‘Fraud’ Articles

The FTC just busted a long-running internet scam where offshore thieves set up virtual companies and stole millions of dollars from US consumers  one small charge at a time.

“It was a very patient scam,” said Steve Wernikoff, a staff attorney with the FTC who is prosecuting the case. According to him, the scammers found loopholes in the credit card processing system that allowed them to set up fake U.S. companies that then ran more than a million phony credit card transactions through legitimate credit card processing companies.

The fraudsters were able to fly under the radar for so long because they only charged consumers between $ .25 and $9 and set up over 100 fake companies to pull off these transactions. In this specific case they charged over 1.35 million credit cards a total of $9.5 million dollars – those nickles and dimes really add up! Shockingly, 94% of these charges went undetected by the credit card holder because they didn’t notice an unusual charge on their credit card statements and fraud detection agencies rarely detect anything under $10.

With more and more credit cards being accepted for smaller purchases (e.g., soda machines and parking meters) thieves have taken this opportunity to cash in on the frequency of these charges. While 6% of the charges were detected and reported, the huge number that didn’t even realize they had an unauthorized charge shows how lax we are about checking our statements. Here are some simple steps you can take to catch fraud early:

Medical records are one-stop shopping for identity thieves. There is no need to slowly gather bits and pieces of someone’s personal information – it’s all packaged together: Social Security number, name, address, phone number, even payment accounts. Crooks have received everything from medication to a liver transplant using a stolen identity. And that’s only the tip of the iceberg! More than just medical treatment is at stake. Once a thief’s medical information is entered into your records, it’s extremely difficult to get rid of that information. It’s conceivable, for example, that at a later date, you’ll need a Type A blood transfusion but be given the thief’s Type B with dire consequences.

Identity theft of medical records has more than doubled since 2008, as stated in Javelin’s 2010 Identity Fraud Survey Report. It’s not difficult to imagine the misery that a million Americans have suffered during the past two years when their identities were stolen. And the Poneman Institute, in their National Study on Medical Identity Theft, states that another half million people loaned their insurance cards to uninsured family members and friends. The unsavvy lenders have incurred huge medical bills in this “friendly fraud”.

Quoted from the original CSO Online story:

Social engineering stories: The sequel

Two more social engineering scenarios demonstrate how hackers still use basic techniques to gain unauthorized access, and what you can do to stop them

By Joan Goodchild, Senior Editor
May 27, 2010 —

John Sileo, an identity theft expert who trains on repelling social engineering, knows from first-hand experience what it’s like to be a victim. Sileo has had his identity stolen—twice. And both instances resulted in catastrophic consequences.

The first crime took place when Sileo’s information was obtained from someone who had gained access to it out of the trash (yes, dumpster diving still works). She bought a house using his financial information and eventually declared bankruptcy.

“That was mild,” said Sileo, who then got hit again when his business partner used his information to embezzle money from clients. Sileo spent several years, and was bankrupt, fighting criminal charges.

Now that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.

ow that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.

I was recently featured in an article by the Otago Daily Times in Dunedin, New Zealand during my stay there. I discuss the importance of protecting you Identity, not only at home, but also when you travel. With over 9 million Identity Theft victims in 2008 alone, you can never be too careful!

One of the first things American public speaker John Sileo did on his return to Dunedin this month was buy a paper shredder.

Not that he is paranoid, he says, but this self-proclaimed expert on identity fraud does not take chances with personal information.

Click Here to read the entire article.

John Sileo became America’s leading Identity Theft Speaker & Expert after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076

Detection: Fraud and Identity Theft.

“Consumers are spending considerably more time on fraud Resolution, up to an average of 30 hours in 2008. This increase may be attributed to the increased sophistication of fraud schemes.”
-    2009 Identity Fraud Survey Report, Javelin Strategy & Research

Most cases of identity theft are discovered by the victim, which reinforces the importance of monitoring your various accounts for suspicious behavior. Here are a few of the most common warning signs for the detection of fraud, identity theft or data breach:

The Top 15 Ways Victims Detect Identity Theft

1. You receive a data breach notice in the mail from a company you do business with.
2. Your bills or statements are not arriving in your mail (or email) on time.
3. You notice unauthorized charges on your credit card bill or debit card statement.
4. You notice new accounts or erroneous information on your credit report.
5. You are denied credit for a purchase.
6. You receive credit card bills for cards you don’t own.
7. You are contacted by a collection agency about an item you didn’t purchase.
8. You receive bills for unknown purchases, rental agreements or services.
9. Businesses won’t accept your check or credit card.
10. You are unable to set up new banking, loan or brokerage accounts.

The reality is that unsecured, curbside mailboxes are prime targets for people who are intent on committing the crime of identity theft. Although I would suggest to stop using the mail to send and receive identity documents, this is not always possible. Therefore, here are alternative suggestions:

Lock Box. Install a locking mailbox that can be accessed only by you. These generally have a mail slot that allows the postal service to put mail into the box. Many newer neighborhoods already have some form of locking mailboxes.
P.O. Box. If a locking mailbox is not possible, get a P.O. box at your local post office and have sensitive documents sent there. It is a little bit more work, but gives you much more privacy.
In Person. When mailing sensitive documents, walk them into the post office and hand them to a postal worker. If it is after hours, drop the mail through an internal slot in the building. If there is no internal mailing slot, mail it the following day. This cuts out the most vulnerable stages of mailing.
UPS/FedEx. Have identity documents sent by UPS or FedEx and make sure that you require a signature for delivery. This makes the information harder to steal and you can track its location at anytime, which will alert you if the document isn’t delivered in a timely manner or is diverted somewhere else.
Send Checks to the Bank. Have sensitive documents (like new checks or credit cards) sent to your bank rather than to your home address. Pick them up there.
Watch for Cards. When new credit cards are coming through the mail, watch for them and call the credit card company if they don’t arrive in 7 to 10 days.
Quick Retrieval. If you are unable to install a locking mailbox and don’t have access to P.O. boxes, retrieve any mail within an hour or two of delivery. This lowers the exposure time of your mail.

We’ve gone soft; we fear honesty. I think we even fear being honest with people more than we fear people being honest with us. Honesty has become synonymous with ugly confrontation, rather than just being, well, honesty.

Yesterday, a good friend emailed me a two sentence note reminding me that I hadn’t done something that I’d promised I would do. What I had promised is immaterial to this post, but that I had promised to do it, and then failed, is very important. I gave my word to a good friend, and then ignored my promise. And he had the guts to remind me. In fact, he’s laughing at me right now that I even consider his reminder to be a big deal, because to him it would be phony not to remind me. That’s who he is. And he’s a better friend for it. And in no way could what he did be called confrontational. Direct, yes. Honest, yes.

Here’s the striking part that makes me uncomfortable — I only have THREE friends (in addition to my wife, who is my honesty compass) who have the backbone to call me on something like this. And that makes me sad, because I have many friends, and it means that most of the time I’m probably not hearing the whole truth, maybe just a watered down version of what they think I want to hear. And who knows, maybe that is what I want to hear. Worse yet, I’m not sure I would have confronted me like my friend did (even though it was something minor), which means that I’m no better that those I’m condemning as soft.