Posts Tagged: ‘credit freeze’

Scam of the day – June 27, 2016 – Why you should have a credit freeze

June 27, 2016 Posted by Steven Weisman, Esq.

Regular readers of Scamicide are probably familiar with credit freezes, but it is important to remind everyone about the benefits of this tool that is simply the best thing you can do to protect yourself from identity theft.  A credit freeze is, as the name implies, is a freezing of your credit report at your request whereby no one can have access to your credit report even if they have your Social Security number and other personal information about you.  You control access to the credit report through a special PIN that you choose.   Thus, even if someone was able to steal your Social Security number, they could not parlay that into access to your credit report and use it to purchase things or set up accounts using your name.  If you need to thaw out your credit report at such times as you want to apply for credit in the future, it is an easy procedure to do by using your PIN; then, after your new credit has been established, you can freeze your credit report again.

Here is a link to the National Conference of State Legislature’s webpage that describes the credit freeze laws for each individual state.  Because the laws differ from state to state, you should check on the laws for your own particular state when putting on a credit freeze because the costs differ from state to state.  http://www.ncsl.org/research/financial-services-and-commerce/consumer-report-security-freeze-state-statutes.aspx

The credit reporting bureaus and many of the companies offering identity theft protection services advise people to put a fraud alert on their credit reports at each of the three major credit reporting agencies, Experian, Equifax and TransUnion, if you think you are in danger of identity theft rather than use a credit freeze. With a fraud alert in place, you are supposed to be notified if anyone attempts to open a new account or access credit in your name, which sounds like a good thing and it would be if it weren’t often ignored by businesses opening new accounts or granting credit in your name by identity thieves.

And what is the penalty, you might ask for a company failing to contact you before granting someone credit if you have a fraud alert on your credit report? Zero. Zilch. Nada. There is absolutely no penalty whatsoever if a company chooses to ignore a fraud alert and fails to notify you when someone attempts to open a new account using your name.  So why do credit reporting agencies recommend that people use fraud alerts to protect themselves from identity theft?  The answer is simple. The credit reporting agencies make billions of dollars by selling your information to banks and other companies. With a fraud alert in place, they can continue to sell your information however, if you have a credit freeze in place, they cannot sell your information. With a credit freeze in place, even an identity thief who already has your Social Security number will not be able to access your credit reports to use your credit to make purchases or open accounts in your name.

This is important because before opening new accounts, most companies will do a credit check of the applicant. With a credit freeze in place, a credit check cannot be done and consequently an identity thief will be prevented from opening new accounts

Having your credit frozen will not affect your ability to get your annual free credit reports from each of the three major credit-reporting agencies Equifax, Experian and TransUnion.  It is important to put a credit freeze on your credit report at each of the three major credit reporting agencies.  Here are the links to each of them where you can go to freeze your credit.

Equifax  https://www.freeze.equifax.com

TransUnion:  https://transunion.com/securityfreeze

Experian   https://www.experian.com/freeze/center.html

Scam of the day – April 18, 2016 – New York identity theft ring busted

April 17, 2016 Posted by Steven Weisman, Esq.

New York police recently indicted twelve people from Brooklyn and Queens, charging them with an intricate identity theft conspiracy by which they are alleged to have leveraged easily obtained personal information to obtain credit cards in their victims’ names.  They are then alleged to have used these cards to go on shopping sprees at stores, such as Barneys New York, Saks Fifth Avenue, Louis Vuitton and the Apple Store where they purchased expensive items that they could turn into cash on the black market.

One of the more disturbing element of this identity theft ring is that they obtained enough personal information from public data bases and companies that search those data bases for you to apply for credit cards in the names of their victims.  They also made counterfeit IDs to provide when they purchased items.  Other times they were able to merely add their names to existing accounts.  They also used the fraudulent credit cards to activate “Apple Pay” on their iPhones so they didn’t even have to provide a credit card when making purchases.  After the cards were ordered from the credit card issuers, they would have a member of the ring wait at the address where the cards were to be delivered to intercept the delivery.  They also were able to avoid credit card company fraud alert telephone calls inquiring about suspicious purchases by having their victims’ telephone numbers forwarded to phones they controlled.

