‘FTC’ Articles

The FTC just busted a long-running internet scam where offshore thieves set up virtual companies and stole millions of dollars from US consumers  one small charge at a time.

“It was a very patient scam,” said Steve Wernikoff, a staff attorney with the FTC who is prosecuting the case. According to him, the scammers found loopholes in the credit card processing system that allowed them to set up fake U.S. companies that then ran more than a million phony credit card transactions through legitimate credit card processing companies.

The fraudsters were able to fly under the radar for so long because they only charged consumers between $ .25 and $9 and set up over 100 fake companies to pull off these transactions. In this specific case they charged over 1.35 million credit cards a total of $9.5 million dollars – those nickles and dimes really add up! Shockingly, 94% of these charges went undetected by the credit card holder because they didn’t notice an unusual charge on their credit card statements and fraud detection agencies rarely detect anything under $10.

With more and more credit cards being accepted for smaller purchases (e.g., soda machines and parking meters) thieves have taken this opportunity to cash in on the frequency of these charges. While 6% of the charges were detected and reported, the huge number that didn’t even realize they had an unauthorized charge shows how lax we are about checking our statements. Here are some simple steps you can take to catch fraud early:

FTC Red Flags Rule Goes into Effect June 1st, 2010

The FTC  will begin enforcing the Red Flag Rule on June 1st, which states that certain businesses and creditors must help fight identity theft as well as create an identity theft prevention plan. This applies to a very broad class of businesses: those defined as “financial institutions” and those that extend any type of credit to their customers.

In other words, if you don’t receive cash the moment you deliver your product or service to your customer, your business most likely falls under the umbrella of the Red Flags Rule. If you do any billing after the fact (i.e., accounts receivable), you are considered a creditor, and therefore in the group of companies governed by Red Flags.

This includes:

• Any Business that Extends Credit
• All Banks
• Most Brokerage Firms
• Credit Card Companies
• Mortgage Lenders
• Non Traditional lenders (utilities, dealerships, health care providers)

Building an Identity Theft Prevention Plan

According to the FTC, the identity theft prevention plan consists of four main parts:

1. Identification: The plan needs to provide a process to identify patterns, activities or transactions (i.e. red flags, hence the name) that appear to be leading to identity theft.
2. Detection: The plan needs to specifically call out processes and procedures that will be used to detect the previously defined red flags.

How long has it been since you wore a white belt in your area of expertise?

I just had the singular honor of delivering an identity theft speech for the Federal Trade Commission in Washington, D.C. In case you don’t understand the humorous irony, let me explain.

The FTC is the arm of the U.S. Government that is responsible for educating you and me about our rights as consumer, including how to fight identity theft. In other words, they are the original identity theft experts! Those of us who are professional identity theft speakers turn to the FTC for information, guidance and materials.

So why did they pay my fee to talk about a subject they know so much about?

Perspective.

Let me use a Taekwondo metaphor to explain what I mean. In many martial arts programs, one level before achieving your black belt, the Master teacher asks the candidate to again wear their white belt to signify that the student is returning to the state of a beginner. The ritual is a symbolic reminder that we only grow and evolve when we are humble enough to admit how much we don’t know. It is related to the Zen principle of viewing life through the eyes of an ever-learning child.

The Federal Trade Commission and 35 state attorneys general filed a complaint against the company that “charged that the company used false claims to promote its identity theft protection services,” according to a March 9th FTC press release. LifeLock will be responsible for paying the FTC $11 million dollars as well as an additional $1 million to the 35 state attorneys general.

To clarify a couple of points that aren’t currently being covered by the media:

1. LifeLock did make misleading claims about how completely their product protected individuals, but to their credit, they toned those claims down considerably starting about a year ago. In essence then, the ruling pertains to LifeLock of old, not the current company, marketing materials or product offering.
2. At about the same time as they changed advertising, LifeLock began adding features to its product that bolstered the quality of its monitoring services.

If LifeLock continues to support and bolster the “engine” underneath its product (namely, the sophisticated identity monitoring services that it has already started adding), it will serve as a very worthwhile product in the identity monitoring space.

Here are a few of the charges in the FTC’s complaint that were in the press release: