It appears that our online criminal element has become a bit more sophisticated than one might expect. Certainly there have always been smart criminals out there, but this latest finding really boggles the mind. Thomas Holt, a criminologist from Michigan State University, has discovered that some criminals are using an online marketplace to market stolen credit card information. This group would use an online forum to ask for criminal help such as money laundering or even data. They would then send and receive money electronically.
These criminals were clearly advanced according to Holt, as it showed the capabilities of advanced criminal thinking. This was not a bunch of kids trying to hack sites.
Have you ever gotten emails from someone asking about email, username or password information? This is called phishing and it is what criminals like this depend on. These criminals will steal information from major retailers, banks or other sources. Once they have this information, they will then send out these emails posing as your bank or website retailer.
There was a time when credit cards had to be slid through a funky machine and stamped. This left your personal information fairly insecure or at least at the mercy of the retail establishment’s security procedures. Now credit cards are so fancy you can simply walk by and tap them to pay for your bill. Would it surprise you to know that your credit card could be even more at risk today despite the jump in technology? A CBC News investigation is saying that a simple Smartphone app is capable of swiping your information right through your wallet. In about one second, they were able to use a Samsung Galaxy SIII and an app that shall remain nameless to do the deed. Information like the card number, expiration date and name was quickly stolen with a simple walk by.
That is alarming news to those of us that use PayPass or payWave from MasterCard and Visa collectively. Both appear to be susceptible to the app and the smartphone despite what is said by those with Visa or MasterCard. Both companies say that their products are safe and that you are not responsible for unauthorized purchases anyway. For me, the proof is in the doing. They were able to take a card’s information with a simple walk by, and then use it to purchase a Coke. That shows me that it is possible despite claims to the contrary.
This is a natural progression that one should expect to see when new technologies are being formed. If you come up with a new way to do things where paying and money is concerned, someone, somewhere is going to try to exploit it. It is the unfortunate way of the world. Once they have been caught a few times, then the technology will Continue reading Can Smartphones Steal Our Credit Card Information?→
When it comes to protecting your credit cards, companies are going to great extremes in recent times. Gone are the days where you simply got a phone call when you spent a great deal of money and when your bill is past due. Now, credit card companies are paying close attention to your account in real time. This is called credit card pattern recognition and it has been around for longer than you might think.
If you use credit cards often, you probably have gotten those odd phone calls or emails about your recent spending habits. Perhaps your credit card company noticed an odd spending pattern, or your first purchase on vacation in Tahiti. Any type of purchase that is unusual in the eyes of the credit card company can come under suspicion.
This is being used more and more as the criminals become more advanced. While the added security is a wonderful thing when it works, it can be a bit of a pain in the tail at other times. Imagine you are on vacation and you go out to supper for the first time. Imagine that you whip out your credit card and it gets declined for no good reason. This usually leads to an awkward conversation with the waiter and a long phone with the credit card company call to straighten out the fact that you are on vacation. That is not always so fun.
Chief Justice of the United States Supreme Court John Roberts made big news recently by admitting he recently had his credit card information stolen. There was already a renewed interest in identity theft due to huge increases in victimization. Justice Roberts simply showed that it can happen to anyone. Although the details were unclear about Justice Robert’s case, a large number of these credit card problems are traced back to online shopping.
Knowing how to recognize and identify the warning signs is important. Here are some important tips to help determine when a website is safe or not:
Understand that being well-known is good but not fool proof
Certainly it is a good sign when you are dealing with a large market retailer, but you can’t automatically assume it is safe. If you were a criminal, which names would you pick for your fake website? Criminals like using the big name sites and then building fake sites to get your information. Don’t assume it is safe just because it is a big name.
Make sure your phone call will go somewhere
Shoot for sites that have physical addresses and contact information that leads you to humans. Phone numbers that are disconnected and addresses that lead to nowhere are bad news. Take the time to actually go and check out the information.
With tax season here, it’s easy to feel a little nervous and stressed. While nobody likes to pay taxes, even more, nobody likes to be scammed. With the April 15 filing deadline for taxes almost here, last minute filers are at risk for being scammed.
The Center for Internet Security (CIS) offers tips to keep yourself from being caught in one of the many tax scams out there. With identity theft and phishing scams still ranking among the top security concerns, email scams are still at the top for ways scammers can take advantage of you.
Pay attention to emails that offer subject lines about taxes, filing taxes, tax laws, financial loss, damage to reputation. One popular phishing scam includes a subject line about changes in tax laws and invites the recipient to download a document to explain the changes. Once downloaded, the malware in these documents can damage your computer and steal your personal information.
The IRS releases a list of “Dirty Dozen Tax Scams” each year and includes tips about how to protect yourself from online and phone scams. One popular scam is criminals who call unsuspecting citizens, impersonating charities and asking for donations.
