Security & Identity Theft
Identity Theft News
Kansas Attorney General Warns of Current Telephone Scam
How Not to Get Hooked by a ‘Phishing’ Scam
Check Your Credit Report for Activity
Protect Your Accounts
Children the Newest Victims of ID Theft
New Law Offers Help Preventing Identity Theft
Identity Theft Risk When Searching for Jobs Online
Attorney General Phil Kline warned Kansans of a phone scam that is targeting residents throughout the state, especially the elderly.
The scam begins with a phone solicitation promising $200 worth of gasoline vouchers that can be used at local gas stations. In exchange for the vouchers, Kansans are asked to provide a processing fee of $3.95 that is to be drafted directly from their checking account. With that information, the caller is then able to remove all funds from the account.
To date, there have been reports of the attempted scam in Olathe, Paola, Louisburg, LaCygne, and Osawatomie.
Kansans who have not already done so should register their home and cell phone numbers on the Do Not Call list by calling 888-382-1222. While such registration will not stop con artists from calling, you can be sure that once you are on the No-Call list, "cold calls" to sell you something are not from legitimate, law-abiding companies.
Kansans who believe that they have been victimized by this or any other scam should notify Attorney General Phill Kline's Consumer Protection and Antitrust division at 1-800-432-2310.
Internet scammers casting about for people’s financial information have a new way to lure unsuspecting victims: They go “phishing.”
Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.
According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with – for example, your Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message directs you to a Web site that looks just like a legitimate organization’s site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
- Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
If you think your identity has been stolen, contact the fraud departments of the three major credit bureaus to request a copy of your credit report and have a fraud alert placed on your credit file. You should contact each of the credit bureaus because some credit companies only report to one bureau.
A copy of your credit report will cost about $9.00 each. However, you are entitled to a free report if:
- Your report is inaccurate because of fraud
- You’re on welfare
- You’re unemployed and plan to look for a job within 60 days
- You’ve been denied credit, insurance or employment and request a report within 60 days of the denial
Each credit reporting company has different procedures and time frames for fraud alerts. Verify their procedures and time frames when contacting them.
|Initial Fraud Alert|
|Source: Federal Trade Commission, http://www.consumer.gov/idtheft/index.html|
The new Fair and Accurate Credit Transactions Act goes into effect December 1, 2004. As a result of the legislation, each person can receive one free credit report a year from the credit bureaus. People living in the Midwest may request their free credit report in March 2005.
If you suspect that your identity has been stolen or that you might be at risk, there are steps you can take that will provide additional security for your existing accounts.
For accounts that haven’t been defrauded, contact the account holder and request password protection on the account. Do not use your mother’s maiden name, your pet’s name or any other personal information. The most secure passwords contain a mix of letters, numbers and symbols. If the institution is unable to offer password protection for your accounts, you may want to consider closing the account and switching to another institution.
Credit Monitoring Service
Some people opt for a credit monitoring service. For a fee, the service monitors credit reports for activity and alerts customers about changes. Many of the services monitor only one reporting agency; if a creditor doesn’t use that particular agency, the activity will be missed. If you’re considering hiring a credit monitoring service, compare several services and carefully review the contracts. Check the Better Business Bureau for complaints filed against the company.
Shred Unneeded Documents
Finally, invest in a cross-cut shredder and use it to destroy pre-approved credit offers, old records and other items that contain personal information—even old utility bills can provide information valuable to identity thieves. Available at office supply stores and major retail stores for about $40, cross-cut shredders do a better job of completely destroying information than strip shredders. Strip shredders leave long paper bands that can be reassembled.
For more information on protecting your accounts, visit Consumer Reports, which offers free information on their Web site.
Identity theft has taken an ugly twist – crooks are stealing the identities of children. Along with pristine credit records, thieves get plenty of time to commit their crimes and move on. It usually isn’t until a child gets his drivers license or fills out a college application, which can be a decade or more after the theft, that the crime comes to light.
