Dale Penn

Consumers may have finally scored big time!

Credit reporting agency TransUnion has agreed ( as part of a pending class action settlement) to provide free credit reports and credit monitoring to anyone who had a credit card, loan or credit account between January 1998 and May 28, 2008.

In case you’re counting, that amounts to over 160 million Americans who would qualify for free credit monitoring. Under the settlement, the free monitoring would be good for between 6 and 9 months.

After a 10 year legal battle in which TransUnion was accused of selling private consumer data, it seems that anyone with a loan during the last 10 years will get this neat gift by simply applying for it.

The data in question was sold to marketers like retail and financial institutions, who then analyzed it and sent out unsolicited offers (a.k.a. junk mail) to consumers like you and me.

In addition to the free credit report available now from the big 3 bureaus, consumers will also get free monitoring of their credit files. Monitoring can be a useful early warning signal that an identity fraud has occurred or may be pending.

Until now, it seemed that consumers had no defense against the sale of their personal and private credit profiles. During my public lectures, I have always shared the dangers of this sort of “dirty tricks” industry practice which I refer to as “Pirates Peddling People’s Personal Preferences.”

A TransUnion spokesman denied that any law was ever violated and claims that the practice in question was terminated in 2001. The company plans to make lemonade from lemons when it begins an ad campaign in mid June to announce its free monitoring plan to the public.

You can read a copy of the settlement online at: www.listclassaction.com Claims can be filed starting June 16th, 2008 on the website or by calling 866 416-3470.

Postal Inspector laments: “Like nothing we have ever seen!”

Nebraska police and postal authorities have uncovered what appears to be one of the largest cases of mail fraud and identity theft they have ever encountered.

A vehicle searched after a routine traffic stop uncovered a mountain of stolen mail which lead veteran postal inspectors to discover one of the largest caches of stolen mail in the state’s history.

Similar incidents in Fremont, California have led to the arrest and conviction of a couple who were recently sentenced to five years in prison and slapped with a $25 million dollar judgement for trying to misuse the U.S. Mail to defraud Microsoft Corporation.

The Microsoft case involved multiple defendants who were very organized and persistent.

In a frightening turn, it was discovered that the proceeds from the racket were being funneled out of the country and in to Pakistan, according to federal prosecutors.

Here are 5 simple ways to reduce your chances of being a mail fraud victim:

1. Only use a locked mailbox at home
2. Never leave mail for pickup in, on or around your mailbox (that red flag is a no no)
3. Stop your mail delivery when going on vacation
4. Utilize online bill payments to reduce the paper mail you receive
5. If you suspect you are missing mail, contact local police and Postal Inspectors pronto

Sadly, we have finally come to the point in our nation’s history when it is naive and foolish to utter the hackneyed phrase “the check is in the mail.”

Not all Identity Theft protection providers are created equal.

Many consumers are scrambling for answers and guidance. Some just roll with their hunches or simply give in to the relentless marketing barrage of the “high profile “solution providers.

We all know who they are. These companies seem to pop up every time we visit the web. Their promises to prevent financial peril have been carefully crafted to deliver the greatest set of wiz-bang features ever offered before.

Some firms prop up spokesmen who carelessly boast of their own invulnerability to financial theft, while others claim to have cornered the patented ability to deliver a cloak of protection which only they can serve up.

All these contenders with their endless features and benefits remind me of a fantastic local deli near our house. The menu is huge and there are just too many delectable choices with a wide variety of prices!

So what’s a typical security seeker to do?

First, answer these revealing questions:

• Are you a victim? (If so, contact your local police immediately!)
• Have I checked the FTC’s online resources for information and guidance?
• Am I prepared between $9 and $15 dollars per month for the “right” solution?
• Do I mind paying someone to do something I could do myself for free?
• Are the company’s promises and claims reasonable and realistic?
• Is my entire family in need of protection or just me?
• Have I been lured with promises of “free” services? www.freecreditreport.com
• Do I really expect to “cash in on those well publicized $1,000,000.00 loss guarantees?
• Should I take a deep breath and examine my real no cost credit report?
• Have I taken advantage of freely accessible steps to minimize my exposure?