TIPS

The ease with which the alleged criminals were able to obtain sufficient personal information in order to obtain credit cards in the names of their victims and forward their victims’ telephone calls points out the importance of companies taking stronger measures to protect our personal information and require more comprehensive security to confirm that they are not dealing with identity thieves.  The best thing that we as consumers can do to protect ourselves from this type of crime is to put a credit freeze on your credit report so that credit cards cannot be obtained in your name without your specific authorization.  For more information about how to put a credit freeze on your credit reports,  go to the section entitled “Search this Website” at the top of this Scamicide page and type in “credit freeze.”

Scam of the day – January 2, 2016 – New law to protect children from identity theft

January 2, 2016 Posted by Steven Weisman, Esq.

North Carolina became the latest state to enact a law providing for credit freezes for children to protect against child identity theft. Unfortunately, less than half of the states provide this much needed protection of minors from identity theft.  This is important because in recent years, children have been a prime target of identity thieves who, if they are able to get identifying information on a child such as the child’s Social Security number, can open a credit report on behalf of the child and obtain credit in the child’s name.  The identity thief never pays back the money accessed through the child’s credit and the child is burdened with a bad credit report that can have a deleterious effect on the child when he or she applies for credit, applies for a job, applies for a scholarship or applies for an apartment.

TIPS

If you live in North Carolina, you should go to the website www.ncdoj.gov/creditfreeze for information about how to put a credit freeze on credit reports of your children.  If you live in one of the other states that have similar laws, take advantage of the law, set up a credit report for your children and immediately freeze the account. And while you are at it, you should also freeze your own credit reports as your best precaution against identity theft. For information about how to put a credit freeze on your own credit reports go to the Search This Website section of Scamicide at the top of the page and type in “credit freeze.”  If your state does not have such a law, let your state legislators know that you want them to pass such a law.  I am proposing such a law in my own home state.  Also, as much as possible try to limit the places that have your child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and lets you opt out of information sharing by the school with third parties.  Finally, the security company AllClear ID (www.allclearid.com) provides a free service called ChildScan which not only searches credit records tied to your child’s Social Security number, but also checks employment records, criminal records and medical records to recognize at an early stage if your child has become a victim of identity theft.

Scam of the day – December 15, 2015 – A million OPM data breach victims still not notified

December 15, 2015 Posted by Steven Weisman, Esq.

As you all know by now and as I first reported to you in 2014 and again last summer, the federal Office of Personnel Management (OPM) was hacked by Chinese hackers who stole personal information of more than 21 million present and former federal employees as well as non-employees whose information was gathered by the OPM during the course of background investigations of federal employees.  In October, the OPM began notifying victims of the massive data breach about the identity theft protection services the government will make available to them for the next three years.  The notification process is now completed, but unfortunately 1.5 million people who were affected by the data breach have not been contacted because the OPM no longer has current addresses for these people.     No email notices were sent or are planning to be sent by OPM so if you get an email that purports to be from the OPM, it is a scam.   The federal government has chosen Identity Theft Guard Solutions to provide  three years of identity theft protection to victims.

TIPS

If you believe you were possibly a victim of the OPM data breach, but have not yet received a letter from the OPM informing you about your options, you can go to the OPM’s special website to verify that you were a victim and to obtain a PIN to use in order to apply for identity theft protection services offered by Identity Theft Guard Solutions.  You also can call the OPM at 866-408-4555 to find out if you were a victim.

