Identity Theft Expert Speaker John Sileo

Identity Theft Speaker John Sileo on Traveling Safety.

Traveling Safety has become a study of its own ever since the advent of identity theft. Your biggest concern may no longer be physical in nature (pickpockets, hotel theft, muggings); the value of the personal identity you carry as you travel is worth far more than the cash in your wallet.

We all love to plan the vacation of our dreams. I can almost taste the pasta Bolognese as I read about that out-of-the way trattoria half way down the ancient narrow vicolo (blind alley) in Tuscany. But there’s one area we often overlook that can turn that long-anticipated dinner into a nightmare – the theft of our most-valuable asset, our identity. Let’s fast forward – we’ve savored the last bite of pasta and drained our pitcher of the vino rosso locale before presenting our credit card.   Our friendly waiter looks concerned as he walks back to our table to tell us that our credit card has been declined. It doesn’t take us long to discover a thief has maxed out our credit and there is nothing left to pay for our dream. If we’re lucky, we’ll have a backup plan and pay by cash or another credit card. If we are less lucky, the thief has cashed out our bank account as well, has stolen our passport numbers to set up new accounts, or has gained access to a laptop computer full of sensitive personal and workplace data. What were we thinking (or not thinking) by neglecting traveling safety?

Traveling safely and preventing identity theft go hand in hand. Because we carry so much identity with us when we travel, because we are much less organized when on the road, and because thieves target travelers, the likelihood of identity theft while on vacation or business travel increases.

Traveling Safety 101

Traveling Safety – Before You Leave Home

1. Travel light! Simplify and minimize what to bring with you. Take as little identity with you as necessary. If possible, leave the following items at home when you travel:
   

   Checks and Checkbooks. Resist the temptation to carry checks or take only one or two for an emergency, carrying them with your cash in your money belt. Checking account takeover is one of the simplest crimes to commit and one of the most devastating types of financial fraud from which to recover. The easy alternative? Use a credit card or cash.
   Debit Cards. You can reduce your vulnerability to having your checking account emptied while on vacation by leaving all debit cards (check cards) at home. Don’t be lulled into thinking that Debit/ATM cards are safe just because they have a PIN or password. In fact, the only time a PIN is needed to use the card is when it is being used at an ATM. No PIN is required when it is used at a store as a debit or credit card. Be aware, too, that debit cards don’t have the same financial fraud protections as most credit cards. The Solution? Ask your bank for an ATM-Only debit card (it won’t work in stores, only at an ATM) and make sure your password isn’t overseen when you are at the ATM. Better yet, use a credit card or cash.  The exception to this is when you are traveling in a foreign country and your debit card is the most economical method of obtaining cash from an ATM.
   Extra Credit Cards. Every piece of identity you take with you creates more sources of potential fraud to which you are exposed. I recommend that if you are traveling with another adult, you each take one credit card (and if possible, take cards from two separate credit card companies. That way, you each carry only one card that can be lost or stolen, but you have a backup card if the other person’s card is lost, stolen or shut down because of fraud).  Make sure that your credit card company knows the dates and places you are traveling so that they don’t shut it down when charges are made out of town. Also, make sure you have a large enough credit line to cover your purchases while traveling.
   Social Security Cards. You do not need your Social Security Card while traveling (or at any time other than your first day of work with a new employer), so leave it locked up at home.
   Bills. Don’t try to take bills to pay while traveling.
   Identity Documents. Leave birth certificates, passports (unless travelling internationally), library cards, receipts, etc. at home while you travel. Anything you don’t absolutely need should be left at home locked in a fire safe. If you can travel with only a credit card, driver’s license and health insurance card (as long as it doesn’t have your SSN on it), you will be much safer.

2. Photocopy the contents of your wallet/documents.Or make a list of all the contents and all your travel documents to carry with you in a secure place as you travel. It’s also a good idea to leave a copy at home with a trusted person whom you can contact. It will save you hours of frustration if anything is lost or stolen.
3. Hold the Mail. Your mailbox is an identity bonanza. Before you leave, place a “postal hold” on your mail so that your mailbox isn’t vulnerable while you are gone. Arrange with your post office that you (or your spouse) are the only people allowed to pick up your mail. Don’t have it “mass-delivered” the day after you return, as this puts everything at risk all at once. Instead, pick it up at the post office once you return.
4. Social Networking Sites.Don’t put an “Away on Vacation” note on your social networking sites just as you wouldn’t tack one to your front door. Broadcasting this information opens the door to criminals using that information while you are away.Think twice about any information you share on social networking sites.

