Dale Penn

This story hits close to home for me because it mirrors an incident in my own experience.

Sooner or later, a criminal’s luck runs out. That’s what happened to a group of identity thieves who recently bit off more than they could chew.

The Associated Press reported this week that a ring of counterfeit check scammers got themselves into a mess that could keep them on ice for quite some time, at the expense of the taxpayers in the state of Oregon.

Most police agencies have one person who is considered their “go-to” expert on certain types of cases. In this case the cop is Barbara Glass. She is a veteran police officer who has nearly 20 years of service under her utility belt.

According to the report, Glass has served all those years:

” including eight specializing in ID and fraud investigations. During her investigation into the check ring, she got an e-mail from a Safeway store to alert her that her name had showed up as the signee on one of the bogus checks (that was) passed.”

I was immediately reminded of the value of some type of early warning, late warning, any warning that can inform a victim that they have been compromised. Most consumers have done NOTHING to erect an early warning system for themselves.

Many people who have purchased some type of identity theft protection are still vulnerable to ongoing abuse. Unlike the timely and coincidental email from Safeway in this case, most of us have no form of notification or early warning set up for us until it’s too late.

Officer Glass told The Oregonian newspaper that she nearly fell off her chair.  Glass recalls shouting out to her partner, Officer Dave Staab “My name!” Her full name was handwritten on a fake check and cashed back in April.

This story hits close to home because I remember the day my wife and I had the same conversation. Counterfeit checks were presented and cashed all over town with our bank information and a signature that wasn’t even close to mine.

In my case, the culprits were never identified, but due to the police work of Officers Glass and Staab, the Multnomah County Deputy District attorney will soon have a case to prosecute.

Thanks to some inspired police work, three suspects have had the spotlight shined on thier own identities and are now awaiting their day in court.

I don’t think a check payable to the bailiff will get them off the hook this time.

I was caught off guard by an identity theft story reported this week in the N.Y Daily News:

“A band of brazen thieves ripped off hundreds of New Yorkers by rigging ATM’s to steal account and password information from bank customers.

They used the pilfered info to swipe half a million dollars from their victims’ bank accounts- the latest twist in increasingly aggressive identity-theft scams, police said.

“This crew is sophisticated”,  said Deputy Inspector Gregory Antonsen, head of the NYPD’s special investigations division. And they are coming up with new ways to steal your identity every day.

The scam is a part of a chronic assault on peoples’ identity.”

Quite often, the equipment attached to ATM’s and gas pumps is rigged with sophisticated wireless technology, enabling the thieves to receive the data from a remote location. Sometimes that remote location is a rented office space nearby  and sometimes the thieves just sit down the street or around the corner while the data flows into their receivers.

Whenever this type of skimming equipment is attached to a machine like an ATM, the chances are pretty good that there is also a camera attached to capture your PIN number as you enter it into the machine.

Often, the equipment renders the real ATM useless and the customer just walks away thinking the machine is broken. If the scam is active during a weekend or holiday, it makes the chances of reporting the broken machine much less likely, giving the thieves more time to snatch as much data as possible.

What caught me off guard in this case is the amount of the booty. The Staten Island thieves made off with an estimated take around $500,000.00. The 250 victims are being reimbursed by the bank which means that eventually, the bank’s customers will absorb the true cost of this theft.

Consumers need to cultivate the discipline and awareness to take these steps:

• Look for unusual attachments to every machine you use
• Look for scratches, cracks and color variations to a machine’s original equipment
• Walk away from any set of machines in which one or more is “broken”
• Always cover the keypad when entering your PIN number
• Beware of any stickers or instruction sheets added to a machine
• Routinely look for unusual ATM or credit card activity on your monthly statement
• After dining, ask your waiter or waitress to leave your credit card in sight if possible

Armed with your stolen data, thieves often create new credit cards that are loaded with your information and ready to use at any ATM within a matter of minutes.
For those who thought credit and debit card skimming were a thing of the past, think again. Those instructions to “swipe your card here“,  have taken on a whole new meaning.

The growing trend in world of threat assessment seems to point increasingly and correctly to the vulnerability of personal data shared and stored with online social networks.