Consider your needs before “jumping on-board” with a provider.

Simply scratch off anyone on your list who claims to be able to PREVENT your identity from being stolen.

Consider that the Big 3 credit aggregators are in the business of selling your personal information to data-hungry marketers, while they simultaneously “protect” you from many of the very vultures that they feed.

It makes sense to protect yourself from the seemingly inevitable world of data breaches, medical fraud and financial fraud.

Well known Silicon Valley IT expert Ravi Char refers to information security as “the delicate dance”. No one solution is capable of covering all the bases.

In today’s complex world of portable data and predatory opportunists, the best identity protection solution is to stay light on your feet and keep on dancing.

Massive data spill leaves thousands of students out in the cold.

The combined number of people victimized in two separate incidents at the Universities of Virginia and Miami totals over 50,000.

Nearly every imaginable piece of private information was stolen; including names, addresses, credit card data and highly- prized social security numbers.

These giant leaks aren’t supposed to occur, but the fact is that the portability of laptops and backup tapes makes the crime more common than casual observers may notice.

In the Florida case, the records were being shipped off to a private off site storage facility. This practice is usually designed to safeguard the data off campus, but this time the stagecoach was robbed.

This isn’t the first time the University of Virginia has dealt with this crime. Last year the F.B.I. was called in to investigate the theft of data belonging to 5735 University faculty members.

Techweb Media reported this story last week and also disclosed new research from analysts at AMI Partners. The research indicates that a staggering 86 percent of mid-sized U.S. business reported some sort of security breach or data loss in the last 12 months!

What can you do to ward off the grim IDENTITY GRIM REAPER?

1. Back up your data. A backup allows you to restore missing, corrupted or stolen files quickly. A backup will also allow you to continue your work while your computer is being located, repaired or restored.

2. Download updates to your OS and software regularly. Security patches and “bug fixes” can help you keep your privacy armor polished.

3. Be on guard for viruses and worms. Fight these cyber-security threats by installing a good anti-virus software program.

4. Fight off malicious Ad-ware and Spy-ware. Everyone using the web, instant messaging or file-sharing is vulnerable. Install protective software to fight off malicious mal-ware and update it regularly.

5. What do you mean you don’t have a firewall? Install one immediately to protect your computer from intrusion. Purchase a firewall “box” or get the software version from a company like Norton or McAfee.

6. Use stronger-longer passwords. The longer and stranger looking they are, the better. Recent studies indicate that most computer users utilize the same password for everything. Create long and unusual alpha-numeric passwords that don’t contain easy clues like your dog’s name or the street you grew up on.

7. Lock your computer down! The trunk of your car doesn’t count. Visit a local retailer to purchase a computer locking cable device. Turning your back on your computer for even a moment at home, at the library or at Starbucks is just asking for trouble with a capital T.

Ironic twist makes this incident noteworthy!

Even high profile identity theft advocates are vulnerable to the threat of data loss, data compromise and data crime.

Representative Joe Barton (R-Texas) was among 3000 patients whose records were reported missing by the National Institutes of Health. An NIH laptop containing the medical records for the patients was reported stolen from the trunk of a vehicle according to a report this month by The Associated Press.

Here’s the irony. Barton is a founder of the Congressional Privacy Caucus, whose mission among other things is to educate members of Congress and their staffs on matters of individual privacy.

It is noteworthy that Rep. Barton only found out about his own breach in press reports. Barton has asked the inspector general for the Health and Human Services Department to investigate why the information wasn’t encrypted and why the NIH delayed disclosure of the breach.

As difficult as it may seem to protect your financial identity, your medical records are much harder to secure. This is primarily because patients have no control over the handling and care of their own personal medical records.

The federal regulation designed to prevent these unsettling scams is the Health Insurance Portability and Accountability Act ( HIPAA) Privacy Rule. Unfortunately, it can be extremely difficult for patients to correct inaccuracies in their medical records, because insurance companies are not compelled to correct records which they did not create.

