Archive for September, 2013

Mother, Daughter Accused of Identity Theft

Saturday, September 28th, 2013

HandcuffsYOLO COUNTY-

Yolo County Sheriff’s Deputies arrested a mother-daughter “team” Tuesday for alleged identity theft, the office announced Friday.

Investigators say Regina Payne and her daughter, Keitisha Tucker, made nine fake credit card transactions that totaled more than $34,000.

The transactions were made at the Cache Creek Casino Resort, where Tucker worked as a cashier.

Fake cards and a fake Illinois driver’s license were also used.

Both were charged with burglary, grand theft, unauthorized use of a credit card and conspiracy.

Article source: http://fox40.com/2013/09/27/mother-daughter-accused-of-identity-theft/

Technorati Tags: ,

Identity theft fears as a faulty laptop is resold on eBay

Saturday, September 28th, 2013

It is a bizarre story that raises concerns about the security of personal information held on home computers. A London film maker has found that a faulty Acer laptop he returned to Sainsbury’s was sold via eBay to an American buyer – who contacted him to let him know he had access to his personal profile on the machine.

Glenn Swift bought the laptop via Sainsbury’s website, but within two weeks the hard drive died and he was left with a plain blue screen.

He returned the computer to the supermarket’s north London Muswell Hill store, which quickly apologised and replaced it. However, both the webcam and the track pad did not work properly, so Swift took it back once again.

“The Sainsbury’s team said the items would be returned to the manufacturer and I thought no more about it,” Swift says. “But then, six days later, out the blue, I received an email from a gentleman who informed me he had just purchased a second-hand laptop on eBay.

“It still had my profile on it and he asked for my password to allow him to unlock it. Alarm bells started ringing.”

Without giving any passwords, he responded to the email, asking where he’d bought it.

To his amazement, the man revealed he was in the US and that the laptop had been bought through an American-based eBay seller. It was less than a week after Swift had returned the item to Sainsbury’s.

“It was then I realised just how much information a Windows 8 profile can access. When you first use it you have to set up a profile,” says Swift.

“If you are an existing user your profile is automatically downloaded to the new computer – apps, settings and passwords, Facebook, Twitter, Yahoo!, BlackBerry, Gmail, etc. All your information, accessible in one single place.”

Alarmed that his ID details were exposed and he was at risk of fraud, Swift called Sainsbury’s. The store reiterated that its policy was to return all laptops to the manufacturer for diagnostics. If they were to be resold they would first be refurbished and wiped clear, he was promised.

Swift contacted the police, who warned him that he was now vulnerable to identity fraud, but said that at this stage it was still a civil matter.

As a result Swift spent the day changing all his passwords in a bid to halt any potential problems.

He says that Sainsbury’s has since struggled to explain what happened, nor can it tell him what has been done with the second laptop that he returned.

“Staff at the shop have been rather useless, apart from apologising a lot. The guy in America has stopped responding to me. You may want to warn others in the same boat to think carefully about how they return items,” he told Guardian Money.

Independent expert on IT security, Graham Cluley, says Swift is right to be concerned. It is vital, he says, to wipe all data (see his advice below) and the same is true of USB drives and mobile phones. “One of the issues is that with Windows 8 a single password can be used to access multiple settings,” he adds.

“Microsoft strongly encourages you to use an online Microsoft account to sign-in. That means if someone else manages to get your password, they cannot gain access to all kinds of settings and documents that you have chosen to sync between devices.”

He said such incidents aren’t always the fault of the company selling the laptop. It can be that they’ve trusted a third-party organisation to handle the secure disposal of assets.

When Money contacted Sainsbury’s, it suggested that a third-party may be at fault.

A spokesman says: “We would like to apologise to Mr Swift for his experience. As soon as we were aware of his complaint we launched a thorough investigation and a third-party contractor working at one of our sites has now been suspended.

“We have passed the details of our investigation to police and are helping them with their inquiries.”

He says its customer services team will be talking to Swift about compensating him.

Article source: http://www.theguardian.com/money/2013/sep/28/identity-theft-fears-faulty-laptop-resold

Technorati Tags: ,

Madison Mutual Selects IDentity Theft 911 to Offer Identity Management …

Saturday, September 28th, 2013

ST. LOUIS – IDentity Theft 911, the nation’s premier identity management and data risk management services provider, has partnered with Madison Mutual Insurance Company to offer LifeStages® Identity Management Services to policyholders.

