Thursday, November 12, 2009

Identity Thief at Work

Identity theft is a societal problem and can occur in many places and by many means, including in the workplace. At work, it can happen by stealing vital information from employer's records. These records can be payroll and employment information and even customer lists. And those employees that can obtain these records can sometimes be at the very bottom of the totem pole.
Whether we're an individual working for a company or we are the company owner, we need to be aware of this growing trend and what we can do about it.On a large scale, if a big company is affected, it can result in negative publicity which would in turn affect sales, hiring and retention.

What can we, as an individual, do about this growing trend? We probably already know the obvious: shed documents with personal information, don't carry our social security card in our wallets, have locked mailboxes, and even monitor our credit reports. But the problem -- which seems to be beyond our control -- lies in crooks who obtain this information from businesses that have collected personal information for legitimate reasons and then they sell this information to more crooks that use it and steal our identity. And then with this new identity, thieves can open new credit card accounts, apply for loans, write bad checks, rent apartments and the list goes on. Individuals who have been educated on identity theft or who have had this occur in their life will scrutinize those companies that have their personal information. Because of the bad seeds, companies need to raise the bar both for their employees and clients.

So if we're looking at identity fraud from a business owner perspective, what can we do about it? Informed employees and clients know that their personal information is only as safe as the association protecting it. A solution would be to offer identity theft protection as a benefit, much like health insurance. This offer would be unique to the company, whether the company pays for part of it, all of it, or merely provides the information of how to obtain this protection. The key is in the offering so employees/clients are aware of their choices and can then make an educated decision whether to accept or decline. Too much cost, we may think. But actually, it can lower our costs whether the employee has coverage or not. With coverage, there will be less time spent in restoring their identity. Without coverage, our liability has changed. We've done all in our power to protect our employees by informing and offering. Well almost . . . There are still numerous ways where we must be proactive in protecting our employees and clients.



  1. Perform background checks on employees who have access to personal information on other employees/clients, even temporary workers. And limit this access where we can.



  2. Use employee identification numbers that are different to social security numbers to recognize employees on paychecks etc.



  3. Shred confidential documents and have specific guidelines for all employees to adhere to.



  4. Use passwords and encrypted codes when confidential files are stored on the computer.



  5. Be vigilant in educating staff on identity theft.



The Bank of New York and its employees are a perfect example of a workplace where large scale identity fraud has occurred. Adeniyi Adeyemi, a computer technician employed by a contractor who worked for the Bank of New York, has been charged with allegedly stealing the identities of over 150 employees and then with these identities, stealing over a million dollars from non-profit groups and charities and the employees themselves. Adeyemi now faces up to 25 years in prison. He obtained his information from the Technology department, opening additional bank accounts with this information to receive the stolen money. This all occurred over a seven and a half year period. The Bank of New York spokesman says that they are fully cooperating, but I wonder what the long-term ramifications of this will be (Read the Wall Street Journal article here).

It's always best to be insightful. But having insight is useless unless we take action by protecting ourselves, our employees and our company with our eyes wide open.

Monday, November 2, 2009

Red Flag Enforcement Delayed Fourth Time (until June 1, 2010)

The enforcement of the Red Flags rule under the Fair and Accurate Credit Transactions Act (FACTA) has been delayed again for the fourth time. The next implementation date is June 1, 2010. The enforcement was due to take place yesterday November 1st, 2009.

It is clear that many businesses are having difficulty getting ready for Red Flags as evidenced by the fourth delay. Many businesses falsely assume that if they are not a bank nor a credit card company, they are not subject to FACTA or Red Flags. Such is not the case. FACTA and Red Flags apply to most businesses.

The delay is good for businesses as many need additional time to get systems and procedures in order, but not good for consumers (whose identities may still be exposed for fraud for another 6 months).

Wednesday, September 23, 2009

Credit Card Identity Theft



Police of Morgan Hill, California received a call for a potential DUI, but instead three people were arrested for numerous incidents of identity theft. The driver of the Camaro, Charles Allen, didn't have a license and the passenger, Arena Adanandus, had a suspended license and neither one had ownership documentation of the Camaro. Allen was arrested on suspicion of driving with a suspended license. In the meantime, they impounded the Camaro and found merchandise totaling $800+ from Home Depot. The passenger, Adanandus, had used a customer's account number where she had fraudulently added her own name and the grand total of charges is suspected to be around $3,400. Not only that, but the Camaro was rented using a stolen credit card. During this time a third party, Aaron Fields, came to the station to meet with Allen and Adanandus and the kicker -- he drove to the station in a Ford Fusion which he rented using stolen credit card information. All three were arrested and booked (Read the full story here).

