Posts Tagged: ‘Identity Theft’

Scam of the day – October 2, 2016 – Another state enacts child identity theft law

October 2, 2016 Posted by Steven Weisman, Esq.

Ohio became the latest state to enact a law providing for credit freezes for children to protect against child identity theft. Unfortunately, less than half of the states provide this much needed protection of minors from identity theft.  This is important because in recent years, children have been a prime target of identity thieves who, if they are able to get identifying information on a child such as the child’s Social Security number, can open a credit report on behalf of the child and obtain credit in the child’s name.  The identity thief never pays back the money accessed through the child’s credit and the child is burdened with a bad credit report that can have a deleterious effect on the child when he or she applies for credit, applies for a job, applies for a scholarship or applies for an apartment.  Often the identity theft is not discovered until years after it first happens which makes it more difficult to remedy.  A credit freeze is a tremendous tool for fighting identity theft because it prevents an identity thief who even has your Social Security number from accessing your credit report for purposes of establishing credit in your name. Unfortunately, the credit reporting agencies do not generally permit credit freezes for minors except in those states, such as Ohio that have required them to do so by law.


If you live in Ohio and have minor children, you should contact each of the three major credit reporting agencies, Equifax, Experian and TransUnion in order to freeze your child’s credit.  If you live in one of the other states that have similar laws, take advantage of the law, set up a credit report for your children and immediately freeze the account. And while you are at it, you should also freeze your own credit reports as your best precaution against identity theft. For information about how to put a credit freeze on your own credit reports go to the Search This Website section of Scamicide at the top of the page and type in “credit freeze.”  If your state does not have such a law, let your state legislators know that you want them to pass such a law.  I am proposing such a law in my own home state.  Parents should, as much as possible, try to limit the places that have their child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and lets you opt out of information sharing by the school with third parties.  Finally, the security company AllClear ID ( provides a free service called ChildScan which not only searches credit records tied to your child’s Social Security number, but also checks employment records, criminal records and medical records to recognize at an early stage if your child has become a victim of identity theft.

Scam of the day – October 1, 2016 – New California law regarding debt collectors and identity theft

October 1, 2016 Posted by Steven Weisman, Esq.

One of the many disturbing aspects of identity theft occurs when an identity thief abuses your credit and you are both hounded by a debt collector attempting to collect payment for a debt you never incurred and this negative information gets reported on your credit report at each of the three major credit reporting agencies, Experian, TransUnion and Equifax.  Your credit report does not only have a significant affect on whether you are going to be granted credit, but the information contained in your credit report is also used by employers in determining whether to hire you, by insurance companies in determining whether to sell you insurance and numerous other purposes.  A big problem for many people continues to be clearing up your records when you become a victim of identity theft.  Now, California has just passed a new law entitled the “Identity Theft Resolution Act” which will go into effect on January 1, 2017.  This new law amends a former law and requires debt collectors who receive a police report or other similar documentation from someone reporting that they are a victim of identity theft to start an investigation within ten days regarding the claimed identity theft.  The new law also requires the debt collectors to notify the credit reporting agencies about the claim of identity theft and upon concluding its investigation, the debt collector must send the results of the investigation to the credit reporting agencies within ten days.  If the investigation indeed confirms that identity theft occurred and the victim did not incur the debts that appeared in his or her name, the debt collectors and the credit reporting bureaus are required to delete those claimed debts from identity theft victim’s records.


This law is a great step in the right direction and it is hoped that more states will follow the lead of California and pass similar legislation.  It also emphasizes the importance of what I have said for a long time, namely that if you become a victim of identity theft, you should promptly file a police report to document the crime even if you have little expectation that the identity thief will ever get apprehended.

If you do become a victim of identity theft, go to the tab at the top of this page entitled “If you are a victim of identity theft” for detailed steps to take.

Scam of the day – September 13, 2016 – Phony Hillary Clinton video contains malware

September 12, 2016 Posted by Steven Weisman, Esq.

A common way that hackers manage to trick people into downloading malware used to steal the information from your computer or smartphone and enable them to make you a victim of identity theft is to send the malware disguised as an attachment for a video of something of great interest to many people.  It may be something related to a celebrity, such as purported nude videos or it may be of an event in the news, such as a video purporting to show formerly unavailable footage of, for instance, the shootings in the Orlando nightclub.  The presidential election is tremendous fodder for people seeking videos of candidates in compromising situations and scammers are taking advantage of this with malware attached to emails promising to provide newsworthy events. Such is the situation, as reported by computer security company Symantec, with an email presently circulation promising that the attached video shows Hillary Clinton accepting money from an ISIS leader in 2013.  In addition to being a totally outrageous accusation not based in any fact, the email is fraught with poor grammar.  However, that is not stopping some people who are clicking on the link and unwittingly downloading malware that can result in their becoming a victim of identity theft.


Regardless of who sends you an email or a text message with a link attached, you should never click on the link until you have confirmed that the communication is legitimate.  Even if the message appears to come in the email or text message from a trusted friend, you can’t be sure that your friend has not had his email or smartphone hacked and used by a scammer to spread malware.  You should have security software on all of your electronic devices including your computer and smartphone and make sure that you keep your security software up to date with the latest security patches, but you cannot totally rely on that software to protect you from all malware dangers because it generally takes the software security companies about a month to catch up with the latest strains of malware.  Finally, in regard to communications promising startling videos or pictures of celebrities or newsworthy events, you should be particularly skeptical as to their authenticity.   Instead, it is better to rely on legitimate news sources that you can trust to be safer and more accurate.