As identity risks continue to evolve and threats continue to plague consumers, Madison Mutual Insurance Company policyholders can rest assured knowing they’re protected from the newest identity risks like phishing scams, social media account or email account compromise, tax related identity theft, and more.

According to the 2013 Javelin Strategy Research Identity Fraud Report, more than 12.6 million Americans were victims of identity theft in 2012. Recognizing this trend, Madison Mutual Insurance Company is offering their policyholders peace of mind in knowing their insurance company can help resolve crises ranging from fire loss to property damage, personal lawsuits and also identity theft.

“Madison Mutual Insurance Company has selected IDentity Theft 911 to provide proactive and reactive insurance solutions to our policyholders because of their unsurpassed knowledge of identity management,” said Ed Sprehe, Director of Underwriting at Madison Mutual Insurance Company. “We recognize the growing threats against our identities – everything from medical identity theft to phishing scams designed to steal our personal information. Our policyholders can now take comfort in knowing they have another benefit – identity management services – at their fingertips.”

IDentity Theft 911 fraud specialists provide high-tech service to victims from the initial call through case resolution. Their expertise covers a range of issues, from proactive measures that provide protection to resolution in the case of true identity theft and account takeovers. The fraud specialists work one-on-one with victims and are available 24 hours a day, seven days a week until resolution is complete.

“Identity risks are continuously growing in size and sophistication and customers need a trusted advisor,” said Matt Cullina, CEO, IDentity Theft 911. “In an economic climate in which many companies are scaling back, Madison Mutual Insurance Company is demonstrating its policyholder commitment by enhancing customer experience with additional high-value programs to keep their policyholders’ identities safe.”

Founded in 2003, IDentity Theft 911 is the nation’s premier consultative provider of identity and data risk management, resolution and education services. The company serves 17.5 million households across the country and provides fraud solutions for a range of organizations, including Fortune 500 companies, the country’s largest insurance companies, corporate benefit providers, banks and credit unions and membership organizations. In addition, the company provides preventative and breach response services to more than 600,000 businesses.

IDentity Theft 911 is the proud recipient of several awards, including the Stevie Award for Sales and Customer Service and the Parent Tested, Parent Approved award for social networking monitoring tool SocialScout.

Based in the Midwest in Edwardsville, Illinois, Madison Mutual distributes its products exclusively through Independent Agents. The Company currently has over 200 agencies representing policyholders throughout Illinois and Missouri with more than 500 licensed producers.

Madison Mutual Insurance Company (MMIC) was founded in 1920. Over 90 years later, Madison Mutual continues to grow while striving for best-in-class service for their policyholders. Madison Mutual offers insurance for your automobile, home, farm, and umbrella coverage.

For more information on IDentity Theft 911, please visit http://www.idt911.com. To learn more about Madison Mutual, visit http://www.madisonmutual.com or contact your local independent insurance agent.

Article source: http://interact.stltoday.com/pr/releases/PR092713104514474

Technorati Tags: ,

Don’t make yourself an easy target for identity theft

Saturday, September 28th, 2013

So, here’s my question: Has your student given any thought to making sure his wallet is secure, his bank account statement is out of sight, and the ATM deposit slips and debit card aren’t in plain view on top of a stack of textbooks?

Unfortunately, the statistics provide some answers. According to the Federal Trade Commission, young adults 18 to 29 make up the largest proportion of identity theft victims. Scammers steal the personal information mostly to take out loans that will never be repaid.

College students are a preferred target largely because they have little credit history and spend a lot of time online. Surprisingly for such a computer-savvy generation, they’re often lax in safeguarding personal information online, especially on their social media profiles where they might list a partial or full date of birth or address.

Many college students also let down their guard because they mistakenly think they’re in a trusting campus environment. Campus crime statistics, which are publicly available, often tell a different story.

Here are some tips for your college student from identity theft experts at Experian, the credit services company:

• Always keep your room locked, even if you’re going down the hall for five minutes to throw a load of clothes in the washer. Most identity theft occurs in quick hit and run ways, such as a wallet being stolen from a drawer or a purse taken from an unlocked room.

• Be wary of whom you allow in your room. This is tough, particularly early in the semester when you’re meeting lots of people and making new friends. But this is your personal space, so be wary.

• Carry with you only the ID that you need, such as a driver’s license and student identity card. Leave the Social Security card and passport at home. If they’re already with you at school, keep them in a small safe in your room along with other documents that contain personal information, such as credit card and bank account statements.

• Buy a small shredder. As I’ve said many times over, a shredder should be as ubiquitous in the dorm room as the hotdog cooker.

