Thursday, June 18, 2009

Socializing Yourself Into Trouble

Nearly everyone has heard the term "social engineering" before. The term refers to a clever technique that can be used to get information from individuals without having to steal it or hack into a system. The technique is very effective. People like to talk, and if you ask enough questions, people will tell you quite a bit through the course of a normal conversation. Some people talk so freely in fact, that one senior citizen in Louisville, Kentucky apparently gave enough information for a nursing home employee to open up an American Express card with the patient as the co-signer and rack up $100,000 before the patient realized it. In fact, had the patient not received a call from American Express thanking her for opening the account, it may have taken much longer to figure out what was going on.

According to an article on WLKY.com, the suspect, Danielle McClain, actually had a criminal record for criminal possession of a forged instrument and spent 6 years in prison. Apparently, that's not enough of a red flag for some people. She was hired at the nursing home in Louisville anyway. Rest assured, a new policy is in place that will screen all employees and vendors' employees in the future.

It seems natural that someone recovering form surgery in a nursing home would make friends with the staff and get into lengthy conversations. That's part of our frail human nature. It's okay to be friendly, but as the phrase goes, "don't give away the farm" while you talk. As this example points out, we should be careful with the information we disclose. Without realizing it, you may be giving away valuable information, like your mother's maiden name, spouse's birth date, etc. This is information sometimes used to open new accounts.

The lesson here: be careful what you say. You never know how it can be used against you.

Sunday, June 14, 2009

Paper Trails: Crumbs for the Identity Thief



When I think of someone stealing my identity, I often imagine a pick pocket or a burglar lurking in the shadows, waiting to grab my personal information along with my money. But often that’s not how it works. Sometimes our identity is stolen when we have a new baby, get a home loan or apply for a credit card -- sometimes our identity is stolen by employees of such institutions who steal our personal information. An identity theft is a crime where someone gains crucial pieces of identifiable information -- your driver's license number or social security number -- all in the hopes of then getting a credit card in your name, or renting an apartment in your name, getting a phone account etc., all for their own personal gain.

Take the example of Shenequa Brown, a child support collector charged with ID theft. Just this last month, this child support collector obtained the check number, routing number and bank number of her victim/client and used that money to pay for her utilities and cable.

Sometimes, however, it's not so blatant, but instead we leave a paper trail for not-so-honest employees to steal our information. We leave a paper trail in the form of birth certificates, church files, school records, diplomas, marriage and divorce certificates, voting registrations, doctor files, credit cards, land deeds and the list goes on. Certain milestones in our lives such as becoming financially independent and applying for a credit card, or having a baby, or even purchasing our own home puts our personal information on paper.

One way to prevent identity theft is not to leave a paper trail. Of course in some instances, we're putting our trust in certain institutions to keep our information confidential and we have no choice but to leave a paper trail. Sometimes the only recourse here is to closely monitor bank and credit card statements to catch the criminal quickly and also to have an identity theft service set up to help us monitor and regain our identity back quickly. But let's go over some things we can do to prevent identity theft via a paper trail.

  • Don't have financial documents sent via snailmail and don't send paper checks out through the mail. Why? A thief can steal your personal information right out of your own mailbox or home. Rather, view them online. They're typically safer when stored online. Even pay your bills online through your bank's website. However that doesn't mean that we send people our personal info via email either.
  • Invest in a shredder. Some crooks are attracted to the sport of dumpster diving.
  • Where possible, don't use your social security number as a form of identification.

There's a lot to be improved upon here such as credit card companies not so loosely giving out our information to third party companies. But maybe we should even follow the example of our European neighbors and only use our social security number as a means of gaining our retirement benefits rather than a form of identification that is needed for loans and credit card applications that can then cause problems for many years if that information gets into the wrong hands. We can't control everything but we can be aware and cautious when we give out our personal information.