You’ve probably heard of “phishing” – when hackers send bogus messages to your email, hoping that you’ll reply or click a link so that they can get their hands on your information. But there’s a new version of this scheme that’s gaining prevalence, and it targets your smartphone. This scam is called “smishing” as in “phishing via your SMS (text) messages.”
One of the most popular smishes takes the form of a “Congratulations! You’ve won X prize from X company! Reply to this message to receive your reward!” text message to your smartphone. Do not reply to messages like this! Even if you figure out that it’s a scam and you really want to reply with something like “Go blank! your blank! you scamming blank!” – don’t do it. Yes, it would be cathartic, but the act of replying will only affirm to the smishers that your phone number is active, and you’ll receive more of this type of message (plus you’ll probably just be replying to a robot anyway, and robots are unfazed by profanity).
These “congratulations” messages, if replied to, may also ask you for your credit card information to allegedly pay for the shipping and handling costs of your prize. Never give out this information in a situation like this. Many messages like these have claimed to be from Walmart or Target. The Walmart messages have been used by smishers so frequently that at one point the company issued a statement saying that they absolutely never send consumers messages asking for sensitive information via text.
Another smish is one that will claim to be from your bank or another seemingly credible or important institution. The message will claim to be urgent and will request a reply. If you receive a text like this, do not reply via text message. Instead, look up the phone number for the bank or company and call them directly.
Other tips related to smishing prevention:
If a text message comes from the number 5000, it’s a smish. It’s safest to delete it without even opening it.
You may want to set up a text alias with your provider. This will allow you to receive and send texts, but the texts that you send will show up under your “alias” rather than your real number. It’s like having a secret phone number. Then you can block incoming texts to your “real” number and give family and friends your alias. Ask your service provider about how a text alias works.
Never give any sensitive information (your social security number, bank account information, etc) to anyone that you don’t absolutely trust.
Don’t let yourself get smished! If you’re receiving any messages that might be from smishers, report them to your service provider. You may also want to report suspicious messages to the Federal Trade Commission.
When I was traveling in South America a couple of years ago, the only form of I.D. that I could use to get into bars was my passport. That meant carrying this important document on me while navigating the busy streets of Bogota, Colombia (all in the name of a few mojitos!). My friends cautioned me to be very careful with it, as thieves would be eager to steal a valuable American passport to sell on the black market. Luckily, I encountered no such nefarious characters and I heeded their advice and kept it close to my body at all times, rather than in a purse. However, if someone had stolen my passport, I would have been dealing with more than a damper on my vacation and a bunch of paperwork. The theft of a passport can easily lead to identity theft.
Prior to our current digital age, thieves would simply apply for passports using the information of a deceased person or someone who was very unlikely to apply for a passport themselves. The ability to quickly access databases now discourages this type of passport identity theft, although it does still happen occasionally.
A stolen passport is a wealth of information for an identity thief. It contains the owner’s name, birth date, nationality and place of birth, among other important tidbits, including the owner’s signature. There are passport cases available that hang around one’s neck and easily tuck underneath a shirt for relatively safe travel.
Have you ever received a letter in the mail from a store, service or bank that warned you that their security measures had been breached but they are sure that your information remained safe and secure? Did you take their word for it? Or maybe you did a cursory search of your credit or debit card statement immediately after receiving it just to make sure there were no unnecessary chargers. Checking for charges is good, but setting up a credit fraud alert may be even better, if not safer.
What is a credit fraud alert? A credit fraud alert can be set initially for 90 days. By providing a telephone number, during that time whenever someone tries to open a new account in your name or extend the credit limit to existing accounts you will be contacted. Don’t worry though, because you can put a code on the account which will lift the alert for legitimate requests that you, a business or a bank is making on your behalf. Extended alerts as well as alerts specifically designed for active duty military.
Extended alerts are recommended in the event that you have been a victim of identity theft or fraud. Those may last up to 7 years. You may also request an additional free credit report when placing an alert on your credit, with access to one free for the 90 alerts and two free available to you for the extended alerts.
Although they are crafted to last for 90 days to 7 years, you can modify or lift your alert prior to the scheduled end date.
Once your receive your credit reports be sure to look for:
accounts you did not apply for or open
information about current accounts that is incorrect (such as change of address or balance)
unexplained outstanding balances, and;
incorrect factual information such as your Social Security Number, names, address or employer.
It’s tax season! Filing your tax return is a less than thrilling activity, and you may be tempted to procrastinate. However, filing early can help reduce the chance that you’ll become a victim of tax-related identity theft.
In recent years, an emphasis on filing tax returns electronically and receiving tax returns via direct deposit has led to an increase in incidences of tax-related identity theft. Many of these cases involve thieves stealing social security numbers and using them to file fraudulent tax returns early on in the season. The thief will set up a bank account to have the money deposited in, and then close the account after receiving the victim’s tax refund. Then, when the victim files his or her real return, he or she will be notified that the IRS has received 2 filings under the same social security number.