• Stick with familiar names and do business on websites that have a security symbol, which indicates the site has taken steps to protect customers’ identification.

• Monitor your credit history. True, most teens and young adults won’t have one, but the report will show if someone has established credit based on stolen information. The three major credit agencies are required to provide a free report once a year; go to www.annualcreditreport.com.

• Investigate personal protection services sold by financial institutions and credit reporting services. These products scan the Internet daily for your information and will alert you quickly to any signs that your identity has been compromised.

One caution: Protection services can cost $100 or more a year. On the other hand, using common sense and being aware of the potential for problems costs nothing.

Article source: http://www.kansascity.com/2013/09/27/4511889/dont-make-yourself-an-easy-target.html

Technorati Tags: ,

Suspects sought in King William identity theft

Saturday, September 28th, 2013

KING WILLIAM – Investigators are hoping someone can help them identify two suspects that may have stolen the identity of a King William resident.

“As technology grows and the more we use it, the more we open the door to something like this,” said Investigator Mike Hamm with the King William Sheriff’s Office. “We have just got to be vigilant and monitor everything.”

Two suspects, a male and female, have been photographed using possible stolen credit cards and bank accounts while traveling through Henrico, Harrisonburg, and the Washington D.C. area.

The individuals and/or their associates have also used the stolen accounts to rent vehicles in Richmond and Charlottesville

Hamm said the suspects have not used the stolen accounts at any place in King William County.

Investigators are still in the process of gather records and information and have not totaled the spending amounts.

Identify theft can happen anywhere and to anyone, Hamm reminds citizens.

“Unfortunately, it’s become pretty common,” Hamm explained.  “We advise people all the time to keep tabs.  You can run your credit report once a year. Keep a check on your monthly statements to make sure there or no unusual charges.”

“If you bank or financial institution offers any fraud alerts programs, take advantage of them,” Hamm added.  “Also, be careful with online purchases and make sure they are from reputable vendors.”

Anyone with information on the whereabouts or identity of either of the photographed individuals is asked to call the King William Sheriff’s Office at 804-769-0999 or the Mattaponi Crimesolvers at 804-769-3000.  

 

Article source: http://www.tidewaterreview.com/news/va-tr-suspects-sought-in-king-william-identity-theft-20130926,0,6500698.story

Technorati Tags: ,

Elk Grove Police Refuse To Investigate Identity Theft Until CBS13 Steps In To Help

Friday, September 27th, 2013

ELK GROVE (CBS13) — An Elk Grove couple says investigators wouldn’t take over the case of a man’s identity theft, until CBS13 got involved.

Suzette Bryant says her and her husband’s information were being used from Rocklin to West Sacramento. She even confirmed there were pictures of the suspect.

But Elk Grove Police said there was nothing they could do.

“I was mad,” she said.

She was more than upset after someone recently stole her husband John’s identity, hacking their joint accounts.

“I get a call from Wells Fargo they said is John Bryant there? Wells Fargo never calls us,” she said.

But that was just the beginning. She says the calls started pouring in from at least four stores, each with the same suspect description.

“He said he’s caucasian. I said my husband is 5’9” and he’s black.”

So Suzette went to work gathering the receipts and confirming the stores that contacted her had surveillance.

But after all of that work, Elk Grove Police said the suspect wasn’t a priority.

That’s not what Suzette wanted to hear.

“I’ve always been told I’m very persistent—I’m not going away,” she said.

That’s when she got ahold of CBS13. When we called Elk Grove police, things changed.

“We’ve decided that we do need to look at this information that is available in the report,” said Elk Grove Police Officer Chris Trim.

He says a sergeant in his department was misinformed as to what cases needed to be investigated.

“We determined that the method that the supervisor was using was not the current method, so we have taken care of that, thanks to 13 for contacting us,” Trim said.

Suzette was shocked but happy. She says the police had contacted her and are looking into the case.

Elk Grove Police now say they’ll be checking to make sure other cases weren’t passed over.

Article source: http://sacramento.cbslocal.com/2013/09/27/elk-grove-police-refuse-to-investigate-identity-theft-until-cbs13-steps-in-to-help/

Technorati Tags: ,

SC consumer watchdog to start ID theft unit

Friday, September 27th, 2013

— The S.C. Department of Consumer Affairs will start a new identity-theft division next week.

The four-person division will educate South Carolinians in stopping theft of their personal data and guide victims who are hit by crooks, department spokeswoman Juliana Harris said.