The June 2009 issue of Consumer Reports has a lot to say about the subject:

“Social networking sites provide cybercriminals with more ways to gather personal information. Users may reveal sensitive family information simply by posting photos showing where they live or by describing a forthcoming family vacation, revelations that can help criminals.  And the number of potential victims unfamiliar with such risks continues to expand. In our survey, half of the respondents age 36 to 45 were users of a social networking site.”

It was just a few months ago that Computerworld magazine reported that more than 30 celebrities and organizations including Barack Obama and Britney Spears had their Twitter accounts hijacked by malicious hackers. It widely noted that Cybersecurity is now a major national security problem for the U.S., according to a prominent Washington, D.C. think tank.

The Consumer Reports story goes on to reveal that thirteen percent of social network users have experienced some form of online abuse. The real number is certain to be higher, due to a lack of both reporting and  awareness by frivolous and often whimsical internet users.

A far more mind numbing statistic is that there are an estimated 3.7 million homes with broadband access in the U.S. that don’t even bother to use a firewall to protect against hackers!

Unfortunately, as these social sites grow in popularity, they supply an endless stream of easy pickings for phishers, scammers, cybercriminals and corporate bad apples with easy access to your juiciest tidbits of profitable data.

Sadly, we also know thanks to Federal Trade Commission statistics that a large percentage  of sensitive consumer data is stolen by those we know, trust, love or work with.

The folks at Consumer Reports offer readers a variety of ways to protect themselves online, many with no cost. Their tips can be found at: ConsumerReports.org/security.

Its really amazing how many “grown-ups” who are active online, have forgotten the advice they not only received as children, but dished out as parents:

“Don’t talk to strangers…”
“Keep aware of your surroundings…”
“Close and lock all the doors and windows…”
“Make sure you zip up before you go out…”

In our zeal to “get out and play” in cyberspace, we often forget the simple things that could one day come back to haunt us.

Earlier this year, the World Economic Forum met in Davos, Switzerland for their annual  conclave. The topic of internet crime  drew the attention of attendees, leading a panel to take a look at the issue of international cyber-crime .

One startling fact emerged from their look into fraud, identity theft and organized crime. According to the experts, which included representatives from Mozilla, McAfee and Microsoft, 2008 saw more internet-based crime than the preceding five years combined! 

The WEF considers itself “the foremost global community of business, political, intellectual and other leaders of society who are committed to improving the state of the world.”

They go on to describe themselves as “an independent, not for profit organization that brings these leaders together to work on projects that improve people’s lives.”

The Davos attendees concluded that due to the organized criminal creation of large scale cyber-attacks, these incidents have moved beyond the mere nuisance of teenage hackers bored with nothing else to do, to a modern “organized criminality” that has grown well beyond garden variety vandalism.

The Forum estimates that internet crime alone, packs a whopping $1 trillion dollar price tag. With no clear consensus on how to attack the problem, the panel suggested solutions ranging from the creation of a nearly “totalitarian” worldwide governing body similar to the World Health Organization, to a diluted form of self-policing.

Perhaps an international outbreak of “willful blindness” has led us to this point. Hopefully the international criminal pleasure cruise that world economies are on,  is headed for some immediate course correction.

A new study conducted and released by Unisys Corporation reveals what most observers and pundits have been saying about our collective jittery nerves lately. With this new level of fear come concerns about fraud and ID theft reaching new heights  and threatening Americans more than ever.

According to the story published on Webwire: “The research, conducted with the latest Unisys Security Index, also confirms that most people are much more worried about their financial security, which saw a 12 percent spike when compared to results polled in September 2008. 

This concern now ranks as Americans’ number one security fear for the first time since Unisys began the global study in 2007. Conversely, the current data also shows the lowest level of concern about national security issues among U.S. consumers.”

The Webwire story goes on to report that more than two thirds of Americans are extremely worried or very concerned about other people obtaining and using their credit or debit card details, with 90 percent at least somewhat concerned.

The better news is that most of the identity theft strategies I’ve written about for some time now, can still protect consumers even in an age of unparalleled financial uncertainty.

By protecting your personal, private and proprietary information, you can still mitigate the effects of our current financial crimes tsunami. By guarding your credit and debit card numbers, bank account numbers, social security numbers, checking account numbers, pin numbers, passwords and computer files……you take away the match sticks that could ignite into to a personal financial firestorm.

None of these methods (including credit monitoring services) are guaranteed to prevent your information from falling into the wrong hands. Careful monitoring of billing and banking statements, credit reports and other financial and medical records will keep you positioned to spot a potential problem.The businesses we frequent also have a responsibility to protect our data and our dollars.

