theft.

Real Victims:

Brandon Reagan, lost his wallet in 2004 during a post boot camp celebration with friends in South Carolina. He was then posted in California. A year later he learned he was a leading suspect in car theft in South Carolina. An identity thief was using Reagan's driver's license and military i.d. to test drive and then steal cars. The thief was also committed medical identify theft by using Reagan's identify on several trips to the hospital for medical care for a hand injury and kidney stones. These hospital visits using Reagan's identity resulted in $20,000 worth of medical bills.

Local police seemed unable to help. Finally, through a state senator and the U.S. attorney South Carolina office, the Secret Service arrested the identity thief, Arthur Watts who pled guilty and awakes sentencing.

The nightmare still wasn't resolved for Reagan whose state tax refund was withheld because of the outstanding hospital bills still attached to his name. Further medical records need to be cleaned up in the event that Reagan sought medical care in South Carolina where his family lives.

Joe Ryan of Colorado received a hospital bill for $44,000 for surgery and treatments he hadn't had. An investigation proved that an ex-con had used Ryan's social security number to check into a hospital and have surgery. Ryan was left holding the bill and two years later Ryan is frustrated that he still hasn't been able to straighten out his medical records.

Laws regarding medical identity theft are still sketchy and inconsistent. In many cases Federal confidentiality laws that were intended to protect your medical records actually make it more difficult for you to access your own records.

Pam Dixon, executive director of the World Privacy Forum warns, "Medical identity theft causes terrible harm, both financial and physical."

How can you protect yourself from medical identity theft? Dixon suggest:

-Get a copy of your medical records for comparison in case they are compromised in the future.

- Annually request a list of payments made for your medical services from your insurance company.

- Review your Explanation of Benefits (EOB) as they are provided by your insurance carrier to determine their accuracy.

-Check your credit report at least once a year for any unusual unpaid charges.

To receive the best medical care, your medical records need to be accurate. Don't assume an unwarranted bill or insurance payment is just another "screw up." Research and report any discrepancies. Protecting yourself from identity theft and medical identity theft can save you from more than just a headache.

Posted by Lisa Carey at 09:50 AM | Permalink | Comments (2)

------------------
GoToMeeting Free Trial
Try GoToMeeting free for 30 days
------------------

If you are doing a lot of showing of items on your computer, one software/service you may want to consider, from both a utility standpoint and a security standpoint, is something like GoToMeeting.

In case you don't know, GoToMeeting/GoToWebinar, and services like it, are web conferencing services which allow you to have multiple users (in the case of GoToWebinar, up to 1,000 users), from wherever they are in the world, viewing the same computer screen, and talking on the same conference line over the phone.

If you are the presenter for the conference, then the software allows you to display your screen. If, during the conference, you want someone to be able to take control of your screen.

Utility:
GoToMeeting, in my usage experience, is just cool. It's helped me to get on other people's computers to remove the spyware, adware, and malware they currently have running, while they just watch. Being able to do this through a web conference platform has saved me tens, if not hundreds, of hours, in trying to explain to them how to do it themselves. Instead, they just go to GoToMeeting.com and type in a number I give them. Once they're joined to the meeting, I tell them to display their screen, and then ask them to give me keyboard and mouse control. Once they do, I can troubleshoot their computer, via the conference software, as if I were sitting there, right next to them.

Security:
If you are sending passwords and other sensitive data through email, or telling them to people over the phone in a corporate work environment, it's probably a good idea to stop. Not that it's unsafe, but that it's just not a good idea to send sensitive data through email, or to verbally speak confidential information when other people are hanging around

However, with a conference service like GoToMeeting, you can simply get the person on the phone, and actually show them the information, without there being a security risk of someone snooping on the information (as long as no one is standing behind the person looking at the conference.)

Overall, in using GoToMeeting's services (including GoToWebinar), it's much better than any other web conferencing platform I've tried (including the pay per use solutions I've attempted to use).

So, if you want a free trial, (Plus $10 off if you decide to actually use GoToMeeting, use this GoToMeeting free trial

Posted by Jonathan at 04:58 PM | Permalink | Comments (0)

Click here to get a discount on IDWatchdog's coverage. IDWatchdog services

(A Transcription of this Interview with IDWatchdog will be available shortly.)

