‘Identity Theft Speaker’ Articles

Don’t Miss John  as he discusses

Identity Theft and Identity Theft

Prevention on The Bill Handel Show!

Today, February 4, 2010 at 1PM Pacific Time.

Click HERE to Listen Live!

John Sileo became America’s leading Identity Theft Speaker & Expert after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076

The Privacy Reflex
When I am training corporate executives, managers and employees to detect fraud and social engineering (manipulative information-gathering techniques), I take them through what it feels like to be conned. In other words, I actually socially engineer them several times throughout the presentation so that they begin to reflexively sense when more fraud is coming. There is no substitute for experiencing this first hand.

The Trigger—Requests for Identity
Spies are trained to instantly react when anyone asks for information of any kind, whether it is theirs or someone else’s. The trigger, or what causes you to be on high alert, is actually very simple—it is the appearance of your identity in any form (wallet, credit card, tax form, passport, driver’s license, etc.). Anytime someone requests or has access to any of the names, numbers or attributes that make up your identity, or to the paper, plastic, digital or human data where your identity lives, the trigger should trip and sound an alarm in your head.

When your identity is being requested in any way, slow down and ask yourself: Is the risk of giving this piece of identity away in this specific situation worth the benefit?

Tareq and Michaele Salahi — Washington socialites are not just known for their possible roles in the upcoming “The Real Housewives of Washington,” but for being seen arriving at the White House State Dinner. The problem was that they weren’t on the guest list, but managed to work their way inside what is supposed to be the most secure party.

The couple took to Facebook to document their party-crashing, and on Wednesday, Michaele Salahi’s Facebook page included photos of the couple at the dinner. The Salahis weren’t exposed until journalists caught sight of pictures showing the Salahis posing with President Barack Obama, Vice President Joe Biden and others. In the aftermath, the security breach looked more like a publicity stunt than a security threat.  The Secret Service admitted that they did not verify at each checkpoint that this couple was on the invitation list. In other words, they missed the second cardinal rule of security, Verify.

News stories like this bring Facebook Privacy into the spotlight once again. Facebook is becoming used more and more in legal cases and as evidence for both the  prosecution and the defense. Last month, Facebook was used to prove that a crime suspect was posting a status message from his father’s apartment in Harlem and not mugging a victim at gun-point. The charges were immediately dropped.

The reality is that unsecured, curbside mailboxes are prime targets for people who are intent on committing the crime of identity theft. Although I would suggest to stop using the mail to send and receive identity documents, this is not always possible. Therefore, here are alternative suggestions:

Lock Box. Install a locking mailbox that can be accessed only by you. These generally have a mail slot that allows the postal service to put mail into the box. Many newer neighborhoods already have some form of locking mailboxes.
P.O. Box. If a locking mailbox is not possible, get a P.O. box at your local post office and have sensitive documents sent there. It is a little bit more work, but gives you much more privacy.
In Person. When mailing sensitive documents, walk them into the post office and hand them to a postal worker. If it is after hours, drop the mail through an internal slot in the building. If there is no internal mailing slot, mail it the following day. This cuts out the most vulnerable stages of mailing.
UPS/FedEx. Have identity documents sent by UPS or FedEx and make sure that you require a signature for delivery. This makes the information harder to steal and you can track its location at anytime, which will alert you if the document isn’t delivered in a timely manner or is diverted somewhere else.
Send Checks to the Bank. Have sensitive documents (like new checks or credit cards) sent to your bank rather than to your home address. Pick them up there.
Watch for Cards. When new credit cards are coming through the mail, watch for them and call the credit card company if they don’t arrive in 7 to 10 days.
Quick Retrieval. If you are unable to install a locking mailbox and don’t have access to P.O. boxes, retrieve any mail within an hour or two of delivery. This lowers the exposure time of your mail.

Can the Law keep up with technology?

CNN has a new article that addresses this growing issue. Cases are continuing to pop up based on an offense or crime committed in cyberspace. Five years ago suing someone for allegedly slamming you on Twitter would have been unimaginable.  But just recently an apartment tenant is being sued for $50,000 in damages after she took to her twitter to complain about her living situation to another user.
Many legal experts are watching these cases carefully because they will lay the groundwork for these unaddressed areas of the law. They said that in this growing age of technology it takes almost 5 years to play catch up with current American law. Lawmakers are unable to predict the next big wave in technology and the legal issues that will follow. With such a severe gray area when it comes to Social Media and your Privacy, society must be able to balance accountability with free speech.

Click Here to read more on this CNN article.

John Sileo provides identity theft training to human resource departments and organizations around the country. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Great employees are hard to find, but without the right employee background screening process, deceitful candidates are even harder to spot. Hiring dishonest employees puts your sensitive and confidential business information at risk and could cost you millions if stolen or damaged.