Traveling Safety – During Travel

1. Lock it Up. I can’t stress enough the importance of using the in-room safes that are now a part of almost every hotel room. They are simple to use and drastically increase traveling safety (decreasing theft by cleaning staff and other travelers). Lock up the following items:

   Laptop Computers. Only carry your laptop with you when absolutely necessary. The rest of the time, place your laptop (or just the hard drive if your laptop is too big) in the safe while you aren’t using it.  While using your laptop to access online banking or other password-protected services from Wi-Fi networks, be sure the Wi-Fi hotspots are secure.
   Public Access Internet Facilities. If you’re using a public computer in hotel business centers or cyber-cafes, never access any sensitive information.  Keyloggers (software that can track your keystrokes) may be tracking you.
   Cell Phones/PDAs. While you go down to the pool or off shopping and don’t need your cell phone or other electronic device, store it in the safe along with jewelry, extra cash, your iPod, thumb drive or other valuables.
   Passports. Unless you are traveling in a country where you are required to keep your passport with you at all times, lock it up in the safe the entire time you are staying at the hotel.
   Other Identity Documents. Store your plane tickets, receipts, and any other identity documents (birth certificates, extra credit cards, visa, etc.) in the safe when not in use.

2. Carry it Safely. I recommend carrying all of your identity documents (passport, credit card, driver’s license, tickets, etc.) in a travel pouch that fits around your neck or your waste (and inside of your clothing). It is a minor inconvenience, but it lowers instances of pick pocketing and unintentional misplacement. Thieves have unbelievably nimble fingers that can slip into your pocket or purse undetected so here’s an essential habit to cultivate: just before you leave your hotel room (especially in cities), verify that your money pouch is securely fastened around your waist or neck, under your clothes.

   Use a Backpack. When possible, carry laptops and other large identity-storing items in a backpack that stays zipped and on your back at all times. It is easy to set down a purse, book bag or piece of luggage while at a ticket counter or retail store. Backpacks, on the other hand, are easy to keep on our person at all times, and are harder to break into without alerting the wearer.
   Watch Your Cards. When paying with a credit card in a restaurant, try to keep your eye on the card. If the server removes it from sight, they may be able to create a “clone” by using a portable card skimmer that will copy the information from the card’s magnetic strip. Many restaurants are now able to process the card at your table or you can take it to the register and observe the transaction.

3. ATM Machines. Use your “ATM Only” card (one that requires a PIN and does not contain a Visa or MasterCard logo) at ATM machines found at banks or credit unions that are in well-lit areas. Be sure to examine the ATM machine carefully for signs of tampering. Be on the lookout for anything that looks suspicious. Save all transaction receipts in a specific envelope to make it easy to reconcile your bank statement when you arrive home.

Traveling Safety – Upon Your Return Home

1. Monitor Your Accounts. Shortly after you return from your travels, pay special attention to your account statements to make sure that nothing out of the ordinary appears. If a credit card number or bank account number was stolen during your trip, this is how you will catch it early and keep it from becoming a major nightmare. Contact your provider and alert them to the breach immediately.
2. Rotate Your Account Numbers . If you feel like your identity might have been compromised (e.g., your credit card number stolen), call your financial institution and have them issue a new card. This makes the old number obsolete, should anyone try to use it in the future.
3. Pick Up the Mail! Don’t leave it in anyone else’s hands any longer than necessary. Make sure you shred any mail that you no longer need.

Think about Traveling Safety before you leave so that you can fully enjoy your trip instead of being preoccupied with identity theft. Safe travels!

Identity Theft Speaker John Sileo is America’s top identity theft expert. His clients include the Department of Defense, FDIC, Federal Reserve Bank, Pfizer and organizations around the world.

The TJX security data breach is our fault.

TJX Cos. has been ordered to pay $9.75M in a data breach security lawsuit. The data breach settlement will be awarded to 41 states because TJX failed to protect customers’ financial information from a massive computer breach announced in 2007 that exposed millions of customers’ personal and credit card data to hackers.

The settlement amount is probably the largest ever, and it is comically low.

TJX lost somewhere between 40 and 90 million customer records, and there is a good chance yours was one of them if you shop at T.J. Maxx, Marshalls, HomeGoods or A.J. Wright. If only 10% of those breached records were ever used to commit identity fraud (let’s say 7.5 million records, to be conservative), at the average cost of identity theft recovery ($700), the damage to you and me is approximately $490 Million. So TJX paid about a 2% penalty for failing to protect our data. They value the safety of our being a customer at about 2%. They care about their own profits about 98%.