In this interview with Erik Hansen, VP of Marketing for IDWatchdog, a Colorado based company which markets itself as a watchdog for your identity, we discuss many topics, including:

The current state of Identity Theft
Problems customers have had with IDWatchdog (concerns about ID Watchdog charging customers' cards when they didn't know they were being charged)
What makes IDWatchdog's services different
Background and database monitoring
and much more.

Click below to listen to the Identity Theft Secrets Interview with IDWatchdog

IDWatchdog Review: Download the MP3

Posted by Jonathan at 06:56 AM | Permalink | Comments (2)

There are ways that consumers can remain ahead in the identity theft game and one organization that is ready to help is the Information Card Foundation: A non- profit organization dedicated to reducing the instance of identity theft by securing digital identities in place of traditional logons and passwords.

Identity theft is a criminal activity that continues to inconvenience online users and, taken to its extremes, it can cause financial disaster to its innocent victims. Several different means exist to help individuals avoid identity theft but no matter how careful a person might be to protect their identity, these internet security problems continue unabated and identity thieves continue to look for ways to outsmart the typical consumer. But there are ways that consumers can remain ahead in the identity theft game and one organization that is ready to help is the Information Card Foundation: A non- profit organization dedicated to reducing the instance of identity theft by securing digital identities in place of traditional logons and passwords. Steering members of the foundation include representatives from Google, Microsoft, PayPal, Oracle Novell and Equifax.

How Does This System Protect the Consumer?

The Information Card Foundation has devised a unique system that protects the consumer by eliminating the need for a logon and password, thereby removing personal information from a web site. It achieves its goal by mimicking the electronic code that is used with debit cards, credit cards, and driver's licenses, replacing the code with a digital information card. This digital "card" contains the individual's personal information and each individual will be required to carry several different cards: one for each secured web site that the individual uses.

At present, most all web sites require the establishment of an account by setting up a user name and password. This method is simple, but it isn't very secure, as any identity thief will point out. All that is necessary to get this personal information is for the identity thief to hack the web sites system and tap into the database containing usernames and passwords. With digital cards, the identity thief is stopped quickly in his/her tracks because these cards are not linked to a web site. Since they are not linked, they are not part of the web site's database so if a thief successfully hacks a web site, the person who uses these digital cards will not exist in the records.

How Does This Work?

Digital cards are a unique service and they are the key behind the success of this system. Each individual who uses this system must setup a separate digital card for each web site commonly used. These digital cards are then stored on an individual's personal computer, either in its browser, on the desktop, or on a mobile device. When an individual decides to make an online purchase or enter into a secured site for some other reason, all he/she has to do is click the I- card link within the web site. The individual can then logon without the need for a logon id or password.

What are the Pros and Cons?

The system offered by the Information Card Foundation offers plenty of reasons to consider using it and chief among these is the direct protection against identity theft and phishing. There are many who would like to use the internet for online purchasing, conducting banking transactions, etc., but they avoid using this modern technology because they fear having their identities stolen. With this system, the need for inputting personal information into a web site is eliminated, greatly reducing the chances for the occurrence of identity theft. As a side benefit, this system also eliminates the need to memorize logon ids and passwords.

Even though this system offers great protection against identity theft and phishing, it still has a few issues that prevent it from achieving the level of greatness of which it is capable. The greatest problem with this system is that it only works if the web used by the consumer is participating in the digital card system and accepts I- Cards. If this affiliation is not present, then the digital card is useless. As more and more web sites accept I- Cards, this system will become more and more useful, but until that time, digital cards have limited use.

How Can I Obtain and Install This Service?

The Information Card Foundation offers easy installation of its system. To initiate the setup, a person must establish an Identity Selector on his/her pc. This is usually already available because it often exists on some pc browsers. If it isn't in the browser, it should be searched for on the computer desktop. Once the identity selector is located, the next step is to setup your own digital cards for use at specific internet web sites. After completing this step, the Information Card Foundation's system will be installed and ready for use. When a web site is accessed, it will no longer ask for a logon id and password.

Identity theft continues to cause problems for millions of consumers each year but, fortunately, there are many effective software products designed to help stop identity theft before it begins. The Information Card Foundation has devised a very effective means to eliminate or greatly reduce the incidence of identity theft and phishing with its system of digital cards. These cards help protect consumers by eliminating the need for logon ids and passwords, keeping personal information private and well out of reach of cyber- thieves everywhere. It's a very good product for consumers who worry about shopping or conducting other transactions online.

Posted by Lisa Carey at 01:49 PM | Permalink | Comments (1)