Tribune staff, wire reports...Published May 23, 2005
Beginning June 1, 2005 businesses with employees cannot throw out documents containing workers' or customers' personal information without first destroying them.(*)They must be shredded, burned or otherwise made unreadableThe law is among new provisions added to the Fair and Accurate Credit Transactions Act last year.
The rules were designed to reduce the risk of identity theft and other consumer harm resulting from improper disposal of consumer reports or any records derived from them.
Under the rules, all businesses will be required to destroy any consumer credit information they have obtained from credit reports.
"Any person who maintains or otherwise possesses consumer information for a business purpose" must properly destroy the discarded information, under the new credit transaction rules.
An organization must "dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal," the rules state.
Business owners could face fines of $1,000 per violation and be sued for actual damages caused by improper access to personal information.
The full text of the rule is available at Click to read
Copyright © 2005, Chicago Tribune
by Deborah Wilburn
FEDERAL TRADE Commission report says that in (2003) 3.2 million consumers discovered that accounts had been opened or apartments or homes rented in their names without their knowledge or consent.
Every time you download free computer programs, games, music or screen savers on the Internet, or visit certain websites, there's the risk of spyware coming along for the ride and infecting your computer.
Spyware is any program that monitors your activity on the Internet without your knowledge and transmits that information to someone else.
According to an AARP Public Policy Institute report that was released in May (2006), cyberthieves are usng: spyware more and more to steal identities.
"We can expect spyware to continue proliferating because it is so lucrative" for criminals, says AARP's Neal Walters. "You have to be careful."
• Do not download programs you're not familiar with.
• Do not open e-mail or attachments if you don't know the sender
• The Consumers Union suggests placing a security freeze on your credit report and credit score, information businesses seek before they will issue new credit...Not all states allow consumers to put freezes on their reports
A freeze prevents identity theft by blocking access to the reports,but you are able to open your report with a PIN number or a password.
One caveat: Only 23 states currently allow consumers to put freezes on their reports.
CAROLE FLECK
The next time you order "checks" from your bank... have ouly your "Initials " shown instead of your first name and middle initial, if you show your middle intial when you sign checks. Have Only your last name put on the checks.
If someone steals your checkbook, they will not know if you sign your check with just your initials or your first name. The bank will know how you sign your checks.
When writing checks to pay for credit card purchases, DO NOT show the complete account number on the "For" line. Just show the last four numbers of the account. The credit card company knows the rest of the number and anyone who might be handling your check as it travels through check processing channels won't have access to it.
Security number. ...Be Sure To Visit Link, below, on "Phishing" Scam.... Then the thief opens a bank account in your name and takes out a mortgage or car loan.
In such cases,some information given about you is correct, but not your address.The bill goes elsewhere, so you don't know you've been defrauded. Most consumers learn their identity has been stolen when a collection agency calls, demanding payment for outstanding bills.
show they have been sent to you from a bank, brokerage house, major mercandiser and other.
Page Authors Comment: The following was received...via e-mail...from a friend. Page author has no way of knowing if statements made are valid. On eveluation it is concluded that valid or not, the actions,activity and results could happen and is submited for your evaluation
Date: Fri, 12 Aug 2005 18:15:41 -0600
Message
CREDIT CARDS
SCENE 1:
A man went to the local gym and placed his belongings in
the locker. After the workout and a shower, he came out, saw the locker
open, and thought to himself, "Funny, I thought I locked the locker."
He dressed and just flipped the wallet to make sure all was in order. Everything looked okay - all cards were in place.
A few weeks later his credit card bill came - a whopping bill of $14,000!
He called the credit card company and started yelling at them, saying that he did not make the transactions.
Customer care personnel verified that there was no mistake in the system and asked if his card had been stolen.
"No," he said, but then took out his wallet, pulled out the credit card,and yep, you guessed it, a switch had been made. An expired similar credit card from the same bank as in the wallet. The thief broke into his locker at the gym and switched cards.
The credit card issuer said (*)that since he did not report the card missing earlier, he would have to pay the amount owed to them. How much did he have to pay for items he did not buy? $9,000!
Why were there no calls made to verify the amount swiped? Small amounts rarely trigger a "warning bell" with some credit card companies. All the small amounts added up to a big one!
SCENE 2:
A man at a local restaurant paid for his meal with his credit
card. The bill for the meal came, he signed it, and the waitress folded
the receipt and passed the credit card along. Usually, he would just take
it and place it in his wallet or pocket.