And it’s our fault! Why? Because even after their lax data breach security (they didn’t encrypt their wireless routers in the store, letting our information float, unprotected, in the airwaves), even after their loss of 40-90 million records; even after an expose on 60 Minutes, we continue to do business with TJX Cos! If the guy mowing your lawn stole from you, would you continue to hire him? No! And yet when a $300,000 identity is at stake, we shrug and let apathy take over. Because it is virtual, digital and seemingly unreal. But when it happens to you, and you spend your time and money repairing it, it quickly becomes real. Shame on us for going so quickly back to those who erode our trust. Until we take our role in data breach security seriously, organizations will continue to get off lightly.

The next time an organization makes you part of a privacy breach, penalize them by ending your relationship. That will send a message loud and clear.

Identity Theft Expert John Sileo is America’s top identity theft speaker. His clients include the Department of Defense, FDIC, Federal Reserve Bank, Pfizer and organizations around the world.

Security awareness programs (data security education) are drastically lacking in American corporations, and it is leading to an increase in data breach and workplace identity theft.

Look at these numbers about employee data security just released by the Ponemon Institute. They appeared in a post by the Ponemon Institute’s Founder, Larry Ponemon (the quote is theirs, the emphasis, mine): Continue reading “Security Awareness Program (Lacking)”

Laptop anti-theft, or protecting your mobile data, is a MUST for corporations and consumers. Almost half of workplace identity theft takes place because of mobile data. And the average value of the data on your laptop can be worth hundreds of thousands of dollars to a corporate spy or experienced identity thief. At the higher end of the scale, the value of the 26 million Veteran identities on a laptop lost over a year ago was estimated to be worth more than $100 million. Those are the types of computer security risks that can make your business unprofitable. But there are solutions.

Broken Window Theory: By removing graffiti and repairing broken windows in crime hot-spots throughout New York City, the NYPD was able to drastically reduce the entire city’s overall crime rate (not just the quantity of graffiti and broken windows), including thefts, burglaries, muggings and murders. In other words, certain actions that we take (e.g., focusing on crime hot-spots rather than on every type of crime) can have a disproportionately positive effect on achieving our goal (e.g., lower crime rates). Business translation: you get a far higher return on investment for certain well-planned tactical strikes than you do for far more expensive strategic initiatives.

My point? In the world of workplace identity theft and corporate data breach, laptop computers are the biggest broken window. Not only do laptops account for a disproportionate amount of data theft, but training the organization to properly protect mobile computers has a radiant effect on all other types of identity protection. Good habits in one area breed good habits in others.

Stop the theft of corporate laptops (or personal laptops with corporate data on them) and you have eliminated approximately 50% of the entire data breach problem at a fraction of the security cost.

Laptop theft generally occurs in transit: airports, hotels,  cars, commuter trains, conferences, off-site meetings, vacations, coffee shops, etc. Build laptop anti-theft training into your organizational culture of privacy:

7 Laptop Anti-Theft Tips for Travelers
Technorati Profile

1. Continue reading “Laptop Anti-Theft: 7 Tips for Travelers”

If I’ve learned one thing as an identity theft expert these past few years, it’s this: As bloggers with something to gain (monetarily) from our daily posts, we do everything we can to veil our advertisements deep within the text. Nearly every blog post has some financial gain tied to it: Google AdWords down the right side of the column, gentle product sales, magazine subscriptions, you name it.

That’s the trade-off: bloggers give you content and in return, you agree to watch our commercials. With a few exceptions (truly altruistic and non-commercial blogs, which do exist), anytime someone tells you that they gain nothing financially from their blog, tell them HOGWASH! They are simply hiding behind their content. When you get something of value, you are paying with something of value. When you read the Wall Street Journal, you agree to at least browse their advertising (however passively). When you read my blog about identity theft prevention, you learn that I speak to corporations and organizations around the world about data breach and identity theft.

So I’m not going to even try and conceal the commercial nature of this post: the very hilarious and very famous Larry Winget endorsed me as a speaker. I tell you for one reason: to get you to hire me as an identity theft expert and identity theft speaker, and to hire Business Humorist Larry Winget. Period. Let us expose your audience to messages of financial responsibility and financial privacy before they bring their poor habits into your organization.

Larry and I have done about 20 speeches together over the past couple of months for the Department of Defense (e.g., Vandenberg AFB, Camp Pendelton, Andrews AFB) so I’ve gotten to see Larry time and again. And he knocks ‘em dead every time. Which is why he is the World’s best and busiest business humorist. And why I am so proud that he took the time to record this short endorsement video about my identity theft speech and me as an identity theft speaker. Thanks, Larry. You’re a pal.

Here’s a statistic that’ll get your attention!  285 million records were compromised in 2008 according to a new data breach study from Verizon Business.  The report claims that organized crime is responsible for a large increase in the number of breached corporate electronic records.