According to The Ponemon Institute, an independent research foundation, the average cost of data breach to a victim corporation is $6.3 million. In 2008, the lowest reported cost of data breach was $613,000, while the highest was just under $32 million. Given that the average cost per stolen record is $202, one missing laptop with 2,500 customer or employee records on it would come with a data breach recovery bill for a half a million dollars. And that doesn’t factor in loss of stock value, brand damage or customer defection that results from having your breach in the news.

Insider theft, where one of your employees facilitates the breach, is a common source of this crime. And your risk doesn’t go away when your employees do. Over 60% of  employees keep sensitive data after they have been terminated and nearly 80% of them stated that they knew it was against company policy. This includes everything from email lists and customer information to financial business information.

According to the Christian Science Monitor and other reputable media sources, the marines have banned social networking sites, including Facebook and Twitter. Currently, the Pentagon is reviewing its entire policy on the use of social networking sites. Can you imagine the enemy discovering troop locations or military tactical data via social networking? Ironic timing, as just a few weeks ago I was delivering an identity theft speech at the Pentagon and recorded a short video about this problem.

Facebook Privacy & The Pentagon

The Christian Science Monitor ran the following quote from a memo distributed Tuesday to all Marines:

The very nature of [social networking sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage that puts [operational and communication security] personnel and the [Marine Corps network] at an elevated risk of compromise.

7 Hazards of Social Networking

Most of the risks of social networking fall into one of the following categories, which I call the 7 Hazards of Social Networking:

1. Impersonation. Does the social networking account (e.g., Twitter Account) belong to the actual person or company it is representing? For example, if you look at the Twitter account @johnsileo, you will see that my name is used to send business to a gentleman who is also an identity theft speaker. My actual account is @john_sileo. Whether this is considered social networking squatting or social networking identity theft, it’s impersonation.

Identity Theft Speaker John Sileo on Traveling Safety.

Traveling Safety has become a study of its own ever since the advent of identity theft. Your biggest concern may no longer be physical in nature (pickpockets, hotel theft, muggings); the value of the personal identity you carry as you travel is worth far more than the cash in your wallet.

We all love to plan the vacation of our dreams. I can almost taste the pasta Bolognese as I read about that out-of-the way trattoria half way down the ancient narrow vicolo (blind alley) in Tuscany. But there’s one area we often overlook that can turn that long-anticipated dinner into a nightmare – the theft of our most-valuable asset, our identity. Let’s fast forward – we’ve savored the last bite of pasta and drained our pitcher of the vino rosso locale before presenting our credit card.   Our friendly waiter looks concerned as he walks back to our table to tell us that our credit card has been declined. It doesn’t take us long to discover a thief has maxed out our credit and there is nothing left to pay for our dream. If we’re lucky, we’ll have a backup plan and pay by cash or another credit card. If we are less lucky, the thief has cashed out our bank account as well, has stolen our passport numbers to set up new accounts, or has gained access to a laptop computer full of sensitive personal and workplace data. What were we thinking (or not thinking) by neglecting traveling safety?

Are you one of the 9 million Americans who will have their credit damaged or their bank account emptied this year? Or perhaps your medical treatment will be affected. The cost of identity theft to individuals and businesses is staggering; hence, the Red Flag Rule, enforced by the FTC, federal bank regulatory agencies and the National Credit Union Administration.

There are always “red flags” that pop into our heads but too often we ignore them.  Call it “intuition” or whatever you want; the vital thing is to pay attention.  To that end, many businesses and organizations are now required to implement the “Red Flags” Rule to implement a written Identity Theft Prevention Program.  The goal is to detect warning signs in day-to-day operations, take steps to prevent the crime and limit any damage.

Are you covered by the Red Flags Rule? Read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business to:

• Find out if the rule applies to your business or organization;
• Get practical tips on spotting the red flags of identity theft, taking steps to prevent the crime, and mitigating the damage it inflicts; and
• Learn how to put in place your written Identity Theft Prevention Program.

By identifying red flags in advance, you’ll be better equipped to spot suspicious patterns when they arise and take steps to prevent a red flag from escalating into a costly episode of identity theft.

Were you surprised the other day when I said that your children are highly attractive targets of identity thievesbecause they have untouched and unblemished credit records?  Let me tell you just how easy it happens.

How Does It Happen?

All an identity thief needs to ruin your child’s bright financial future is her name and Social Security Number.

“Shouldn’t my child’s age show up on any credit background check, shouldn’t the merchant recognize that the person in front of them buying a car on credit isn’t seven years old?” you ask.

Yes, it should, but the people screening the credit report rarely give it the time and care necessary to detect fraud.

All too often, background checks involve simply matching the name and the Social Security Number provided. This leaves doors wide open for scandalous minds to wreak havoc on your child’s perfect credit. The most unsettling part is that the age of the applicant (in this case, the person posing as your child) becomes official with the credit bureaus upon the first credit application. This makes clearing a sabotaged credit record even more difficult because you have to prove to the credit bureau that your child is only seven and isn’t responsible for thousands of dollars of debt.