Funny enough, though, he actually took a look at the card and, lo and behold, it was the expired card of another person.
He called the waitress and she looked perplexed. She took it back, apologized, and hurried back to the counter under the watchful eye of the man. All the waitress did while walking to the counter was wave the wrong expired card to the counter cashier and the counter cashier immediately looked and took out the real card.
No exchange of words - nothing!
She took it and came back to the man with an apology.
Make sure the credit cards in your wallet are yours. Check the name on the card every time you sign for something and/or the card is taken away for even a short period of time.
Many people just take back the credit card without even looking at it, thinking that it has to be theirs.
* DEVELOP THE HABIT OF CHECKING YOUR CREDIT CARD EACH TIME IT IS RETURNED TO YOU... AFTER A TRANSACTION!
While he waited, he picked up his cell phone and started dialing. the woman noticed the phone because it was the same model that she had, but nothing seemed out of the ordinary. Then the woman heard a click that sounded like her phone sounds when she takes a picture.
The man behind the counter then gave the woman back their card but kept the phone in his hand as if he was still pressing buttons.
While, the counter man is pressing buttons, the person is thinking: "" wonder what he is taking a picture of", while he appears oblivious to what was really going on.
It then dawned on the woman:the only thing there was her credit card, so now the woman is paying close attention to what the counter man is doing.
The counter man set his phone on the counter, leaving it open. About five seconds later, the woman hears the chime that tells you that the picture has been saved.
The woman stands there struggling with the fact that this counter man just took a picture of my credit card. Yes, he played it off well and had they not had the same kind of phone, the woman probably would never have known what happened.
The woman immediately canceled that card while walking out of the restaurant.
Be aware of your surroundings at all times. Whenever you are using your credit card(s), (*) be careful, don't be careless.
Notice who is standing near you and what they are doing when you use your card...Especially when you use an ATM machine at a bank or elsewhere.
Be aware of cell phones because many have a camera capability these days.
When you are in a restaurant and the waiter/waitress brings your card and receipt for you to sign,make sure you scratch the*first portion card numbers off. Some restaurants are using only the last four digits, but a lot of them are still putting the whole thing on there.
If you have already been a victim of credit card fraud you know it is not fun and can take years for you to clean the alate.
The truth is that they can get you even when you are careful, but don't make it easy for them.
purse or walletIf the Mail Box, at home is screwed to the wall, be sure that the method of attaching will make it difficult for thieves to removethieves. The Mail Box should also have a strong lock.the garage. Slot should "Only" be "High and wide enough to allow the mail person to insert letters and not allow anyones arm beyond the wrist to enter the slot.to catch delivered mail.Statements, ANY documents that evidence your "personal" information. Don't just throw these documents inthe garbagecard...using permanent ink...immediately.the checks up at the bank.did not take the time to insure that the envelope was sealed, "complain" to the executive of the sendingorganization and ""Put It In Writing"" to emphasize your concern and to inform the manager about someone who is not doing their job.Name. You can also visit the web site, if you have Adobe Reader by clicking here
• Do not carry your own or your child's Social Security card with you.
• If a Social Security number is requested by a school or doctor's office, ask if another number can be used instead.
• Include your child's name on opt-out lists for pre-approved credit cards.
• Teach your children to shred any documentation that contains personal information.
• Run a credit report once a year to make sure there is no activity under your child's Social Security number. Any activity could signal fraud.
By Lorene Yue...Your Money staff writer...Published September 5, 2004
Copyright © 2004, Chicago Tribune
These days, homeowner's insurance policies cover more than your house--they can help you recover your identity.
Identity theft is the fastest growing crime in the nation--9.91 million victims in 2003, according to the Federal Trade Commission. That has prompted some insurance companies to create a policy to help customers untangle the mess created when they have been fraudulently impersonated.
St.Paul Travelers claims to have been the first company to offer ID theft coverage, in 1999--but the idea has not taken the world by storm. Since first offering the policy in 2002, Farmers Insurance Group has seen 27,000 of its roughly 4 million homeowner customers take up the offer.
The slow adoption rate isn't stopping newcomers from joining the arena or offering upgrades.
At Allstate Insurance Co., which initiated coverage in July, victims can get more than money if their identity is stolen: They get someone else to clean up the mess. The product is only available in four states--Arizona, Texas, Illinois and New York--but the company plans to roll it out in more states."We will provide you with the experts to do the work of getting your life back," said Allstate spokesman Bill Mellander.