The unit, led by Consumer Affairs attorney Marti Phillips, also will work to enforce state identity-theft laws, including notices that must be sent to victims of large-scale data breaches and letters from credit-reporting agencies when a South Carolinian disputes fraudulent data on credit histories, she said.

An ID theft unit that debuts Tuesday is part of a sweeping state legislative proposal introduced after hackers stole personal financial information belonging to 6.4 million S.C. taxpayers and businesses last year from the S.C. Department of Revenue.

The theft, which included Social Security numbers, was the nation’s largest breach at a state agency.

The bill, which includes centralizing state computer security management, passed the state Senate but was not taken up by the House before this year’s session ended. The House is expected to vote on the bill next year.

Lawmakers gave Consumer Affairs $233,000 in the budget to start the ID theft unit this year. The agency added three workers with the new unit for a total of 38 employees, Harris said.

The state tentatively awarded a contract this week worth up to $8.5 million to Texas-based CSID for a second year of free credit-report monitoring for S.C. hacking victims. The current $12 million, one-year contract with Experian covers taxpayers and businesses for 12 months after they enrolled between October and March.

Article source: http://www.thestate.com/2013/09/26/3003735/sc-consumer-watchdog-to-start.html

Technorati Tags: ,

Identity theft service planted botnets in LexisNexis, other data providers

Friday, September 27th, 2013

Identity theft service planted botnets in LexisNexis, other data providers

A Russian hacker gang running an identity theft service used a botnet made up of computers inside “some of America’s largest consumer and business data aggregators,” according to security researcher Brian Krebs.

Krebs has published the first in what he promises will be a series of articles about the SSNDOB identity theft service, which he claims can be used to look up “Social Security numbers, birthdays, and other personal data on any U.S. resident.” The cost for such data: anywhere from 50 cents to $15, depending on what you’re asking for.

Where did the hackers get their data? By way of botnets inside the very companies that provide that information legitimately to paying customers.

According to Krebs, SSNDOB (apparently based in Russia) has been harvesting much of its information through compromised servers inside three major data aggregators: LexisNexis, Dun Bradstreet, and Kroll Background America. All three companies had their servers compromised around or before June 2013; Dun Bradstreet’s servers were hijacked in March. The bots planted by SSNDOB were designed not to trigger any antimalware scans.

Much of the data harvested from those services appears to have been retained by SSNDOB. Even after LexisNexis, for instance, shut down an account on its system that the company believed was being misused to harvest data, SSNDOB continued to offer LexisNexis-sourced background reports for another 10 days.

SSNDOB also apparently offered an API to a select number of high-volume customers, which could allow others to build what Krebs described as “third-party identity-theft services.”

All three companies affected by the SSNDOB botnet were tight-lipped about the extent of the damage or the amount of data lost to the outside world. A spokesperson for the FBI would only tell Krebs that the agency had an ongoing investigation into the case.

Worse, none of the companies seemed to know they had been breached until it was too late.

When asked, Krebs said, “It was clear from talking to the folks at LexisNexis, for example, that they were unaware of this breach for more than five months. That’s notable because a group of even moderately skilled attackers can do a great deal of damage in such a huge timeframe, let alone a more advanced hacking team.”

Krebs also noted that “none of the companies discussed how they were breached.”

When asked if the breaches might have been all the easier to carry out because of legacy systems, Krebs replied, “One aspect of a follow-up story I will publish soon deals with the tools these SSNDOB guys used to hack hundreds of other companies, and in those cases they exploited poorly secured Cold Fusion servers.”

One major reason Krebs feels this theft is particularly damaging is because it allows criminals to compromise knowledge-based authentication (KBA). KBA involves loan providers or credit card companies using the databases provided by the likes of LexisNexis to confirm someone’s identity by asking them detailed questions about their previous mortgages or residence history. A criminal can harvest someone else’s KBA data and use that to impersonate them on a loan application or other detailed financial transaction.

KBA has long been considered weak. Avivah Litan, a fraud analyst for Gartner, was convinced back in 2010 that KBA had long been compromised. And in 2011 Art Barger of TrustID proclaimed KBA dead, thanks in part to criminal data exchanges. Unfortunately, as with any such legacy methodology, KBA is not something that can be phased out overnight.

Krebs promises to release two more articles on his website that go into further details about SSNDOB and its botnet.