The report of industries affected by data breach shows that Financial Services was the major gainer in 2008.  That industry doubled its percentage of data breach to 30% while Retail is still the most affected industry (barely) at 31%. The shift to data breach in Financial Services will affect all of us more drastically.

According to the study, which Verizon Business compiled using data from the 90 confirmed corporate network breaches it recorded last year, roughly 93% of all records breached came from the financial sector. The company also says that nine out of every 10 of these breaches involved “groups identified by law enforcement as engaged in organized crime.” Verizon says that the 285 million electronic records breached last year were more than the total number of records breached in the past four years combined. The reason for the sharp increase is that attacks on financial firms’ networks have become more sophisticated and successful, the company says. Although only 17% of the attacks studied by Verizon constituted “highly sophisticated” data breaches, these attacks were responsible for 95% of all records breached. Verizon says that cybercriminals are targeting financial service companies’ networks to get customers’ personal identification number (PIN) information in order to withdraw cash directly from their accounts. Cybercriminals are also selling PIN information on the black market, the company says. Read the full report on data breach. (Scroll down when you see “285″). Technorati Profile

Data Breach Speaker John Sileo

Are you one of the 9 million Americans who will have their credit damaged or their bank account emptied this year? Or perhaps your medical treatment will be affected. The cost of identity theft to individuals and businesses is staggering; hence, the Red Flag Rule, enforced by the FTC, federal bank regulatory agencies and the National Credit Union Administration.

There are always “red flags” that pop into our heads but too often we ignore them.  Call it “intuition” or whatever you want; the vital thing is to pay attention.  To that end, many businesses and organizations are now required to implement the “Red Flags” Rule to implement a written Identity Theft Prevention Program.  The goal is to detect warning signs in day-to-day operations, take steps to prevent the crime and limit any damage.

Are you covered by the Red Flags Rule? Read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business to:

• Find out if the rule applies to your business or organization;
• Get practical tips on spotting the red flags of identity theft, taking steps to prevent the crime, and mitigating the damage it inflicts; and
• Learn how to put in place your written Identity Theft Prevention Program.

By identifying red flags in advance, you’ll be better equipped to spot suspicious patterns when they arise and take steps to prevent a red flag from escalating into a costly episode of identity theft.

I’m encouraged that identity theft is taken seriously enough that banks, credit unions and savings and loans are required to implement the Red Flag Rule. Other businesses and even individuals can use this policy as a guide to reduce their vulnerability. Keep in mind that the Red Flag Rules must keep pace with the ever-creative identity thieves.

Identity Theft Speaker & Expert

In Parts I – III we talked about how easy it is for your child’s identity to be kidnapped and who does it; now let’s get to the heart of…

Protecting Your Children

Acting now on behalf of your child will protect them from consequences common to child victims:

• Starting adulthood with a credit rating low enough to scare away the hungriest of loan sharks
• Being denied a first loan, credit card or apartment rental because of a crime committed 10-15 years earlier (the passage of time makes this crime very hard to clear up)
• Being denied access to college or a new job
• Having a warrant out for her arrest for crimes that she didn’t commit

In the same way that you can’t protect your children from every bruise and scrape, you can’t entirely remove the risk of identity theft. You can, however, prevent or soften the fall if it does happen. Take these steps first:

1. Stop giving out your child’s personal information. Until you are confident that it is absolutely necessary to receive the services desired, withhold their personal information. More than 80% of organizations that ask for your child’s Social Security Number don’t actually need it to establish services. If you must give it, ask them how they will use it, how long they will keep it and how it will be protected while they have it. Vigilance is highly effective. Never carry your child’s SSN with you.
2. Order a free credit report for your child at least once a year. All three major credit reporting bureaus (Equifax, Experian and TransUnion) offer one free credit report per year per individual. Order one for your child at the same time you order yours and review them both for any red flags indicating fraudulent activity. I recommend that you order the first one (Equifax) right now; order a second report (Experian) in 4 more months; order the third report (TransUnion) four months after that and then repeat the process the following year. For a more convenient option, use an identity monitoring services for you and your family.
3. If you find evidence of fraudulent activity, contact the police, the source of the fraud and all three credit bureaus. Filing a police report helps to establish your child’s innocence in an official way. Have the credit bureaus FREEZE your child’s credit for maximum protection. Keep detailed records of all correspondence between yourself, the police, the merchant and the credit bureaus. It will come in handy should you ever find yourself in court, as I did.
4. Educate your children on the importance of protecting their personal information. Teach them about the value of their personal information: their name, address, phone numbers, email address, Social Security Number and any passwords and PIN numbers. Reinforce that they own their private information and that it should not be shared with friends, over the internet or with anyone whom they don’t know or trust. Education is absolutely the best financial gift you will ever give to them. Because you love and protect your children as much as I do, you should start this process immediately.