The Unisys study goes on to report: “Banks and businesses need to understand that customers are more wary than ever about using services that may compromise their personal data. If economic concerns increase these fears, companies need new strategies to strengthen customer confidence through accountability and transparency, which also plays to part of the Obama administration’s call to action for government and business.”

The fear gripping our economy is understandable, but we can take proactive steps to minimize our exposure. As a last resort, we can all just repeat this prayer:

“Lord, defend me from my friends; I can account for my enemies.” — Charles DHericault

If tax season is as taxing as ever for you, here are seven ways to reduce your annual tax time anxiety and vulnerability.

* Beware of tax-time ID thieves who create fake IRS websites just for this season.

* Bold fraudsters often “pose” as IRS agents to trick you into revealing personal data.

* The IRS never uses email to initiate contact with taxpayers.

* Any email that promises to deliver refund money should be deleted immediately.

* Taxpayer audit and refund information is always delivered through the U.S. mail.

* Unsolicited IRS contacts sent via email should never be opened or responded to.

* Communication from the IRS can be confirmed by calling (800) 829-1040.

Another common twist is that many unsuspecting taxpayers have received legitimate notifications from the IRS, requesting payment of taxes due on unreported earnings.

This is possible if someone illegally uses your Social Security number to obtain employment. In these cases, an unwitting employer reports the earnings attached to your stolen number and Uncle Sam comes calling for taxes on income you truly never earned!

Protect your Social Security number at all times and at all costs. If you suspect fraud, contact the Social Security Administration  immediately. They can also be reached at (800) 772-1213.

The Heartland Payment Systems security breach is now considered to possibly be the biggest in history.

The massive theft which is thought to have occurred sometime in 2008, may have allowed the hackers to swipe credit card data from more than 100 million accounts. Apparently, it was spy-ware installed on the company’s internal network that grabbed the data.

PCWorld Magazine reported:

“Heartland says it didn’t discover the breach until Visa and MasterCard came knocking about suspicious activity involving card numbers processed by Heartland……

It’s all the more sad that we as consumers really can’t do a darn thing to protect ourselves against this kind of theft. We can be incredibly careful with our own PC and data, but we have no control over how it’s handled by the plethora of companies that store and process our information.”

According to the Washington Post, Heartland President and CFO Robert Baldwin contacted the U.S. Secret Service as well as two breach forensics teams to investigate.

In terms of sheer volume, Baldwin said:

“The transactional data crossing our platform, in terms of magnitude… is about 1oo million transactions per month.”

This type of breach leaves you and I powerless to prevent it and vulnerable as a result. The stolen Heartland data is precisely what crooks need to create counterfeit credit cards.

That is why the following basics of Identity Theft Protection should be a part of YOUR financial planning.

1. Carefully watch all your credit card statements for irregularities
2. Be on the look out for small charges from unknown creditors and report them
3. Consider freezing your credit files if you don’t plan to apply for new credit soon
4. The use of a credit card leaves you LESS vulnerable than using a debit card card
5. Grab a free credit report at least 3 times a year for FREE

CEO Baldwin was quoted as saying simply:

“….we recognize and feel badly about the inconvenience this is going to cause consumers.”

The giant credit card processor feels badly. I’ll sleep better now.

Outgoing National Intelligence Director Michael McConnell reported last week that Cyber-threats are among his greatest concerns, second only to Iran’s continuing development of nuclear weapons.

MSNBC and the Associated Press reported:

“…Iran producing a nuclear weapon and a cyber attack on critical government or private computer networks top the list of concerns nagging at National Intelligence Director Michael McConnell as he prepares to leave office.”

There are many well intentioned observers who seem to think that cyber-crime in general is on the decline inside the United States. Although there is statistically no need for mass panic, it is foolish to assume that our computer infrastructure isn’t the greatest information target in the world. As a practical matter, I think we are all better off with “someone on the gate” to guard our repositories of personal, commercial,  educational, financial and military data.

The truth is that many potentially damaging breaches go undetected and are often intentionally unreported. Back in 2005, the Department of Homeland Security constructed a worst-case-scenario type cyber-attack and concluded that over 20 million credit cards might be affected over a period as short as just one week. The Department concluded that an event like this could undermine faith in the entire U.S. financial system.