According to a report on msnbc.com, one medical identity theft victim had the contents of her wallet removed and despite the fact that she quickly cancelled all her credit cards, had almost $14,000 in prescription meds and treatments charged up in her name. Over the next four months, restoring her identity became a part-time job. She fought off bill collectors, struggled to get her own medical prescriptions paid for and nearly got arrested herself on suspicion of being a co-conspirator in the scam.

The numbers can be deceiving. According to the Federal Trade Commission, only 3 percent of U.S. identity-crime victims have their information used by others to obtain medical services or false claim reimbursements. This still means that nearly 250,000 Americans may be victims each year! The rising cost of health-care will only make these crimes more prevalent going forward.

The lurking dangers of not being able to access your own health benefits or having your medical records polluted with potentially life threatening mis-information makes this topic a sure recipe for more than just heartburn.

The Oracle of Omaha shares our pain!

It is not surprising that many well known personalities are targeted not only because of their vast wealth, but because dumb criminals actually believe that the wealthy enjoy so much excess that they wouldn’t notice a few missing coins.

The spotlight shines brightly enough to cast a shadow over the financial affairs of many in the public eye. That spotlight however, hasn’t necessarily blinded them.

Oprah, American Idol finalist Ruben Studdard and even Herman Munster have all made the identity theft headlines in the past couple of years. Enter Warren Buffett.

A story in the March 2008 issue of Fortune Magazine cites the latest instance of a high profile identity theft victim. For those who don’t know, Buffett recently passed Bill Gates as the richest man in the world, with a net worth around 62 billion dollars.

According to the account, the Berkshire Hathaway CEO recently checked his credit history and discovered that his FICO score was slightly lower than the U.S. median. The less than stellar FICO score was attributed to a supposed “impostor” who may have compromised Buffett’s credit record.

Apparently, Mr. Buffett’s credit report cites 23 missed payments on a loan held by an HBSC branch in Nevada. The total loan amount was  a whopping $294.00. Buffett claims the account was never his. Nice try Warren.

Fortune reporter Telis Demos indicated that a recent study found that 25% of credit reports contain serious errors.

Although most of us will never share the financial spotlight with money making titans like Oprah and Buffett, we do share the same vulnerability.

Fortunately for Mr. Buffett, he didn’t ignore his credit history, he actually looked at it.

The rest of us would do well to follow that sage example.

If the gatekeepers are concerned, we should be too!

If you haven’t seen reports of  the latest Identity Theft attacks plaguing our country, you haven’t been reading much news lately. Where have you been?

Even the U.S. Air Force has waged an ad campaign designed to capture the imagination of a new crop of tech savvy young recruits to help fight the current “cyber-war”. This war is not imagined or “virtual”, it is very real indeed.  

The battle is raging on many fronts. In addition to the constant daily threat from foreign governments, bored adolescent hackers and low level organized criminals, there is a new enemy emerging.

Symantec Corporation is losing sleep due to concerns about the next virulent strain of Trojan horse programs.  According to the April 2008 issue of PC Magazine, the Trojan.Silentbanker program can perform “man in the middle” attacks between users and more than 400 banks.

This Trojan monitors usage patterns on the web, while looking for bank data that it can manipulate. This program can actually re-route the account destination of banking customer transfers. Apparently, the Trojan.Silentbanker can even overcome the “safeguard” of two -factor authentication.

The article correctly distinguishes between a single bank target like those that are cloned by realistic looking “phishing” sites and the multiple bank sites susceptible to this Trojan program.

Symantec’s well known suite of anti-virus and personal firewall products are designed to protect from these threats. If you are not in the habit of updating yours, you are headed for a hard fall someday. PC Magazine also reminds never to run executables we get from strangers.

Thank goodness for warriors like our Air Force and Symantec who “sit on the wall” for us and fight evil at every turn, keeping us from losing more than just our shirts.

Be afraid…..be very afraid.

