Scam of the day – March 12, 2017 – Massive credit card identity theft fraud ring busted

Earlier this week law enforcement officials in Queens, New York arrested thirty people accused of operating a credit card identity theft fraud ring in which they are accused of using the fraudulent credit cards to purchase more than 3.5 million dollars of costly electronics and fashion merchandise that would then be sold and turned into cash.  The indictments name Muhammad Rana and Inderjeet Singh as the kingpins of the scam.

The  primary manner by which they are accused of accomplishing the fraud was through identity theft of personal information of their victims that was then used to set up new credit card accounts.  Particularly in the last year since the implementation of EMV chip credit cards, new account fraud, as indicated by research company Javelin in its 2016 Identity Fraud study, has increased 113% over the previous year.

In this case, the Queens District Attorney is alleging that the criminals obtained the personal information of their victims necessary to establish new accounts  such as their names, dates of birth, current and past addresses, Social Security numbers, bank account information and credit information from one of their co-conspirators who worked at a car dealership where he had access to this information provided by potential car buyers.

TIPS

You are only as secure as the places that have your personal information with the weakest security.  Whenever you provide personal information to any entity, you should inquire as to who has access to this information, how it is stored, how it is protected and the policy for deleting such information when it is no longer needed.

In addition, you should regularly monitor your credit reports to identify incidents of identity theft as early as possible.

Scam of the day – September 7, 2014 – HealthCare.gov hacked

The health care industry in general is responsible for more data breaches than any other sector.  The lack of security throughout the health care industry including hospitals and other providers of health care is a huge problem that is only going to get worse as the computers of health care providers continue to be targeted and the personal data that they contain becomes harvested by hacking identity thieves.  From its inception security issues at HealthCare.gov, the website of the federal government’s health insurance marketplace created pursuant to the Affordable Care Act, commonly referred to as Obamacare have been a source of concern of mine and many other experts in cybersecurity.  Recently, it was disclosed that HealthCare.gov was indeed hacked although, according to government spokesmen no personal information of consumers in the 36 states that use HealthCare.gov was compromised.  However, this is of little consolation to the many people who use HealthCare.gov.

When HealthCare.gov was first launched last October, there were major security concerns about the website and the website was activated even before it met federal standards for security.  Everyone remembers the difficulties that were encountered in the initial use of HealthCare.gov, however, until now, the federal government had not reported any data breaches although Aaron Albright, a spokesman at the Centers of Medicare and Medicaid Services which operates HealthCare.gov admits that there are numerous security weaknesses within the system which could lead to hacking that could result in data breaches including weaknesses with the servers including the continued use of manufacturer’s default passwords which could be easily exploited.  In addition, servers have not been subject to regular security scans.

TIPS

Unfortunately, it is probably only a matter of time before HealthCare.gov is hacked by identity thieves who will steal personal information stored there.  If you have done business with HealthCare.gov, you should regularly monitor all of your financial accounts and you may wish to put a credit freeze on your credit report to prevent someone with access to your personal information from using your credit to make large purchases in your name.  You can find instructions as to how to put a credit freeze on your credit reports on the right hand side of this page.

Scam of the day – July 4, 2014 – Butler University data breach

Butler University has become the latest school to disclose that their computers had been hacked and personal information including Social Security numbers of 163,000  students, faculty, staff, former students and even people who merely applied to the school was compromised. This is just the latest instance of a college or university being hacked.  It also is another breach in which the university still maintained personal information in its data banks on former students, and in this case, mere applicants although the university had absolutely no reason to maintain Social Security numbers for such people.  As I have told you many times previously, you are only as safe as the places with the weakest security that hold your personal information.

TIPS

If you have ever had any contact with Butler University I urge you to contact the school and not wait to be notified in order to learn if you were affected by this latest data breach.  The University’s assistance line is available Mondays through Fridays between 9:00 a.m. and 7:00 p.m.  The telephone number is 888-414-8021 and you should use the reference number 8867061014.   I also urge you to put a credit freeze on your credit report so that even if someone has access to your Social Security number, they will not be able to access credit in your name.  With so many places with weak security  holding personal information including Social Security numbers on all of us, I urge everyone to consider putting a credit freeze on your credit report.  You can find directions how to do it by going to the Scamicide archives.

CREDIT FREEZE

A credit freeze is, as the name implies, a freezing of your credit report at your request whereby no one can have access to your credit report even if they have your Social Security number and other personal information about you.  You control access to the credit report through a special PIN that you choose.   Thus, even if someone was able to steal your Social Security number, they could not parlay that into access to your credit report to be  able to purchase things or set up accounts using your name.  If you need to thaw out your credit report at such times as you want to apply for credit in the future, it is an easy procedure to do so using your PIN; then, after your new credit has been established, you can freeze your credit report again.

Here is a link to Consumers Union’s webpage that describes the credit freeze laws for each individual state.  Because the laws differ from state to state, you should check on the laws for your own particular state when putting on a credit freeze because the costs differ from state to state.  http://defendyourdollars.org/document/guide-to-security-freeze-protection

Having your credit frozen will not affect your ability to get your annual free credit reports from each of the three major credit-reporting agencies Equifax, Experian and TransUnion.  It is important to put a credit freeze on your credit report at each of the three major credit reporting agencies.  Here are the links to each of them where you can go to freeze your credit.