Not a bad deal, experts say, considering the average time and cost to fix the damage caused from ID theft is roughly 600 hours and $6,000, according to the Identity Theft Resource Center in San Diego. The FTC has a more conservative estimate--an average loss of $500 per victim with 30 hours.
"It's terrible, terrible tedious work," said Carolyn Gorman, vice president of the Insurance Information Institute in Washington.Not a bad deal, experts say, considering the average time and cost to fix the damage caused from ID theft is roughly 600 hours and $6,000, according to the Identity Theft Resource Center in San Diego. The FTC has a more conservative estimate--an average loss of $500 per victim with 30 hours.
But Linda Foley, who helps head up the Identity Theft Resource Center, called identity theft insurance a "buyer beware" product. "It's a personal choice," Foley said. "And there are vast differences from one policy to another."
How does it work? You'll find that most companies will offer ID theft coverage as part of a homeowner's, renter's or condo insurance policy. You may find a stand-alone product that is being offered through your employer or your credit card company, butread the fine print and make sure it includes benefits you can really use. Remember that you are generally responsible for the first $50 of unauthorized credit card charges, but some card issuers won't make you pay anything at all.Coverage. Look for an insurer that reimburses you for the cost of making long-distance calls, sending certified mail, notarizing affidavits, as well as attorney fees and loan fees if your application was rejected because of damage created when your credit history was ruined.
The biggest selling point is if the policy will reimburse you for lost wages while you take time off work to chase down documents, meet with law enforcement officials or make phone calls.
There is a cap to expenses. Total costs are restricted to $15,000 at Farmers and St. Paul Travelers and $25,000 at Allstate and Chubb Group Insurance Cos. There is also a limit for what you can recoup in lost wages.
Cost. Some companies, such as Chubb, won't charge extra for ID theft coverage. Others may charge as much as $40 a year, and Foley recommends you don't pay more than that.
Deductible. You could face some out-of-pocket costs before you get reimbursed. Chubb has a $500 deductible and St. Paul Travelers has a $100 deductible. Farmers and Allstate do not require a deductible.
You'll want to weigh the possible cost of clearing your name against how much you might lose in wages against the deductible. If you make $20 an hour and it takes you 10 hours to straighten things out, a $250 deductible won't help you recoup your lost wages.
Associated Press:Posted Tuesday, August 10, 2004
BOSTON - BJ's Wholesale Club Inc. attracts shoppers by putting thousands of discounted products under one roof. It wasn't hard to attract cyberthieves either, with databases that amass credit card numbers in huge volume.
The theft earlier this year of thousands of credit card records from the nation's third-largest warehouse club illustrates the potential for massive-scale identity theft whenever so much purchase-enabling data is stored in one place. It also illustrates how difficult the cleanup can be.
The Secret Service still doesn't know whether the breach was an inside job or the work of hackers, but it has made some arrests, said Tim Buckley, a Secret Service agent investigating the case.
The suspects arrested in the United States and abroad may have ties to a large international identity theft ring, Buckley said. He declined to say how many arrests have been made or provide further details.
Meanwhile, financial institutions had to reissue hundreds of thousands of credit cards belonging to BJ's customers as a precaution against further fraud. The case may be the largest retail fraud of its kind based on the amount of cards reissued, experts say.
BJ's says the breach affected only "a small fraction" of its 8 million members.
Philadelphia based Sovereign Bank covered about 700 fraudulent transactions from the BJ's theft and had to reissue 81,000 cards at a cost of about $1 million, said spokeswoman Ellen Molle said. The Pennsylvania State Employees Credit Union reissued cards to 14,000 of its members at a cost of $100,000, said Greg Smith, president.
Visa and Mastercard issuers in the United States, most of them banks, lost an estimated $820 million from fraud in 2003, up 6 percent from the previous year, according to a study by Credit Card Management, an industry magazine.
When BJ's disclosed the breach in a March 12th news release, it said it had altered its security systems and was confident information was secure. BJ's, which has 150 clubs, has said the theft would have no material effect on its finances. Consumer advocacy groups say they've received few consumer complaints.
But the Natick, Mass.-based company now faces claims from some of the 10 to 15 banks that had to replace cards or reimburse consumers for fraudulent transactions. Investigators and bank officials have declined to disclose the monetary losses.
|
|
Recently, three men pleaded guilty in North Carolina to charges they conspired to hack into the Lowe's home improvement chain's data network to steal credit card information. Lowe's officials said the men failed to get into the company's U.S. database.