We all pray that President Obama’s team remains watchful and vigilant on the cyber-front during these desperate times. The Obama Administration has already declared our nation’s cyber-infrastructure a “strategic asset” and has pledged to protect “America’s competitive advantage”.

Great start Mr. President.

The New Year’s barrage arrives just days before President Obama is sworn in.

Today was unlike most days when I open my email, yawn and shrug my shoulders. This evening, my KEEN eye caught three names of email senders that I didn’t recognize. That generally means “junk or spam email, but today was different due to the sheer volume and ridiculously (laughable) transparency of these scammers.

These emails were online scams, so phony looking that anyone with “half-a-brain” could spot them a mile away. Three in one day! I had to look in a mirror to make sure the word “sucka” wasn’t pinned to my back.

Not only did the senders promise OUTRAGEOUS sums of money for my help, the spelllinngg was so bad that I actually laughed out loud.

Phishing scams come in many varieties including lottery scams, bill collector scams, fraud investigation scams, employment application scams, overseas bank transfer scams, credit card or banking verification scams and many  others.

According to the Yahoo Security Center:

“If you receive an email (or instant message) from someone you don’t know directing you to sign in to a web site, be careful! You may have received a phishing email with links to a phishing web site. A phishing web site (sometimes called a “spoofed” site) tries to steal your account password or other confidential information by tricking you into believing you’re on a legitimate web site. You can even land on a phishing site by mistyping a URL (web address).

Is that web site legitimate? Don’t be fooled by a site that looks real. It’s easy for phishers to create web sites that look like the genuine article, complete with the logos and other graphics of a trusted web site.”

Unfortunately, the current economic downturn is expected to cause a dramatic increase in the number and frequency of these fraudulent attempts to separate the uninformed from their personal data.

The good news is that these crimes are getting harder and harder to pull off, due to greater consumer awareness and more advanced spam filtering technologies.

Despite the almost comical transparency of the three scams that entered my email box today, the potential for harm and the growing frequency of these annoying ploys is really no laughing matter.

Recently, the Identity Theft Resource Center looked forward to the coming year to predict events that will be the inevitable outcomes of the current economic crisis and the looming identity theft battles.

Real Estate: Homeowners who are behind on payments or seeking refinancing sources can easily fall prey to unscrupulous thieves who are more than willing to “take your information and see what we can do”. Bogus land grants and home equity scams will be commonplace. The recommendation is that homeowners speak directly with well known and established banking and mortgage companies in order to avoid the potential pitfalls of unknown solution providers.

Credit Cards: Many consumers may unknowingly turn to thieves in order to get access to credit cards, debit cards and debt consolidation loans. It is easy to imagine handing over private information to seemingly legitimate companies. Like the mortgage industry, the credit card world has been turned on it’s head in the current economic climate. Look before you “leap” into a deal that may be too good to be true.

Check Fraud: Due to the lack of easy credit, many thieves will turn to check fraud as a way to accomplish their crimes. Needless to say, safeguard your checkbook, deposit slips and banking statements as a first line of defense. Many financial advisers are steering clients away from using paper checks at all. If you must write paper checks, be sure to use an anti-check-washing gel pen and keep a close eye out for any irregularities on your statement.

Organized Crime and Cyber-Thieves- Rings of professional thieves from all over the world have helped make identity theft the fastest growing crime in the United States. Security experts agree that these attacks will become more brazen as time goes by. According to the Wall Street Journal, the U.S. Department of Homeland Security has been reviewing “worst case scenarios” for possible attacks against U.S. government, industrial and financial institutions.

Consumer Scams: Common and rampant scams with nicknames such as skimming, phishing, vishing, pharming and whaling will continue in 2009. This is largely due to the weak condition of the U.S. economy, the vulnerability of average consumer and law enforcement’s scarcity of resources to deal with the sheer volume of complaints.

Breaches: Corporate, educational and government security breaches continue to grow every year. According to the ITRC, there were 641 breaches in 2008, surpassing the total of 446 in 2007. Due to the portability of data, the easy theft of laptops, the cunning deception of “inside scam artists” and the desperation of global perpetrators, this number will continue to increase. At the very least, have your own laptop or PDA/smart-phone set up with encryption and password protection software.

Remaining diligent, alert and informed about the latest scams and threats is your best defense against being victimized in 2009. Stay tuned.