Identity theft is a recognized problem and credit card identity theft is one of the forms it may take. As in the prior case, the thief can use details of another person's credit card and wrack up debts which the unsuspecting customer ends up with. They may also use the person's name and information to open up new credit cards where they charge to the victim's name. So how can they even get this information? Through stealing mail from your mailbox or trash, credit card skimming, or stealing information from records where your details are kept (such as a crooked employee or a thief breaking into hospital records etc).

Some simple tips to prevent identity theft are:
  1. Shred any documents with personal information before putting in the trash.
  2. Opt out of mailing lists where credit card offers are sent through the mail.
  3. Keep your eyes on your credit card at all times especially at stores and restaurants. It's not just on the internet where you need to be careful.
  4. Identity theft insurance services.

Identity theft is a growing problem but gradually people are becoming more aware of it and are protecting and educating themselves against these types of crimes. As in the case cited, some of these losers do get caught and we're all happy when they bring their 'friends' along for the ride.

Friday, September 4, 2009

The Identity Theft Victim & Their Rights


So here's an ironic story for you about identity theft. The last blog I wrote on identity theft was on a Friday. I wrote about what steps you can take to protect yourself from identity theft -- especially mail identity theft. I then went to a nice barbeque party and watched my kids swim with their friends. Didn't really enjoy my turkey dog -- an attempt to be healthier -- but have decided since then that I'll stick to all-beef franks. On the way home, I grabbed my mail, tucked the kids in bed, and then read my mail. And to my horror, received a letter from my credit card company who was putting me on alert as one of their former employees had stolen personal information from some accounts and mine happened to be one of them. I looked at my husband, thinking perhaps this theory of Law of Attraction might actually be valid, and then began a scenario of what-ifs with this villain using my very name to open up accounts, buy a home etc. After wallowing for seconds, I called the fraud alert hotline. So they've caught the thief but the investigation is ongoing and who knows if he's sold the information already. What I realized is that it's one thing to discuss identity theft and the steps to take, and it certainly is another to feel yourself vulnerable and at risk -- and of no fault of your own. My husband saw the rainbow of it all -- well, now you'll have another article to write -- so here I am.


There are certainly many steps you can take to protect yourself from not carrying your social security card in your wallet to having a secure mailbox. But what about if you give trusted information to a company -- like a credit card company -- and one of their employees steals it. There's nothing you can do after that point. You hope that the company has done background checks, employment screenings, behavioral assessments, but there are always risks -- which is what I discovered. What is immediate action you can do once you've realized someone has stolen your information? Of course if it's a stolen wallet, you notify banks, credit card companies, social security etc. But what else should you do? What are your rights?

  1. Immediately call the nationwide consumer reporting companies and place a fraud alert in your file. Everyone has the right to do this and this lets potential creditors know that you may be a victim of identity theft. Therefore, this makes it much more difficult for someone to get credit in your name. There are three nationwide consumer reporting agencies and if you contact one and place a fraud alert -- they'll contact the other two. They are Equifax: 1-800-525-6285; www.equifax.com, Experian: 1-888-397-3742; www.experian.com, and TransUnion: 1-800-680-7289; www.transunion.com. These fraud alerts will be in your file for 90 days. Extended alerts are also possible, but an identity theft report is required. For more information, go to www.consumer.gov/idtheft.
  2. You have a right to obtain a free copy of your file disclosure. What is a file disclosure? This is the information in your file at each of the 3 nationwide agencies and will help you detect if fraudulent accounts have been opened in your name. Go to www.ftc.gov/credit.
  3. If fraudulent accounts were opened using your information, you have the right to get hold of those documents. Go to www.consumer.gov/idtheft.
  4. You have a debt collector harassing you? And if you believe these debts were racked up by an identity thief, the debt collector has an obligation to tell you the amount of debt and the name of the creditor. You also have the right to have the consumer reporting agency to block file information which is a direct result of identity theft. Of course you must prove this with your identity and a copy of your identity theft report. Once this is done, a person or business with notice of the block can't sell, transfer or place the debt for collection. But even before this, you have the right to prevent businesses reporting information about you to consumer reporting agencies. You must then provide information to the businesses -- via a specified address given by the business that reports information to the consumer reporting agency -- by providing an identity theft report. So whatever step you are on -- via the business, the consumer reporting agency and even the debt collector -- you always have rights.



Clearly, no one wants to be a victim of identity theft, but if you have tools in hand and are aware of what actions need to be taken and what rights you have -- you can reverse the scenario and stop the thief in his tracks. An even simpler way is to set up with a company who provides identity theft services. There they will help prevent and also monitor your accounts if any significant changes occur. A word of caution, I'd do your research first -- before and if you become a victim. There are companies out there who provide the same service but for a much better cost. When we're desperate, we'll take the first monitoring bidder whatever the cost. So the message here? Prepare, prevent and monitor.