And a Florida man was charged with stealing large amounts of consumer information from database aggregator Acxiom Corp. - the second such hack of its files revealed in the past year. Prosecutors say the stolen data was not used for identity fraud but to distribute ads via an e-mail business.
Thefts raise costs for credit card issuers, which typically cover most losses from fraudulent transactions and limit liability to merchants. The problem is a moving target becausethieves are creating increasingly sophisticated criminal networks with global reach.
"However they find the numbers, they end up on some computer bulletin board and are sold," said Buckley.
Lawmakers are responding. A federal law signed July 15 increases criminal penalties and eases the burden of proof needed to win convictions in identity theft cases. The law also establishes a crime of aggravated identity theft and sets stiffer punishment guidelines for cases originating from information stolen in a workplace.
A Michigan State University study to be published later this year found as many as 70 percent of all identity theft cases originate with information stolen in a workplace, rather than through hacker intrusions, home robberies or mail fraud.
The study's author, Judith Collins, an MSU criminal justice professor, said the tougher sentencing the new federal law requires is a move in the right direction.
A California law that took effect last year holds merchants more accountable for safeguarding customers' card data. Banks and other companies must notify customers when a breach of their personal information is suspected. The law requires businesses to limit how and when they display consumers' Social Security numbers, including a ban on printing a customer's number on cards needed to access services.
The credit industry "has been relatively slow in taking more security steps than they already have in place because they sort of felt they could tolerate the loss," said Robert Richardson of the Computer Security Institute, an organization for security professionals. New steps could include employing identification technologies such as fingerprint scans.
Carol Baroudi, a retail and computer security analyst with the research firm Baroudi Bloor, believes most such cases like BJ's escape public scrutiny.
"I don't think this case was that much of an anomaly," Baroudi said. "I think the fact that we've actually heard about it is different ... BJ's had the guts to come forward. They took the risk that people would stigmatize them for this."
Keep alert for people with cell phones in hand standing near you in the checkout line at retail stores, restaurants, grocery stores, etc.With the new camera cell phones, they can take a picture of your credit card, which gives them your name, number, and expiration date.
As noted on this page,Identification theft is one of the fastest growing crimes today, and this is just another example of the means that are being used. So, be aware of your surroundings. Please inform your friends and family, acquaintances.
ID theft toll is growing in U.S.,Government looks for way to stem tide
By M. Daniel Gibbard, Tribune staff reporter. Tribune news services contributed to this report Published March 11, 2005
The stories of identity theft come almost daily, from state workers allegedly selling names for fake driver's licenses to hackers stealing 145,000 consumer profiles to a University of Chicago Hospitals employee apparently passing along information from patient records.Merz said.In the midst of what some are calling an unprecedented explosion in fraud, officials are warning people that they must go well beyond shredding documents and ripping up credit card receipts to protect themselves.
"No matter how you cut it, this is a huge problem," said Steven Baker, Midwest director for the Federal Trade Commission, which catalogs complaints. "It's an epidemic."
On Thursday,(*)3/10/2005 ) Congress began hearings into how data collection companies with huge databases collect, handle and sell personal information and whether new federal regulations are needed to improve security and privacy.
The FTC logged 388,000 ID theft complaints last year, up 19 percent from 2003 and 61 percent since 2002, according to a report released last month. Illinois ranked 10th in complaints, with 11,138 victims, up 14 percent since 2003. The Chicago-Naperville-Joliet area ranked 19th among metropolitan areas in 2004.
Individuals reported $547 million in losses last year."In the last couple of years, crime in general has been declining,except for identity theft," said Judith Collins, an associate professor at Michigan State University and expert on identity theft.
While identity theft is about as old as civilization, experts say computers have allowed it to grow geometrically since about 1999.
Last month, Bank of America Corp. admitted it recently lost data tapes that contained personal information on 1.2 million government account holders, including U.S. senators and defense personnel.
But it's not just computers; criminals have come up with myriad ways to get personal data.
Profiles are stolen one at a time and by the million, by sophisticated computer hackers and by "Dumpster divers" who dig through garbage looking for credit-card receipts, unused credit solicitations or other goodies.
"The more information they've got, the better," Baker said.
A name, Social Security number and date of birth can be enough to apply for a driver's license, he said, "and if you've got a driver's license, you can do darned near anything else."