Scam of the day – August 13, 2016 – Healthcare worker convicted of identity theft

August 13, 2016 Posted by Steven Weisman, Esq.

Data breaches at hospitals and other health care providers are a major problem.  The Ponemon Institute’s study of the health care industry this year found 90% of health care organizations suffered data breaches during the last two years including the massive data breach at Anthem.  However, often overlooked is the fact that not all data breaches are caused by outside attacks.  Many of them are caused by rogue employees with access to data that they steal and then sell to others or use themselves for purposes of identity theft.  Recently Alana Wells a health care worker in Alabama pleaded guilty to stealing patients’ names, dates of birth and Social Security numbers and then using them with her co-conspirators for purposes of income tax identity theft by which they filed phony tax returns using the names and Social Security numbers of their victims’ seeking fraudulent tax refunds.  Sentencing will occur later this year and she faces a sentence of up to seven years in prison.


Apart from the lesson that employers must do a better job of protecting the data they hold from rogue employees, which admittedly is a difficult job, one thing we as consumers should do is recognize that this problem occurs everywhere and consequently, whenever possible, we should limit the amount of personal information we give any company or institution with which we do business to the minimum amount necessary.  When it comes to hospitals and health care institutions, despite the fact that they routinely ask for your Social Security number, they have no true reason to use it as an identifier. When asked, suggest another number such as your driver’s license.

Scam of the day – August 12, 2016 – Important Microsoft security patches and updates

August 12, 2016 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.    Microsoft recently issued a large number of security patches necessary to fix critical vulnerabilities in software such as Internet Explorer, Edge and Office. The particular vulnerabilities being patched with these updates will protect users from being hacked when they merely visit a tainted website.  Other of the patches will fix  problems with how Windows, Office and Skype handle specific types of fonts such that hackers could exploit this vulnerability to take control of the victim’s computer if the victim views files with certain fonts or by visiting a malicious website.


Here is the link to the recent Microsoft security updates:

Scam of the day – July 26, 2016 – Real estate closing scam

July 26, 2016 Posted by Steven Weisman, Esq.

On January 20th’s Scam of the day, I first told you about an intricate email scam targeting people involved in the sales of residential real estate that has increased over the past year both in the United States and the UK.  I mention it again today because of recent reports of this scam occurring in the small town of Dewey Oklahoma where Lacey Monday became a victim of the scam.  The scam begins with the hacking into the email account of one of the parties involved with a residential real estate conveyance.  This can be either the buyer, seller, lawyers, title company, real estate agent or banker.  In Lacey Monday’s case it was her title company whose email was hacked.  Unfortunately, hacking into email accounts is a relatively easy thing for a skilled identity thief to do.  The hackers then monitor the communications regarding the progress of the sale of a particular piece of real estate and when the time is right,  generally posing as one of the lawyers, title company or bank mortgage officer, the scammer will email the buyer, telling him or her that funds necessary to complete the sale need to be wired to the phony lawyer’s, title company’s or banker’s account provided in the email.  Everything appears normal so unsuspecting buyers too often are wiring the money to the cyberthieves who then move the funds from account to account to make it difficult to trace the funds.  In Lacey Monday’s case, she lost $25,000 to this scam.  The fact that this scam can occur in small towns as well as large cities show how these types of scams are a threat to you regardless of where you live.


Even if you are not involved in buying or selling a home, it is always a good idea to protect your email account from being hacked.  This means having a strong password and security question.  You can find information about how to pick strong passwords and security questions here in the Scamicide archives as well as in my book “Identity Theft Alert.”  Maintain good anti-virus and anti-malware software on all of your electronic devices including your computer as well as your smartphone and keep your security software up to date with the latest security patches as soon as they are made available.  Don’t click on links in emails or text messages that may contain malware that can steal your personal information from your electronic devices and remember, your security software is always at least thirty days behind the latest malware.

Don’t use public wifi for any financial or business purposes.  Use a virtual private network to encrypt your data when using your electronic devices in public.  Never provide personal information in response to an email regardless of how legitimate it may appear until you have independently confirmed that the email is legitimate.  Finally, whenever you are asked through an email or text message to wire funds as a part of a real estate or other business transaction, don’t do so until you have confirmed that the request and the account to which you are being asked to wire the funds are legitimate.  Appearances can be deceiving so always confirm.  It may seem a bit paranoid, but remember, even paranoids have enemies.

Scam of the day – July 4, 2016 – Steve Weisman’s latest column from USA Today

July 4, 2016 Posted by Steven Weisman, Esq.

Sometimes the job of protecting ourselves from identity theft can seem to be overwhelming, which is why I wrote this column for USA Today that provides you with some simple and easy to take steps to reduce your chances of becoming a victim of identity theft.  Here is a link to that column.

June 18, 2016 – Steve Weisman’s latest column from USA Today

June 18, 2016 Posted by Steven Weisman, Esq.

Even intelligent, tech-savvy people like Mark Zuckerberg can be hacked if they don’t take essential precautions to protect themselves from hacking and identity theft.  Here is a link to my latest column from USA Today with tips about how you can protect yourself from being hacked or becoming a victim of identity theft.

May 21, 2016 – Steve Weisman’s latest column from USA Today

May 21, 2016 Posted by Steven Weisman, Esq.

Here is a link to Steve Weisman’s latest column from USA Today.  As if there isn’t enough to worry  about, this column deals with the very real problems that arise when a criminal who has stolen your identity commits crime in your name.