It is important to remember that no identity theft protection company can prevent you from becoming a victim of identity theft.  The best they can do is notify you earlier that you have become a victim.    In fact, the OPM is offering these services a year after the data breach actually occurred so the danger of identity theft has increased.   None of the identity theft protection companies help you with the one best step you can take to protect yourself from identity theft which is to put a credit freeze on your credit report.  With a credit freeze on your credit report, even if someone has your personal information including your Social Security number, they cannot access your credit report for purposes of gaining credit or loans in your name.  You can find information about how to put a credit freeze on your credit reports at each of the three major credit reporting agencies by going to the Archives section of Scamicide and putting in the words “credit freeze.”

Scam of the day – December 12, 2015 – Georgia voters at risk of identity theft

December 12, 2015 Posted by Steven Weisman, Esq.

Not all data breaches are caused by hackers breaking into the computers of companies and governmental agencies in an effort to steal personal information that can be used for purposes of identity theft.  Sometimes the data breaches that expose personal information of people involved with companies and governmental agencies occurs due to the negligence of those holding the information.  This, however, is of little consolation to those people whose personal information has been exposed and made available to people who can then use that information for purposes of identity theft.  In October the Georgia Secretary of State’s office mistakenly distributed CDs containing personal data including Social Security numbers and birth dates on 6.2 million registered voters to twelve organizations that regularly purchase voter lists maintained by the Secretary of State.  Among the groups receiving the CDs were state political parties, news media organizations and Georgia GunOwner Magazine.  An investigation is ongoing as to how this occurred.  The Secretary of State has indicated that all twelve CDs have been retrieved, but at this time, no one knows who may have gotten access to the personal information contained on those CDs before they were retrieved.  Now Georgia Secretary of State Brian Kemp has announced that those affected voters will be provided with a year of free credit and identity theft monitoring services through CSID services.  Those people affected by the data breach will be able to sign up for these services within the next few weeks.

TIPS

If you are a registered voter in Georgia, you can contact the Secretary of State’s office for updated information about the data breach and what you can do to protect yourself from identity theft by calling the Secretary of State’s office at 404-654-6045.  A link to CSID’s website where affected people can sign up for credit and identity theft monitoring services will be provided on the Secretary of State’s website www.sos.ga.gov as soon as the services are available.  Meanwhile, if you are a registered voter in Georgia and therefore in danger of identity theft due to this information being distributed, you should consider putting a credit freeze on your credit report at each of the three major credit reporting agencies as a proactive measure that will provide you with greater protection from identity theft than you will get from credit and identity theft monitoring services.  Go to the archives of Scamicide and type in “credit freeze” for information as to how to set up a credit freeze on your credit reports.

Scam of the day – December 9, 2015 – Is the letter you received from OPM real or a scam?

December 9, 2015 Posted by Steven Weisman, Esq.

As you all know by now and as I first reported to you in 2014 and again last summer, the federal Office of Personnel Management (OPM) was hacked by Chinese hackers who stole personal information of more than 21 million present and former federal employees as well as non-employees whose information was gathered by the OPM during the course of background investigations of federal employees.  In October, the OPM began notifying victims of the massive data breach about the identity theft protection services the government will make available to them for the next three years.  The notification process is taking about three months with many notification letters only recently having been sent.  I have been contacted by clients of mine inquiring as to whether the notices they received are real.   It is important to remember that the official notice is only being sent by regular mail.  No email notices will be sent so if you get an email that purports to be from the OPM, it is a scam.   The federal government has chosen Identity Theft Guard Solutions to provide  three years of identity theft protection to victims. In the notification letter you are urged to contact the OPM’s security website to enroll in the free identity monitoring program and you are provided a PIN to use in order to enroll.

Identity thieves have been copying the letter and changing the website address where you are directed to go to enroll in the identity theft protection services, directing people to a phony website where they will be prompted to provide personal information purportedly to enroll in the program.  If you provide personal information to these scammers, you will end up a victim of identity theft.  Here is a link to the official website for enrolling in the credit monitoring services being offered by the OPM:  https://www.opm.gov/cybersecurity/#Services

Once there you will be prompted to input your PIN and only the last four digits of your Social Security number.