Yet despite the growing awareness of identity theft in the law enforcement community, it still largely is up to individuals to shield themselves.
"You have to protect your personal information like you protect money in your wallet," said Melissa Merz, spokeswoman for Illinois Atty. Gen. Lisa Madigan.
The list of precautions is long, but the first rule is to never throw away anything containing personal information without destroying it.
And instead of leaving outgoing mail where a thief can get it, put it in a drop box, Baker said. Filling out contest entries in hope of winning a cruise or a new car is folly, he added."It's amazing how much information people will give out about themselves for the chance to win something free," he said.
Noting that personal computer security often can be breached, Collins goes a step further.Until security improves, "my advice to anyone would be, if you don't want it on the Web, don't put it in your computer," she said.
A major threat is hackers who steal information from "secure" computer servers, such as the 145,000 names, including 5,000 in Illinois, thought stolen during the last year from Georgia-based ChoicePoint, a company that sells consumer data.
Then there are the inside jobs, criminals who steal data from their employers about other workers, often after taking a job solely for that purpose, Collins said.
In response, a federal law took effect in Illinois on March 1 requiring the three major credit reporting agencies to offer anyone who requests it one free report annually through www.annualcreditreport.com.
Also, Merz said, since January 2004, Illinois has required police to take reports on suspected identity theft, such as when credit cards or other identification are stolen. In the past, many officers were reluctant to do so.
"I think what happened is police didn't have the experience and the expertise to deal with it, and that's not unusual in a developing area of criminal activity," said Lake County State's Atty. Michael Waller. "It takes time to get up to speed."
Waller himself was victimized in late 2003 when a maid stole a credit-card receipt from the trash and used the number to buy $800 worth of clothing on the Internet.She and an accomplice were convicted.
A police report is critical in reporting identity theft because it entitles a victim to put a fraud watch on her credit report that, in theory, can prevent further damage, such as fraudulent credit card or loan applications, Merz said.However, only 30 percent of ID theft victims notified police and had a report filed, the FTC report says, and 61 percent did not notify police.
Credit card fraud affects people who aren't directly victims as well, said Ronald Allen, a professor at Northwestern University's School of Law."Whenever a corporate entity eats the loss, they don't really eat the loss; they pass it on to consumers, so we all get the loss," he said.
While credit card fraud accounts for 28 percent of identity theft complaints to the FTC, criminals use stolen identities in more subtle ways, though with the same end in mind, Collins said.
For example , someone who has placed a fraud alert on his credit report can still be useful to con artists, who may set up a bogus corporation in the person's name and use that corporation to buy data from reporting agencies,data that is used to commit more fraud. That is what apparently happened in the ChoicePoint case.
"Not to be flippant, but the future of identity theft is quite rosy," Allen said. "As more and more information gets transmitted electronically, there are more and more opportunities for nefarious behavior, and the human condition being what it is, there will be more and more people to take advantage of it."
For more information
1.Treat your insurance card like a credit card. Don't lose it or loan it, and don't show it to anyone except a trusted health care provider.
2.Watch out for "freebies." Be suspicious of offers for free medical care. Avoid clinics that advertise aggressively, promise to waive co-payments, provide free transportation, or similarly entice you.
3. Read the EOB. Carefully review the "explanation of benefits" letters sent from your insurance company, and call about claims for services or drugs that you don't understand.
4. Check your benefits yearly. Once a year, request a listing of benefits paid out by your insurer. That way, you'll discover fraudulent payments even if the thief has changed your billing address.
5. Request an accounting of disclosures. You have a right under HIPAA to get this document from every health care provider you visit. The accounting will detail what personal information was released and whom it was sent to. It's a good way to catch and track theft, because any fraudulent medical information will probably be passed along to other providers.
6. Review your credit report. If someone has stolen your medical identity and racked up unpaid hospital bills in your name, the charges could turn up on your credit report.
For more information on this Readers Digest article , visithttp://www.rd.com/content/openContent.do?contentId=30232
For additional information, go to worldprivacyforum.org and bcbs.com.
Page Author assumes " No Responsibility ... Now Or In The Future "...For Products, Services Or Other... Offered By Any Of The Entities Listed On This and subsequent Pages.
This Page Of Links Is Provided As A Public Service, And Does Not Provide Any Warranty,Statement Of Quality," Implied Or Otherwise, " About Any Of The Products,Businesses Or Services Listed. Links On This Or Other Pages Are Intended To Be Informative And Does Not Imply an endorsement By Page Author.