Monday, August 24, 2009

Even in Death Your Identity Is Not Safe

Gregory Victor Revson, 49, of Islamorada, FL received his sentence for convictions of identity theft and passport fraud.  In 2006 and 2008 Revson had fraudulently applied for and received passports for deceased persons.  At the time of his arrest, Revson had a thumb drive in his possession containing the names, addresses, SSN's of hundreds of deceased.  Apparently he thought that his scheme was working well.

Revson received a sentence of 75 month with an additional 14 months added to his sentence for violating the terms of supervised release related to a previous 2002 conviction for identity theft and wire fraud.

Just because you've died doesn't mean that you can't become a victim of identity theft.  That is just one more thing for your loved ones to have to worry about after you're gone is the risk of identity theft.

Monday, August 17, 2009

Identity Thieves Stealing Your Mail


Identity theft is an increasing concern as we hear of nightmarish ordeals that some people must endure when their identity is stolen. In some cases, these crooks are getting smarter and more sophisticated with their scams, but in other situations -- which is good for us -- these types aren't playing too wisely.

Take the example of this theft: On August 8th, 2009 in Manteca, California, two young adults -- a male and female -- broke into an apartment complex and then proceeded to steal from the tenants' mailboxes. But the big kicker -- there was a warning that they were being videotaped. The authorities are confident they'll catch these criminals. Not too bright I'd say. You can read the report and view the videotape here: Manteca Mail Theft Caught on Camera
What can we do personally to protect ourselves from mail theft?


  1. Use a Mailbox with a Lock. That's a significant start. It's not a sure guarantee but will definitely deter some. And of course, keep your mailbox locked at all times and have a limited number of keys. Remember, you can have valuable data for the thief on bank and credit card statements and even personal letters may give away some detailed information about you.
  2. Collect Mail after Delivery, within reason. If you are going on vacation, put a hold on your mail. It's a simple process and in most places can de done online. Or even have a neighbor pick it up for you.
  3. Use Ink that's Check-Safe. Cleaning products can erase some inks and then the thief has one of your blank checks in his hands with your signature. Use pens -- such as gel, rollerball and fountain -- that clearly state they are check-safe. Fill in all the empty spaces on your check such as the date and memo line. And finally, go to the post office with your checks. Locked mailboxes are pretty secure but the hands of a postal worker is even a safer bet.
  4. Keep Good Records. This will enable you to identity any unauthorized activity in your accounts. You may not be able to avoid mail being stolen and information taken, but with good records the damage can be minimized. Identity Theft recovery programs can also be set up that will serve this same purpose.

If we're informed we can play with the wisest of the thieves and beat them at their own game. As far as those more dense ones, we'll let the videorecordings take the credit.

Thursday, July 30, 2009

The Stupid Things That Thieves Do -- Other Than Steal

We've all seen the video programs that show thieves doing stupid things and being caught on surveillance cameras. Things like smacking an unbreakable window with a crowbar and then getting whacked in the face, or accidentally setting themselves on fire while trying to burn down a building. Seeing stuff like that always make me feel better. I tend to feel that justice is being served, somewhat. The criminals themselves are doing what we so often want to do, but don't have the opportunity to: beat the tar out of themselves!

Unfortunately, not every stupid thing criminals do are caught on tape, and I'm sure that must include thousands of funny things every day. For example, we know that you can't talk your way out of prison. But who knew you could actually talk your way into prison?

An article I came across today at Philly.com stated that in Chester, Delaware, a woman called police to claim that a large, high-dollar barbecue grill and other items were stolen from her backyard. As part of the investigation, the police determined that the items in question were purchased with a credit card reportedly stolen from a woman in Kentucky. This led to her quick arrest and further investigation, whereupon her two accomplices were also arrested. The leader of this band of thieves had his home raided and he was found hiding, naked, in his attic. Now I hope they got that on film!

It seems pretty funny, and ironic of course, that a thief felt she had been wronged and wanted to report it, when she herself had obtained the items that were stolen by using a stolen credit card. As the District Attorney in the article mentions, "If you steal something, don't report that somebody else stole it from you." Well put Mr. Green. Just another example of how stupid some criminals really are.

Now that the shoe is on the other foot, well except for the guy they found naked, I hope that these bozos learn their lessons. However, as is often the case, these sort of people tend to suffer from short-term memory loss. I tend to believe that they'll be back at it again as soon as they're released from prison. Luckily, the newer identity theft laws now carry a minimum two year sentence, with the possibility of five years. Don't worry though. I'm sure we'll have the chance to laugh at another stupid criminal before too long.

Have an example of a stupid criminal? Comment and let me know.

Friday, July 17, 2009

To Protect and Serve. Not!