TIPS

If you were a victim of the OPM data breach, you should be on the lookout for a notification letter with information about how to apply for benefits under the program.  The OPM is only notifying people by regular mail.  If you have been notified by email, text message or telephone, the notice is a scam and you should ignore it.  Even if you receive a letter, you should make sure that the web address you go to is accurate.  For convenience, you can use the web address I have indicated above.  In any event, remember, the legitimate website will not ask for your complete Social Security number.  It is important to remember that no identity theft protection company can prevent you from becoming a victim of identity theft.  The best they can do is notify you earlier that you have become a victim.    In fact, the OPM is offering these services a year after the data breach actually occurred so the danger of identity theft has increased.   None of the identity theft protection companies help you with the one best step you can take to protect yourself from identity theft which is to put a credit freeze on your credit report.  With a credit freeze on your credit report, even if someone has your personal information including your Social Security number, they cannot access your credit report for purposes of gaining credit or loans in your name.  You can find information about how to put a credit freeze on your credit reports at each of the three major credit reporting agencies by going to the Archives section of Scamicide and putting in the words “credit freeze.”

U.S. PIRG report on credit freezes

November 29, 2015 Posted by Steven Weisman, Esq.

Regular readers of Scamicide know that I am a strong advocate of everyone getting a credit freeze on their credit reports at each of the three major credit reporting agencies. It is the simplest and best defense you have against identity theft.  Here is a link to an excellent report by U.S. PIRG about credit freezes entitled “Why You Should Get Security Freezes Before Your Information is Stolen.  I urge you to read it.  It has a lot of helpful information including information about how to put a credit freeze on your credit reports.

http://uspirg.org/sites/pirg/files/reports/USPIRGFREEZE_0.pdf

Steve Weisman’s latest USA Today column

October 17, 2015 Posted by Steven Weisman, Esq.

Here is a link to Steve Weisman’s latest column for USA Today entitled “Why You Should Have a Credit Freeze.”  http://www.usatoday.com/story/money/columnist/2015/10/17/weisman-credit-freeze/73383650/

Scam of the day – October 12, 2015 – Most data breaches not caused by hacking

October 12, 2015 Posted by Steven Weisman, Esq.

With the news constantly filled with stories of major data breaches such as last week’s disclosures of data breaches at Experian, Trump Hotels and Scottrade, it would be easy to come to the conclusion that hackers planting keystroke logging malware in the computers of their targeted victims would be the primary source of data breaches.  However, that conclusion is wrong.  According to a just released study done by the security firm Trend Micro, using data compiled by the Privacy Rights Clearinghouse, while 25% of the data breaches indeed were attributed to malware planted by hackers, 41% of the data breaches were attributable, according to the report, to the loss of “sensitive information stored on employees’ laptops, mobile devices, and thumb drives.”  Further complicating the problem is the fact that often the information contained on these devices was unencrypted, which should come as no surprise to those who remember the 2006 data breach at the Department of Veterans Affairs in which unencrypted personal information including Social Security numbers of more than 26 million present and former military personnel was stolen through the theft of a laptop from the home of a VA data analyst.

TIPS

Once again, the lesson is that regardless of how careful you are to protect the privacy of your personal data, you are only as safe as the companies and agencies with the weakest security that hold your personal information.  Therefore, it is not a matter of if you will become a victim of a data breach, it is a matter of when.  Knowing this it is important to first, as much as you can, limit the places that have your personal information.  Many times you are asked for such information by companies without a need for that information.  Your physician does not need your Social Security number.  When possible, refuse and offer another form of identification, such as your driver’s license number.  Second, you should be prepared for the inevitable data breach and put a credit freeze on your credit reports at each of the three major credit reporting agencies so that even if someone does obtain your personal information, they cannot use that information to get access to your credit report and run up debts in your name.  Putting a credit freeze on your credit reports is the simplest and best protection you can have against identity theft.  To learn more about how to put a credit freeze on your credit reports, go the archives of Scamicide and type in “credit freeze.”