College Students Destroy Financial Future with Poor Choices
College is the perfect period of life to begin sound financial practices including protecting privacy. Not only are college students vulnerable, but they are impressionable and well positioned to learn strong habits that will last them a lifetime. As students launch into independence, we, as parents, hope to give them the best tools possible to insure a bright future. One of the most vital tools is to establish healthy habits that will guard their financial and personal identities for the rest of their lives. People ages 18 -24 are the least able to spot identity theft according to the BBB. That age group needed more than four months to realize someone had damaged their credit history or used their identity. By taking a few precautions, a young adult can avoid the crushing job of trying to recover from having given away the keys to their financial future, which is especially overwhelming while navigating life away from home for the first time.
Identity thieves don’t care a whit if the student has a dime – they just want a clean financial record in order to commit crimes using their credit and future buying power. Unfortunately, thieves are often someone the student trusts: a friend, dorm mate, co-worker, or someone who poses as a sanctioned person on campus. Identity thieves may use personal information to open credit card accounts, access financial accounts, rent an apartment or even commit larger cases of fraud, implicating the student. Here are some tips to get you and your student started down the road to protecting their financial future:
Data Breach Expert Sileo Talks to Fox Business
Victim of a Cyber Attack? What You Should Tell Customers
It seems like every day consumers are learning of data breeches from companies like Sega, Sony and Google. Major corporations like these tend to have the funds and resources to recover from an attack, but for small businesses, that’s often not the case.
A slow response and lack of communication with customers are among the missteps many small businesses make when facing an attack, both of which can cause irreparable damage to the business.
“When consumers are a victim of ID fraud based on interaction with a small business, 1 in 3 never come back,” said Phil Blank, senior analyst for security and fraud at Javelin Strategy & Research.
While data breaches hitting major banks and corporations tend to dominate headlines, small businesses are increasingly becoming targets. Hackers like to prey on small businesses because computers and mobile phones tend to be used for both work and personal use, and many small businesses don’t have an IT staff monitoring and protecting operations.
According to Javelin, small business fraud totaled $8 billion in 2010. Of that, banks, merchants and other providers absorbed $5.43 billion of the loss while the cost to victims was $2.61 billion.
Citigroup Data Breach – How it Affects Your Wallet
This week’s news of the theft of private data comes from Citigroup. Seems that even the most reputable organizations can be exposed to the ever-more frequent data breaches we read about. You’ll likely recall the recent news of Sony, PBS, Epsilon and Lockheed Martin. Regrettably, the list is growing by the day. It affects me, and likely, it affects you. Now what?
First, arm yourself with the facts. See the attached articles.
- http://blogs.wsj.com/deals/2011/06/09/citigroup-data-breach-4-tips-to-protect-yourself/
- http://www.reuters.com/article/2011/06/09/us-citi-idUSTRE7580TM20110609
- http://www.informationweek.com/news/181502068
Second, remember to protect your most important data (this information, on its own, or in any combination, is a jackpot to an identity thief):
- Social Security number
- Date of birth
- PIN
- Credit Card numbers
- Bank Account numbers
- Birthdate
Third, never reply to an e-mail requesting personal information. Unless you originate the communication, suspect the worst and do not respond. This is referred to as “Phishing” and the results are never good.
Fourth, if you think your credit card has been compromised, call and request a new card. The phone number is on the back of your card, and the associates answering your call love serving as a hero to you and your credit. They’re awesome folks.
And finally, just pay attention. If your intuition is triggered, there’s likely good reason. You’ll never regret being cautious.
U.S. Lags Europe on Credit Card Security
We can be as patriotic as we want to be, but today, the US lags behind other countries in credit card technology and consumer safety. Our current-day magnetic-strip technology is archaic compared to the chip-embedded cards of our European counterparts. Though some larger US retailers are offering support of the “smart-chip” cards, a mandate for their use (and greater protection for the consumer) is down the road. (Click here for the original story on NPR).