If you're like me, you really hate reading articles where someone in a trusted position, such as a police officer or a politician, abuses their position, their authority, or betrays their constituents' trust by putting others in compromising, legal, and often financial jeopardy. Unfortunately, that's just what I came across this morning.

A police sergeant for the University of Central Missouri and his wife have been arrested, accused of identity theft. The couple, James and Amanda Drake, allegedly obtained the stolen names, addresses, and Social Security numbers of 7,000 students and alumni at the university that he was employed to protect and serve. What is not apparent is how they retrieved this information since according to the article I read, there have been no signs of a data breach. The information they had was on printouts that are used for legitimate office reasons. Sounds to me like there may have been someone else on the inside who let a document slip into the wrong hands. I hope they nail that person or group of people as well.

Luckily, so far it appears that there have only been a dozen victims in this crime. Let's hope that number doesn't grow. The university is offering ID theft protection for those affected. I hope they have a background screening process in place as well. If they didn't already have one, it would behoove them to get one now. If they did have one, it might be worth re-evaluating the process and see where the breakdown occurred.

Meanwhile, James Drake has been charged with fraud, use of a credit device and filing a false police report. Amanda Drake has been charged with forgery only. Neither has been charged with stealing the computer printouts that contained the names they both used to commit fraud. I hope they tack that on later as they clearly should not have been in possession of said documents.

I've always thought it's good to know your job from all angles, including inside out, and this is no exception. Let's see how this campus cop and his wife like the view from the other side of the cell.

Tuesday, July 14, 2009

Employee ID Theft at AT&T, an Inside Job

If you've ever thought that your personal information was safe at work, this might make you change your mind.

This week a federal grand jury has indicted a Chicago area temporary employee for identity theft of over 2,100 employees. The employee, who was working for AT&T, had two accomplices. The trio of women apparently used the stolen information to fill out "payday" loan applications, then used random photos of individuals and faxed in the account information. After that, they would wire the money into their accounts. Before being apprehended, the trio stole more than $70,000.

It's pretty despicable when an employee steals trusted customer data. But stealing employee data is even worse, because if you can't trust your own employees or co-workers, who can you trust? They're supposed to be on your side.

On the brighter side of things, at least the number of affected people is lower than your typical data breach. If they had stolen customer data, the number of people affected could have easily been in the millions and that would have been a tremendous blow to AT&T.

These criminals will face 20 years in prison and $250,000 each for the fraud charges and 2 years for each count of identity theft, to be served consecutively, after the other 20 years for the fraud. These girls aren't going anywhere, anytime soon. Score one for the Feds.

Read the article from the SC Magazine here.

Thursday, June 18, 2009

Socializing Yourself Into Trouble

Nearly everyone has heard the term "social engineering" before. The term refers to a clever technique that can be used to get information from individuals without having to steal it or hack into a system. The technique is very effective. People like to talk, and if you ask enough questions, people will tell you quite a bit through the course of a normal conversation. Some people talk so freely in fact, that one senior citizen in Louisville, Kentucky apparently gave enough information for a nursing home employee to open up an American Express card with the patient as the co-signer and rack up $100,000 before the patient realized it. In fact, had the patient not received a call from American Express thanking her for opening the account, it may have taken much longer to figure out what was going on.

According to an article on WLKY.com, the suspect, Danielle McClain, actually had a criminal record for criminal possession of a forged instrument and spent 6 years in prison. Apparently, that's not enough of a red flag for some people. She was hired at the nursing home in Louisville anyway. Rest assured, a new policy is in place that will screen all employees and vendors' employees in the future.

It seems natural that someone recovering form surgery in a nursing home would make friends with the staff and get into lengthy conversations. That's part of our frail human nature. It's okay to be friendly, but as the phrase goes, "don't give away the farm" while you talk. As this example points out, we should be careful with the information we disclose. Without realizing it, you may be giving away valuable information, like your mother's maiden name, spouse's birth date, etc. This is information sometimes used to open new accounts.

The lesson here: be careful what you say. You never know how it can be used against you.

Sunday, June 14, 2009

Paper Trails: Crumbs for the Identity Thief



When I think of someone stealing my identity, I often imagine a pick pocket or a burglar lurking in the shadows, waiting to grab my personal information along with my money. But often that’s not how it works. Sometimes our identity is stolen when we have a new baby, get a home loan or apply for a credit card -- sometimes our identity is stolen by employees of such institutions who steal our personal information. An identity theft is a crime where someone gains crucial pieces of identifiable information -- your driver's license number or social security number -- all in the hopes of then getting a credit card in your name, or renting an apartment in your name, getting a phone account etc., all for their own personal gain.

Take the example of Shenequa Brown, a child support collector charged with ID theft. Just this last month, this child support collector obtained the check number, routing number and bank number of her victim/client and used that money to pay for her utilities and cable.