Equifax  https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp

TransUnion:  https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp

Experian   https://www.experian.com/freeze/center.html

Scam of the day – August 20, 2012 – Insider bank scam

This past week Julian Okeayaninneh and Olugbenga Adeniran were sentenced to federal prison in regard to scams and identity theft related to information taken from many banks including JP Morgan Chase Bank, TCF Bank, US Bank and Wachovia Bank that resulted in identity theft losses of fifty million dollars.  The information was obtained for the convicted identity thieves by corrupt employees at these banks.

TIPS

Despite your best efforts to protect your personal data, you can always become a victim of identity theft due to the negligence of companies that hold your personal data or even when despite the best efforts of these companies, their data banks become compromised.  Always review your bank statements and credit card statements carefully every month to identify any irregularity and review your credit report at least annually to make sure you have not become a victim of identity theft.  Setting up  a credit freeze of your credit report is also a good preventative action to take.

Scam of the day – August 15, 2012 – Voter registration scam

With the presidential election season in high gear, it is not surprising that identity thieves and scam artists are taking advantage of this to scam people out of their money.  One of the more common identity theft schemes involves a call from your city or town clerk verifying your registration as a voter.  In order to do this, you are told that you need to provide your Social Security number.  Once you have done this, you have handed the identity theft all he or she needs to steal your identity and obtain credit in your name.

TIPS

Never give your Social Security number to anyone whom you have not called and does not absolutely need it.  Your city or town clerk will never call you to confirm your Social Security number for purposes of verifying your voter registration.  If you have a question about your voter registration, contact directly your city or town clerk at a telephone number that you know is correct.  You also may wish to put a credit freeze, which is described elsewhere in this website/blog on your credit report to prevent access to your credit report and your credit even if someone is able to get your Social Security number.

Scam of the day – August 1, 2012 – Data breach at the Wisconsin Department of Revenue

For the fourth time in the last six years, the Wisconsin Department of Revenue has negligently released personal information on Wisconsin taxpayers putting them at serious risk of identity theft.  This time the Wisconsin DOR put up on its website a report of real estate property sales from 2011, but included for all the world to see 110,795 Social Security numbers of people involved in those transactions.  The state is offering free credit monitoring to those people whose Social Security numbers were released, but that is of little consolation when you consider the shoddy information security practices of the Wisconsin Department of Revenue.

TIPS

The Wisconsin Department of Revenue is not the only transgressor when it comes to inadqeuate data security and unfortunately, your own personal security is only as safe as the  company or agency that holds your data with the weakest security measures in place.  The best place to look for a helping hand is at the end of your own arm so you should proactively consider protecting your credit report with a credit freeze so that even if someone obtains your Social Security number they cannot get access to your credit report for a large purchase.  You should also limit the places to which you give your personal information as much as possible and always inquire as to their security practices.

Scam of the day – July 21, 2012 – LinkedIn class action

Following up on the “scam of the day” of July 13th which dealt with data breaches at Yahoo, LinkedIn and others, you should be aware of a class action that has been filed in the U.S. District Court for the Northern District of California on behalf of all LinkedIn users.  According to the lawsui,t LinkedIn violated its own user agreement as well as industry standards by not fully encrypting its users’ personal information and by failing to store that information on separate servers from users’ passwords.  Additional allegations of lax security were also made.  I will keep you informed as to the progress of this class action.

TIPS

Don’t merely depend on the companies with which you do business to protect your personal information.  You should do the best you can to keep your information secure online.  Don’t store your credit card numbers on the websites of companies with which you do business online.  Put a credit freeze on your credit report to keep it safe even if a company with your information is hacked.  Don’t give out your Social Security number unless you absolutely must and use different and complex passwords for every company with which you do business online so that if one company is hacked, the identity thief does not have your password for everywhere else.

Scam of the day – July 13, 2012 – Yahoo data breach and how to protect yourself

Data breaches are a fact of modern digital life.  This week hundreds of thousands of Yahoo users had their usernames and passwords stolen from one of their databases and just within the past month social network sites Formspring and LinkedIn had their databases hacked into resulting in the loss of personal information of millions more people.  It is important to remember that your own personal security is only as safe as the company with the weakest security that holds your information.  But there are things you can do to protect yourself.

TIPS

Do not give your Social security number to companies that request it unless you truly legally must do so.  Your Social Security number is the key to identity theft and can provide access to to your credit report which in turn can provide an identity thief with access to your credit.  Use complex passwords and use different passwords for each of your accounts so that if a breach occurs, not all of your accounts are in jeopardy.  It is easy to pick  a passowrd with numbers and letters and just vary it slightly from account to account.  Put a credit freeze on your credit report so that even if someone gets your Social Security number and name, they cannot get access to your credit report. With a credit freeze, you credit report can only be accessed through a PIN that you keep private.

What is Medical Identity theft?

Medical identity theft occurs when your medical insurance information becomes compromised.  The effects can be tremendously harmful.  In addition to the usual damage to your credit for unpaid bills, your medical records may become tainted with the faulty medical information of the identity stealing patient.  Your own health care can be jeopardized by receiving improper treatment based upon the medical information of the identity thief that appears on your record.  And as difficult as credit reports are to correct following an identity theft, correcting medical records can be next to impossible due to medical privacy laws.

TIP

Always review your medical insurance bills carefully to uncover any evidence of medical identity theft as quickly as possible.  Ask your physicians what there policy is for data protection as much of medical identity theft has been as the result of an inside job.