Identity theft is growing fast. The FTC reports receiving more than 3,000 calls each week via its identity-theft hotline, up from 285 in 1999. While child ID theft makes up 2 percent of cases, law enforcement officials fear that it will grow rapidly as criminals look for new victims.
An identity thief might be someone who works at a health clinic or school that has records with the child’s personal information. Sadly, it’s often a family member or close friend with access to the victim’s Social Security number or birth certificate.
Children shouldn’t receive credit card applications or telemarketing calls, because those lists usually come from existing credit records. Also, parents should be wary of anyone close to the child who suddenly comes into money. If you suspect that id theft has taken place, request a report from one the credit bureaus to see if there has been activity under your child’s social security number.
Parents can take several steps to protect their children’s information:
- Be stingy. Does the T-ball coach really need a SSN?
- Never carry your child’s Social Security card with you.
- Shred anything that has your child’s SSN on it before throwing it away.
- Always used secure mailboxes to send and receive mail.
If identity theft has occurred, parents should file a report with the police. To report Social Security fraud, contact the Social Security Administration at (800) 269-0271. Parents can also file a complaint with the Federal Trade Commission Identity Theft Clearinghouse at 877-ID-THEFT (438-4338). The credit reporting bureaus can be contacted at: Equifax (800) 525-6285, Experian (888) 397-3742, and Trans Union (800) 680-7289.
Consumers have a new law that protects their financial privacy and fights identity theft. The Fair and Accurate Credit Transactions Act, signed into law by President Bush in December 2003, has a number of provisions that offer early warning of identity theft and offer victims additional tools for resolving cases of identity theft. According to the Federal Trade Commission, 9.9 million people were identity theft victims in 2002, costing them $5 billion out-of-pocket to clear up their cases.
Under the new federal law, consumers will be able to:
- Obtain one free credit report every year from each of the three national credit bureaus
- Be notified prior to a merchant reporting a delinquent payment to the credit bureaus
- Make one call to report identity theft to all three credit bureaus
- Restrict how sensitive information is shared between businesses
- Get records of fraudulent charges if the consumer is a victim of identity theft
- Provide an identifying phone number to the credit bureaus once a fraud alert has been placed on a credit report to verify the consumer’s identity and make sure they are not further victimized
In addition, the law requires businesses to verify that a consumer actually incurred a debt in question before turning their case over to a collection agency. A call or letter from a bill collector is often the first indication to a consumer that his identity has been stolen. This new requirement should provide consumers early warning that a fraudulent account has been opened in their name.
This law is the first to create national safeguards against identity theft, and it pre-empts most state laws on the subject. Even with these new protections, it is still important to use common sense prevention, such as shredding documents containing sensitive personal information and keeping your Social Security number confidential. For more information on preventing or dealing with identity theft, visit the Federal Trade Commission’s Web site, Deter. Detect. Defend. Avoid ID Theft.
If you’re searching for a job using online recruiting sites, beware of phony job listings posted in an effort to steal your personal information. Identity thieves, posing as employers, respond to resumes by leading a job seeker to believe that they are about to be offered a position. The applicant is then told they must first pass a “background check” requiring personal data such as Social Security and checking account numbers. The thieves can then open credit cards and take out loans with the information they have obtained.
Jill Pletcher, director of Career Services at Wichita State University, helps hundreds of WSU graduates each semester find jobs. She suggests double-checking the validity of job listings by visiting a company’s web site before applying through services like Monster.com. She also recommends that applicants double-check company contact information. “It’s always to the candidate’s advantage to call the company to verify name spelling and addresses,” says Pletcher. That allows you to verify that the contact person works there and that information you’ve been given matches the company’s.
You should also protect other information, such as your e-mail address. “Since e-mail addresses are so readily available through companies like Hotmail and Yahoo, create an e-mail address expressly for the job search,” says Pletcher.
While most online job listings are legitimate, exercise caution by following these guidelines to help prevent you from becoming a victim of identity theft:
- Don’t include Social Security number or date of birth on your resume.
- Don’t include your home address or phone number on public postings of your resume.
- Don’t agree to background checks before confirming the validity of the company you are dealing with.