Sometimes, however, it's not so blatant, but instead we leave a paper trail for not-so-honest employees to steal our information. We leave a paper trail in the form of birth certificates, church files, school records, diplomas, marriage and divorce certificates, voting registrations, doctor files, credit cards, land deeds and the list goes on. Certain milestones in our lives such as becoming financially independent and applying for a credit card, or having a baby, or even purchasing our own home puts our personal information on paper.

One way to prevent identity theft is not to leave a paper trail. Of course in some instances, we're putting our trust in certain institutions to keep our information confidential and we have no choice but to leave a paper trail. Sometimes the only recourse here is to closely monitor bank and credit card statements to catch the criminal quickly and also to have an identity theft service set up to help us monitor and regain our identity back quickly. But let's go over some things we can do to prevent identity theft via a paper trail.

  • Don't have financial documents sent via snailmail and don't send paper checks out through the mail. Why? A thief can steal your personal information right out of your own mailbox or home. Rather, view them online. They're typically safer when stored online. Even pay your bills online through your bank's website. However that doesn't mean that we send people our personal info via email either.
  • Invest in a shredder. Some crooks are attracted to the sport of dumpster diving.
  • Where possible, don't use your social security number as a form of identification.

There's a lot to be improved upon here such as credit card companies not so loosely giving out our information to third party companies. But maybe we should even follow the example of our European neighbors and only use our social security number as a means of gaining our retirement benefits rather than a form of identification that is needed for loans and credit card applications that can then cause problems for many years if that information gets into the wrong hands. We can't control everything but we can be aware and cautious when we give out our personal information.

Friday, May 29, 2009

Phishing: An Online Identity Theft Scam









When I hear the word phishing, I imagine early dawn, a still morning and a smooth lake with not a single ripple. But outside the nature world -- and inside the world of computer security -- phishing is online identity theft. This process was described in 1987 and defined and recorded as 'phishing' in 1996 with one sole purpose: to bait innocent victims and catch their passwords, usernames, credit card information and any other financial details.

Con artists have been around since the beginning of time. We've all heard the stories of strangers stepping into the shoes of long lost relatives and making claim for crowns or large sums of money, but now we're in the internet age and the story -- with a similar theme -- has unsuspecting online consumers as its main characters. One of the more recent phishing scams involves the social networking sites. Facebook users beware because if you're one of those users that re-use passwords, then Facebook may be your downfall. Many of us use the same password for every website, meaning if were lured to phishing sites from our facebook account, hackers can also potentially gain access to our Amazon, PayPal and eBay accounts. Read the full story here: Facebook Attacks Threaten All Web Sites

According to the APWG (Anti-Phishing Working Group), these types of crimes are on the rise with crimeware-spreading sites infecting PC's with password-stealing crimeware increasing 827% from January 2008 to December. Phishing schemes are gaining sophistication and sometimes for the everyday online consumer it can be overwhelming. The Anti-Phishing Working Group web site gives up-to-date reports on the latest phishing schemes authorities have uncovered.

There are some steps we can take to protect ourselves from these types of scams.

  • Never give out personal information, including financial, via an email request. Remember the purpose of this is to gain your name, username, address, phone number, password, bank account number, credit card number, CVC code or social security number. Regular e-mail messages aren't encrypted so it's similar to sending a postcard. Be suspicious of email messages requesting this kind of information or even those messages asking to update or confirm such details. And don't call numbers listed on email messages, but rather get the phone numbers from statements. Never click links on suspicious emails or copy and paste links from messages into your browser, but instead you type the URL into your browser or use your Favorite Links.
  • Use secure websites. Ones that you know and trust to submit personal information -- established companies with good reputations and privacy statements where they state that they won't pass on your personal information to others. And make sure these web sites use encryption.
  • Continually monitor online transactions. Review bank and credit card statements and report anything suspicious by calling the number on your account statements. Use credit cards for online purchases, even those with a small credit limit. Debit cards are connected to your bank account and credit cards with high limits only give the thief more money.
  • Use strong passwords, changing them often. Don't use real words, but rather combinations of numbers, uppercase and lowercase letters, and symbols so it's difficult for hackers to guess.
  • Protect your PC. Make sure all your security patches are installed and your browser is up to date. Use a firewall, antivirus software, anti-spyware, and even anti-phishing software.

So if this information does get into the wrong hands, what will the thieves do with it? Identity theft is common and the hacker can now apply for credit in your name, empty out your accounts, max out cards, transfer money from your investments into your checking account and then use a copy of your debit card to take it all.

These identity theft scams are continually growing in sophistication on the internet, so be aware, protect yourself as best as you can, and be prepared with identity theft services for recovery and even prevention.