In the case of child identity theft, an ounce of prevention is worth a lifetime of financial security. Don’t let the center of your universe become just another statistic.

After losing his business to data breach and his reputation to identity theft, John Sileo became America’s leading identity theft expert. He speaks to audiences around the world about protecting personal and professional data. To learn more, visit www.ThinkLikeASpy.com or John’s LinkedIn Profile.

If you’re thinking “this couldn’t happen to my child,” think again! Let’s look at

Who Does This?

The identity thief is not always a stranger. In many cases, it’s a relative with bad credit who takes advantage of a child’s pristine credit. Conveniently, these family members generally have access to the information necessary to maximize the fraud with little attention.
This seems absurd, but imagine a parent who is strapped for cash, has a bad credit score and needs to buy groceries. In this case, short-term thinking blinds the relative or friend to long-term consequences. In other instances, the child’s future is not taken into consideration at all.

Frankly, it doesn’t take much to get the crime underway; all a criminal needs is the child’s name and Social Security Number. These pieces of personal information are exposed in a variety of ways:

• When registering for daycare, schools and recreational sports
• On medical, dental and hospital records
• When joining organizations like the Girl Scouts, Boy Scouts, etc.
• When the above information is permanently stored and accessed by volunteers or employees
• When one of the above organizations is breached by a hacker or malicious software
• When an adult befriends your child on a social networking site (MySpace, Facebook) and eventually socially engineers private information out of them

The Three Basic Types of Child Identity Theft

Child Identity theft generally falls into these 3 categories:

1. Financial identity theft occurs when the name and Social Security Number is used to establish new lines of credit.
2. Criminal identity theft happens when the criminal uses the child’s identity to obtain a driver’s license or substitutes the child’s identity if caught in a criminal act.
3. Identity cloning entails using a child’s identity (via information collection or a black market ‘purchase’ of personal information) for financial, criminal and governmental purposes. The most common form of cloned identity theft is committed on behalf of undocumented workers looking for an identity that will keep them working in this country.

For parents, cleaning up the disaster of identity theft for their children is costly and incredibly time consuming. Getting a new Social Security Number is almost impossible, and rarely the best option.

Taking steps right now to protect your child from this horrible crime is one of the greatest investments you will ever make in their financial and emotional future.

Tomorrow, I will cover the steps on How to Protect Your Children from Identity Theft.

Child Identity Theft Speaker John Sileo

Were you surprised the other day when I said that your children are highly attractive targets of identity thievesbecause they have untouched and unblemished credit records?  Let me tell you just how easy it happens.

How Does It Happen?

All an identity thief needs to ruin your child’s bright financial future is her name and Social Security Number.

“Shouldn’t my child’s age show up on any credit background check, shouldn’t the merchant recognize that the person in front of them buying a car on credit isn’t seven years old?” you ask.

Yes, it should, but the people screening the credit report rarely give it the time and care necessary to detect fraud.

All too often, background checks involve simply matching the name and the Social Security Number provided. This leaves doors wide open for scandalous minds to wreak havoc on your child’s perfect credit. The most unsettling part is that the age of the applicant (in this case, the person posing as your child) becomes official with the credit bureaus upon the first credit application. This makes clearing a sabotaged credit record even more difficult because you have to prove to the credit bureau that your child is only seven and isn’t responsible for thousands of dollars of debt.

In no time at all, your child could have a maxed out credit card, unpaid bills and a huge mortgage for beachfront property across the country. You might not discover the illegal purchases until your child opens a bank account, applies for a job, tries to get a driver’s license or enters college. At that point, you are left with the time-consuming dilemma of cleaning up someone else’s fraudulent mess. If only clearing up a credit report was as easy as cleaning up after your kids.

Do the gaping holes in our current credit system and the audacity of criminals leave you enraged? Me too. And it is imperative that you use your anger as fuel to protect and prepare your children’s future before it is too late.

Child Identity theft is the fastest growing sector of the identity theft “industry,” and the numbers are staggering. Although it’s difficult to estimate exactly how many children lose their identities since the crime can go undetected for years, the FTC states that 5% of identity theft cases target children, which translates into 500,000 kidnapped child identities per year, and growing. The Identity Theft Resource Center discovered that in 54% of the cases, the child was under the age of six.

In my next blog, I’ll talk about Who Does This.

Identity Theft Speaker, John Sileo