This story, “Identity theft service planted botnets in LexisNexis, other data providers,” was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Article source: http://www.infoworld.com/t/cyber-crime/identity-theft-service-planted-botnets-in-lexisnexis-other-data-providers-227519

Technorati Tags: ,

Medical Identity Theft: Ins and Outs

Friday, September 27th, 2013

Medical identity theft is the deadliest form of identity theft–and I say this without hyperbole or exaggeration. When financial gain is the general motivation for stealing medical information, insurance cards, records, etc., the crime is a form of account takeover fraud. Medical identity theft–the real kind–occurs when the thief’s motivation is obtaining medical procedures or healthcare.

Insurance cards allow access to a hospital or doctor’s office. When requests for additional forms of identity are requested, the thief produces fake IDs. Often, the thief conspires with an employee at the facility who “sweethearts” the transaction so the thief can get medical services.

Insurance cards are just paper or plastic and can easily be counterfeited. Many are often lost or stolen, and simply possessing an insurance card allows a thief access. Hospitals rely on the honor system, believing patients are who they say they are–but people lie. And while most of the administrators are doing their jobs ethically, some lie too.

When a thief steals a medical ID to procure medical care, the thief’s medical condition and diagnosis are added to the victim’s medical record. Ouch. This may end up as a misdiagnosis, and the introduction of data that might conflict with the victim’s medical history or conditions. Such would-be contraindications as allergies, drugs the victim may be allergic to, and other health issues may not be considered. Finally, getting misinformation or fraud removed from a victim’s medical record can be extremely difficult and sometimes impossible.

To protect yourself from medical identity theft:

  • Install a locking mailbox. This helps prevent mail from being stolen.
  • Never carry insurance or medical cards on your person unless you have an actual appointment.
  • Protect medical information documents in locking file cabinets or encrypted files. Shred all throwaway documents.
  • Get identity theft protection. When a thief can’t steal your financial ID, your medical ID will be less attractive.

Get your medical records online at the Medical Information Bureau at http://www.MIB.com.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

<!–

Books by this author

–>

This Blogger’s Books from

Amazon

indiebound


99 Things You Wish You Knew Before Your Identity Was Stolen


99 Things You Wish You Knew Before Your Mobile Device Was Hacked


Follow Robert Siciliano on Twitter:

www.twitter.com/RobertSiciliano

Article source: http://www.huffingtonpost.com/robert-siciliano/medical-identity-theft-in_b_3997184.html

Technorati Tags: ,

Your Identity Theft Protection Options

Friday, September 27th, 2013

<!–

–>

Columbia, SC (WLTX) – The South Carolina Department of Consumer Affairs is advising the public of their identity theft protection options as many people’s Protect MY ID subscriptions expire.

Last year, the records of almost 4 million South Carolinians were compromised when a hacker broke into the South Carolina Department of Revenue records. In the wake of the breach, the state entered into an agreement with Experian to offer free credit protection for those affected.

Experian decided not to bid on a contract with the state to continuing monitoring, although they are offering to continue coverage for a fee. 

Budget and Control Board Director Marcia Adams announced this week that South Carolina will contract with CSIdentity Corporation to continue coverage. People and businesses can sign up beginning October 24th. The new coverage will monitor additional records, and will be free.

People can also choose their own protection service, and will be eligible for a tax deduction of the service’s actual cost up to $300 for individuals and $1,000 for those who file jointly or claim independents.

People can also get a fraud alert or a security freeze, both of which are free.

1) Fraud Alert – It stays in place for 90 days, alerting creditors to take steps to verify the applicant’s identity. Consumers only have to call one of the Credit Reporting Agencies (CRA) and that agency will notify the other two.  Once the alert is in place, the consumer will receive notice of their right to request free credit reports. Remember, consumers are also entitled to one free credit report from each CRA, annually. (877-322-8228/ www.annualcreditreport.com)

2) Security freeze – It’s free and stops potential creditors and other third parties from accessing a consumer’s credit report without their express consent. Consumers must call each of the CRAs to do this. Once the freeze is in place, consumers will receive PIN numbers that can be used to thaw or lift the freeze. PINs should be stored in a secure place.  The freeze can be placed online at the addresses below or by calling the numbers listed below:

https://www.freeze.equifax.com   •   www.experian.com/freeze

http://freeze.transunion.com

Equifax: 800-685-1111  •   TransUnion: 800-680-7289

Experian: 888-397-3742

For more information on protecting against ID Theft, including information on placing a security freeze, visit our “Identity Theft Resources” webpage at www.consumer.sc.gov

Article source: http://www.wltx.com/news/article/250775/2/Your-Identity-Theft-Protection-Options-

Technorati Tags: ,