We live in a world where our personal habits, personal preferences, personal information,  and private lives are sometimes taken for granted. Former New York Governor Eliot Spitzer now realizes the folly of this careless, foolish and whimsical approach.

Last week, msnbc.com reported about the rash of failed savings and loans who are dumping mountains of personal information into trash bins as their businesses shut their shingles, fold their tents and abandon their clients.

The article chronicles the failure of First Magnus Corp. who was one of the largest mortgage lenders in the nation. The company was hailed as a “powerhouse” of savvy technological innovation. As unimaginable as it seems, “tens of thousands” of  documents including credit card and social security numbers were “dumped” in a nearby trash bin.

It now appears that every personal tidbit we make available in the process of securing credit for mortgages and secured or unsecured personal or commercial loans is up for grabs and beyond our ability to provide or even expect protection. Is that line of credit really worth the open exposure of all your personal data?

This new reality hit home for me today as an eagle-eyed industry associate correctly pointed out that a commercial lender who served each of our company’s mutual business clients had suddenly collapsed, leaving their customers and pending applicants’ data completely unaccounted for.

Mountains of juicy private data files are turning up in dumpsters and garbage cans all over the country. This criminal carelessness leaves us all exposed and hopelessly vulnerable beyond our control.

What’s a consumer to do? Protect yourself at all costs. Private identity theft insurance, regular credit monitoring and reactive credit restoration services are all good ways of keeping your guard up. To avoid pro-active identity self-defense is foolish.

The reality is that the information that passes through our hands and into the care of nameless, faceless, careless corporate grunts cannot be safeguarded with any degree of reliability.

Despite the fact that the Fair Credit Reporting Act was amended by Congress in 2003 to mandate better consumer privacy protection, commerce and industry must each do their part.

Because of the implosion of the sub-prime lending industry, many phone lines are down, many office cubicles are empty and many trash bins are full. In the new financial frontier its “every man and woman for themselves”.

Why not begin your proactive identity theft prevention/resolution plan today?

Think Id Theft is a “victimless” crime? Think Again!

In the years that I have searched for the telltale signs of “identity vulnerability”, I’ve often peeked into some rather innocuous and predictable places.

We don’t like to think of this crime as a gritty, true crime. After all, ID theft isn’t as bad as a typical violent TV crime-drama crime is it?

In fact, a little known reality is that the victims of identity often feel the same impact and violation as victims of violent crime.

Last week, an Illinois jury sentenced Eric Hanson to death for the murder of his parents, sister and brother in law. The four were found dead in an upscale home in the nearby city of Aurora.

In addition to first-degree murder, aggravated kidnapping and armed robbery, Hanson was found guilty of identity theft. He was accused of stealing $80,000 from his parents in a credit card fraud scheme.

Hanson’s killing rampage began when his sister informed the family that he had ripped them off for the money in the credit card scam.  Prosecutors claimed the convicted murderer and ID thief killed in a sick sad attempt to cover up his evil caper.

Statistics reveal that a large percentage of ID theft occurs within families. Scary eh?

Postal Customers Receive Timely Alert

John E. Potter, CEO of the United States Post Office has weighed in on the severity and urgency of the raging identity theft battle.

Personally, I was very pleased to receive this piece of seemingly “junk” mail last week and I’m hopeful that most postal customers took the time to read it. The letter acknowledges both the scope and seriousness of this crime.

Readers were reminded of the  lasting effects that ID theft can exact upon one’s credit worthiness,  employment eligibility and even access to medical care.

In April 2007, President George Bush’s Identity Theft Task Force published a 108 page report detailing the government’s strategy to make the fed’s efforts “more effective and efficient in the areas of identity theft awareness, prevention, detection and prosecution.”

Coordinating the efforts of multiple government agencies to analyze crime reports, craft a strategic safeguards plan, utilize available resources, educate the public, investigate complaints and vigorously prosecute perpetrators is essential. Its also a mouth full.

Hats off to the Postmaster General for slipping this timely little letter and it’s accompanying brochure from the Federal Trade Commission, into my mailbox and yours.

 Well done!