Friday, May 15, 2009

Identity Theft & Traveling: What You Need To Know

The summer is fast approaching and it may be time to start thinking travel plans. Whether we go near or far, we must be aware of identity theft. In 2007, over eight million people in the United States were victims of identity theft which resulted in almost fifty billion dollars of fraudulent financial charges as quoted by the Javelin Strategy and Research Survey. That number has most likely increased over the last year. Of those victims, a significant portion was business and holiday travelers.


When I travel it's a time to relax, get away from my routine and responsibilities, and enjoy some fun with my family. So, like most people, I let my guard down. Travelers are walking targets to the thief. So perhaps we're not donning the binoculars, loud hats and colorful shirts, but we are travelers nonetheless and to crooks we're quite obvious. These pickpockets lurk in crowded airports, hotel lobbies, bus and train stations, special events -- anywhere a victim is relaxed and seemingly unaware. Our wallet in a back pocket is an invite to these kinds. Besides the obvious stolen wallet, there are other ways our identity can be stolen when traveling. Crooks are becoming smarter -- more technically savvy -- so it's critical we stay one step ahead. We need to be cautious with our laptops and our usage of internet cafes. Rather than finding ourselves in such a situation, prevention is really the key and then leisure or business can follow. So what are some things we can do?

  • Before you even travel, hold mail and newspaper delivery. A pile of newspapers is an open invitation and bills and credit card offers contain all of your information.
  • Go through you wallet. What do you really need? Take out all personal information items that aren't crucial, such as social security cards, memberships, receipts, check books, bills etc. Lock these up in your home -- identity theft can occur at home also by a house sitter or burglar.
  • Carry a fanny pack. Traveling through a crowded airport, trying to get from one point to another can be an arduous task. Carry your credit cards and other personal information with you in your fanny pack. It's much harder to nab someone's fanny pack strapped firmly to their body than a wallet peeking from a pocket. Don't leave these items in checked luggage either. Lost luggage seems more common than in the past, even if it's just for a day.
  • Pay your bills before you leave. Bills lying around in hotel rooms are easy targets for identity crooks.
  • Even open a separate account before traveling and only put in it as much money as you'll need for your holiday. Bring that one debit card with you -- not one linking to all your savings back home.
  • Bring a couple of credit cards with you. These are protected by Federal law and so fraudulent charges are generally covered. Make sure they haven't expired and you can even purchase prepaid cash cards from Visa, American Express or Mastercard. Have a list of the credit cards you brought with you easily available so that you can report the information stolen and set up fraud alerts with the credit bureaus. You can even sign up for identity theft services which can provide continual credit monitoring among other preventative measures and recovery programs.
  • Use the ATM machines available in banks. There is a threat of fake ATM machines in popular tourist areas so be safe and go to the bank.
  • Leave passports, major cards, and any other personal information that's not necessary on a day to day basis in your hotel room safe.
  • Bring a copy of important documents and also store these in a secure and separate place. You'll definitely want a copy of your passport.
  • Keep an eye on your laptop at airports, hotel lobbies and restaurants. Thieves can access personal information when laptops are unattended -- they don't even have to steal it and then the traveler is clueless. Back up your laptop before you leave and put this disc in a safe place at home or in a safety deposit box. Write your name, destination address and any other relevant contact information on a piece of paper that’s taped to your laptop in case it's inadvertently left behind. Use caution here though and use your work address and phone number.
  • Be on guard when using public computers. Key stroke loggers could be installed but generally business centers located on cruise ships and hotels are safer than other public computers.

Stealing someone's identity is not just about having your credit card stolen while the thief enjoys a shopping spree. No, this criminal can then open new credit cards, new accounts, get new loans and then not pay them, leaving 'guess who's name' on the credit report? The worse case scenario is getting arrested for crimes you've never committed. Rather than becoming paranoid, apply the steps listed and be prepared. Preparation and prevention are the two crucial keys in protecting your identity. If a worse case scenario does occur, identity theft services can help with the recovery process along with preventative steps. Travel with confidence this summer season, knowing you've done all that you can do.

Friday, April 3, 2009

Your Identity Getting a Workout

There is one surefire method to ensure that nobody can get your personal information and steal your identity while you're out and about: leave your personally identifiable information and belongings at home. However, is this a realistic approach? For most people, probably not. Continue reading and decide for yourself.

Today in Sacramento, a husband and wife were arrested on charges of identity theft, forgery, burglary, possession of stolen property and vehicle theft according to an article at KCRA.com. The thefts occurred at local 24 Hour Fitness centers in the Sacramento area. While working out at various locations, the wife would go into the locker room and break into lockers and steal purses, cell phones, car keys, credit cards, etc. Such tactics are not uncommon. This is not the first time this type of crime has been committed, and unfortunately it won't be the last.