According to Andrea Rock, a senior editor at Consumer Reports who wrote an article about the security gap in the credit card industry (emphasis mine):
“The account information that’s needed to make a transaction on American cards is stored, unencrypted, on a magnetic stripe on the back of each card,”
And that means, until the industry changes, you are at risk. In the mean time, here are a few steps you can take to increase your security:
- Limit use of your debit card. The bank offers you less protection on debit transactions than credit transactions. Additionally, with debit cards, there is a PIN involved, potentially providing immediate cash access to your accounts by clever thieves. If fraud occurs, you are out the money until it is resolved.
- Use your credit card instead. It’s safer. Typically, credit card issuers offer zero-liability for losses associated with unauthorized transactions. You also have a longer time frame to catch and report the fraud.
Why I Love Canadian Accountants
I love Canadian accountants because not only are they some of the warmest people I have met (I speak on identity theft quite a bit in Canada), but they are incredibly eager to learn how to avoid some of the data security mistakes that we have made in the U.S. As accountants, they provide a ton of vital financial advice to their clients, and I can easily see them sharing some of the data security best practices I talked about during the presentation and getting paid well by their clients to do it. And here’s how I could tell their level of absorption: after the speech, they had a slew of detailed follow-up questions. They were curious. You can always tell someone’s intention to act and make changes by their clarification questions. No questions, no interest, no intent to act. Definitely not what I experienced in the charming town of Winnipeg.
If you are ever in Winnipeg, say hello for me and go buy some Chocolates at the little sundry stand in the middle of The Forks market (see the video). You won’t be sorry.
Dropbox a Crystal Ball of Cloud Computing Pros & Cons
Dropbox is a brilliant cloud based service (i.e., your data stored on someone else’s server) that automatically backs up your files and simultaneously keep the most current version on all of your computing devices (Mac and Windows, laptops, workstations, servers, tablets and smartphones). It is highly efficient for giving you access to everything from everywhere while maintaining an off-site backup copy of every version of every document.
And like anything with that much power, there are risks. Using this type of syncing and backup service without understanding the risks and rewards is like driving a Ducati motorcycle without peering into the crystal ball of accidents that take the lives of bikers every year. If you are going to ride the machine, know your limits.
This week, Dropbox appears to have altered their user agreement (without any notice to its users), making it a FAR LESS SECURE SERVICE. Initially, their privacy policy stated:
… all files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password. (Quoted from PCWorl)
Currently, the privacy policy says that Dropbox can access and view your encrypted data, and it might do so to share information with law enforcement. Why is that important? Because it means that the encryption keys that keep your files private are actually stored on Dropbox’s server, not on your own computer. This puts the keys to your data (and every other Dropbox user) in the hands not only of Dropbox employees and law enforcement, but vulnerable to hackers. When the encryption key is located on your computer, at least the risk is spread over Dropbox’s user’s network.
Today Show Uncovers Baby Identity Theft
Identity thieves are increasingly targeting children, in some cases stealing their identities even before they are born.
A TODAY Show/NBC investigation into child identity theft revealed that criminals routinely use a child’s untouched credit record to their advantage and get away with it for years or decades. This story shows how in more and more cases Social Security numbers are being stolen even before the child has been born.
Why is it so easy? Because Social Security numbers are not assigned randomly, meaning that they can predicted with a certain amount of accuracy. A SSN is simply a code that includes the location and date of where and when a baby was born. Thieves have figured out a system to predict these numbers and used them before they have been issued. The federal government maintains that in the next month or so, these numbers will be randomized and harder to predict and therefore, steal.
Once a thief gains access to a legitimate Social Security number, they are able to take out car loans, mortgages and credit cards combining their name with the stolen number. Many banks don’t verify that the name and Social Security number match up because it costs them a few extra pennies. That is exactly how a woman was able to buy a home in my name, because the bank didn’t verify that the SSN belonged to me, not to her.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