So how do we avoid this type of crime? Should we just leave all of our belongings at home? That doesn't sound like a practical idea. If all you're doing is going to the gym, okay, I suppose it's easier to leave a lot of things at home. But what if you're going to the gym on the way home from work? Leaving your items in your car is probably no better a solution. After all, you have to still take your car keys in the business and leave them in your locker.

It seems the answer to my original question is best left to the reader. It's your stuff. You decide how to best keep it safe. If you don't need to take it with you, you probably shouldn't. But when it comes to your identity, you can at least get recovery protection on your side in case you have the misfortune of having your personal information stolen.

A good identity theft plan should provide a fully managed recovery solution. That means a recovery advocate will work on your behalf, through a limited power of attorney, and make all the phone calls and clear up any problems that arise as a result of your identity being compromised. The advocate will also work until your good name is restored to its pre-theft status. In addition, there should be some sort of insurance reimbursement to help cover the out of pocket expenses.

A good identity theft recovery solution can save a lot of headache. So, if your identity winds up getting more of a workout than you do, you don't have to run around trying to catch up with it.

Tuesday, March 10, 2009

ACLU Supports Identity Thieves -- Sues County Sheriff

The ACLU has filed a suit against the County Sheriff and District Attorney of Weld County, Colorado in a strange twist of logic supporting the position of identity thieves. These stories (Operation Number Games and Fight with ACLU suits Buck to a ‘T’) from Weld County, Colorado are illustrate some of the contention between protecting fourth amendment rights and prosecuting criminals.

The back story ---
It begins with former mayor of El Paso, Texas and tax accountant Ray Salazar. In 1988, Salazar listed among his clients a Mr. Jose Lopez. Lopez is a citizen of Mexico and a resident alient in the US (he has a green card permitting him to work in the US). Three weeks of the month, Lopez works at a ranch near El Paso and returns home to his family just across the border in adjacent city, Ciudad Juarez for the fourth week (El Paso and Ciudad Juarez both part of the same metro area but are separated by the US/Mexico border).
All was well until one evening when Lopez was returning home he was mugged and his wallet stolen. He reported the theft to, among others, the Social Security Administration which issued another green card with the same ID number as the original card.


Fast forward to 1995 when Servando Trejo, a citizen of Mexico paid $1,500 to a human smuggler to take him across the border into Arizona. Once there, Trejo purchased a fraudulent birth certificate and social security card in the name of Jose Lopez. Trejo, an illegal immigrant, then assumed the identity of Lopez. With the Lopez identity, Trejo worked at several different jobs and eventually moved to Greeley, Colorado where he opened a bank account and gained a Colorado drivers license.

The fraud seemed to be going well for Trejo. Especially well, since Trejo chose not to pay income tax on his earnings during the years and by 1999 had accumulated a bill for $11,000 in taxes owed. That (1999) was when the IRS decided that the tax bill needed to be paid and contacted the real Lopez in El Paso and presented him a bill for $12,000. The real Jose Lopez, the part-time ranch hand in El Paso only made $10,000 per year and not only did not truly owe that much.  Moreover, he lacked the means to pay the bill.

That is when he turned to his CPA, Ray Salazar. Salazar worked with the IRS to resolve the problem but the IRS was skeptical of Lopez' claim. It wasn't until 2003 that Salazar was able to have an IRS agent take a close look at the circumstances and realize that Lopez had been the victim of identity theft. The IRS promptly removed the claim for back taxes and the situation appeared to be fully resolved. Jose Lopez never did find out who had been using his identity and could not be sure that it would not happen again.

In 2005, Trejo (still masquerading as Lopez) living and working in Greeley, filed an income tax return. Trejo had less than $2,000 withheld from his check to cover taxes but when he filed the return, he was given a refund of more than $4,000. This event apparently triggered something in the IRS system and again the real Lopez in El Paso was presented with a bill for $11,000 in taxes. Once more, Jose Lopez turned to Salazar the CPA for assistance in working with the IRS. Through another source, Lopez discovered that someone in northern Colorado was using his social security number. Lopez contacted the Loveland, Colorado police department who referred him to the Weld County Sheriff's office.

The Weld County Sheriff's deputies begin an investigation. On August 13, the deputies located the "Jose Lopez" they sought and arrested Servando Trejo at a feedlot where he worked. Trejo was arrested on charges of identity theft and forgery. Trejo later pleaded guilty to the lesser charge of criminal impersonation and was sentenced to probation for two years. Trejo was subsequently transferred from the Weld County jail to the custody of Immigration and Customs Enforcement (ICE). ICE subsequently deported Trejo to Mexico.

While still in the custody of the Weld County Sheriff's office, Trejo told the deputies how he was able to get large income tax refunds through a local business, Amalia's Translation and Tax Service. With this information the deputies investigated further to found that, not only Trejo but, a great many other illegal aliens were using Amalia's Translation and Tax Service to obtain income tax refunds under assumed identities ($2.7 million). Deputies sought and obtained a search warrant and seized the Amalia records. The seized tax records revealed approximately 1,300 cases of identity theft.
--- end back story


Information in a court case is normally considered public record. The evidence in the case was the tax records of Amalia's clients who had an interest in their tax records not being disclosed as a part of the public record of the case. Consequently, the Weld County District Attorney had the tax records put under seal and reviewed by grand juries (whose sessions are secret).

The ACLU, curiously, rather than supporting the Sheriff and District Attorney in their efforts to bring the identity thieves to justice chose to oppose their efforts and demand that the evidence either be returned to Amalia or destroyed and abandon attempts to prosecute the fraudsters.

Today the court heard opening arguments in the case. It is not certain how this will end or if there can be found an elegant compromise that both protects the rights of citizens from unreasonable search/seizure while still giving law enforcement the ability to effectively perform their duties and keep us safe from criminal activity.

Tuesday, February 24, 2009

Thieves Take More Than Towels

Wyndham Hotels in Florida notified the state Attorney General about a data breach in which the credit and debit card information as well as personal data of 21,000 hotel guests was compromised in December 2008. Wyndham notified the affected guests by letter.

So far there has been no evidence that foul play has occurred, but Wyndham is urging those affected to be vigilant and obtain fraud alerts from the major credit bureaus.

Another solid piece of advice would be to watch for suspicious credit card activity. Any suspicious charge can be challenged and taken care of fairly easily with your credit card company. This is yet another reason to use credit cards rather than debit cards. If your debit card information is compromised, thieves can easily drain your bank account before you even notice a problem.

Read the original story by clicking here.

Non-fat, Low-foam Laptop Please!

Starbucks has once again lost a laptop containing employee data. In October 2008 the company lost a laptop that contained 97,000 employee's personal data, including Social Security numbers and addresses. I guess that fits in the extra-extra-large cup. Notice I said "once again?" In November of 2006 a laptop containing personal data of over 60,000 current and previous employees was also stolen. The difference is, this time the employees decided to file a lawsuit.

Some employees are saying that Starbucks took too long to notify them about the breach and provide them adequate time protect themselves against identity fraud. Starbucks has offered the employees one year of identity theft protection and credit monitoring, but some employees are asking for up to five years. Some of the plaintiff's have seen evidence of fraud due to the data breach, and are therefore seeking monetary damages.

This is bad news for you coffee drinkers. If this lawsuit is successful, I would expect to see the price of a Starbucks coffee increase. It's going to take a lot of beans to pay for the double blunder.

You can read the full story here.

Wednesday, February 11, 2009

Going to the Hospital?--Leave Your Purse at Home

If you are making a trip to the hospital, you will be making yourself exceptionally vulnerable to others. No, I am not referring to the quality of medical care from the doctors and nursing staff. I am referring instead to the probability of your becoming a victim of identity theft and fraud.

To illustrate the point, I refer to a recent event that occurred to a patient while staying at Scottsdale HealthCare Shea in Scottsdale, Arizona. The patient, a 79-yr old woman seeking treatment, was apparently victimized not once but twice by two separate members of the support staff operating independently and without knowledge that the other had also victimized the patient.

The alleged perpetrators are Nancy Adame 34, and Sylvia Cubit 40. The victim reported to police that she had been contacted by her bank about suspicious activity in her account. When she examined the contents of her purse after her stay at the hospital, she discovered that personal checks, credit cards, and her debit card had been stolen.

Nancy Adame (left) and Sylvia Cubit(right)

Nancy Adame has been charged with fraud, theft, and forgery and has been released pending completion of the investigation. Slyvia Cubit (who also works at another Phoenix area hospital and medical laboratories) has been arrested after Scottsdale police obtained a search warrant and entered her home finding evidence linking her to several other identity thefts. She, Cubit, has been charged with theft, aggravated identity theft, theft of a credit card, forgery, fraudulent use of a credit card, trafficking in the identity of another, and trafficking in stolen property.

What lessons do(should) the rest of us learn from the misadventures of these two hospital staff?
  1. Difficult times often brings out the worst in people.
  2. Constant vigilance to guard against identity theft is always a good idea.
  3. Motive and opportunity are all that it takes.
  4. Don't assume that others are not motivated to steal from you and your creditors.
  5. You can influence, if not control, how much opportunity is provided to identity thieves.

Source: http://www.azcentral.com/community/scottsdale/articles/2009/02/05/20090205abrk-hospitaltheft0205.html