Posts

Identity Theft Services: Is ID Theft Monitoring Worth the $$$?

,

Product Review: Are identity theft monitoring services worth it?

Yes, identity theft services can be well worth the investment, especially if you ever become a victim. Imagine that your Social Security number is part of a national breach like Anthem or the Office of Personnel Management. Or it’s stolen out of your tax preparer’s office, scavenged from your trash or skimmed from your iPad as you surf on a free Wi-Fi connection. In most cases, you have no idea that your digital identity has fallen into unethical hands, usually those of organized crime, who replicate and resell it in seconds.

Next, your identity is used by an undocumented worker to get a job, and now you owe taxes on their earnings. A second user applies for credit in your name and skips town, leaving behind your decimated credit score. Another uses your SSN to drain your health insurance benefits and append the wrong blood type to your medical file. You have no idea that any of this is taking place behind the scenes until the day that the tax bill arrives in the mail, you are denied medical coverage and a collection agency shows up at your door. Because the discovery process doesn’t happen for an average of 18 months after the initial theft, your losses are substantial and your innocence difficult to prove. Obviously, I’ve combined many forms of ID theft here into a single scenario, but everyone of them is real and common.

If I told you that there are ways to automatically detect the exposure of  your SSN online (allowing you to request its removal), to prevent the trafficking of your ID on the dark side of the web and to be notified about even the smallest use of your credit profile by criminals, would you be interested?

Every one of these preventative measures is possible, and detecting the abuse of your identity is made much more convenient and less time consuming by identity theft services that monitor your ID online. Are they a perfect solution? There is no such thing as a perfect solution, and if someone says there is, they are working too hard to sell you something. The key to protecting your identity is to layer on many forms of prevention and detection, thus persuading the criminal to move on to another target. One key layer is provided by identity monitoring services.

Monitoring your identity is much like installing a burglar alarm to protect your home – it’s a no-brainer if you are willing to invest a little to attain much more peace of mind. The most common question I get asked after my speaking engagements is which service I use personally. I have to say, despite their clever marketing, I am not a huge fan of the most popular providers, because they promise too much and deliver fewer tools than some of the better options. The identity theft services provided by the credit card companies are even more limited and less effective. I recommend doing your homework and comparing the different features of the various services.

Here are some features you’ll want your identity theft service to include:

  1. Convenience: The identity theft monitoring service should email you any time a red flag appears (changes to your credit, mailing address, bank accounts, loans, etc.) , so that you don’t have to do any extra work to keep track of your identity.
  2. Depth of Monitoring: Utilize a company that monitors your credit report at all three credit reporting bureaus (a tri-bureau report), which is vital, because the bureaus often don’t share information as much as they claim to share.
  3. Cyber-Agent Scanning: If you are worried about your private information being circulated in criminal chat rooms, carding sites, newsgroups and other digital venues where cyber criminals buy, sell and trade your data, make sure your product scans known rogue sites and alerts you to problems.
  4. Breadth of Reporting: Your identity monitoring service should also scan non-credit loan applications in case someone is using your identity to run a pay-day loan scheme.
  5. Public Document Surveillance: Your service should monitor your public records on the internet (court documents, legal agency filings) in case your information is published for any reason by the government or your Social Security number is found in public records.
  6. Restoration Services: It is vital that the identity theft monitoring service you choose provides restoration and repair if your identity is stolen. In fact, this is probably the most useful and effective part of the monitoring services, as it makes it much easier to recover from ID theft if you are a victim.
  7. Dashboard Access: I like the services that provide one easy to monitor dashboard across all aspects of your identity – that way, if something is a threat, you see it with a big red warning sign.

If a company promises you identity theft services or credit monitoring for free, run the other direction. Like anything else, identity theft services are an investment, and paying nothing means you are getting nothing other than having your name and valuable information sold to other marketers. Remember, you are protecting a digital asset (your identity) that is worth more than all of your bank accounts, mortgages, investments and net worth combined. Spending a little to save a lot is like immunizing yourself against the disease of identity theft before it strikes.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

3 Steps to Stop Wallet / Purse Identity Theft

,

One of the quickest identity theft prevention tips is to protect your purse or wallet from being stolen. Here are three tips from ID theft expert John Sileo on protecting wallet identity.

IDT Recovery Guide

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

 

 

 

Screen Shot 2014-08-22 at 8.06.57 AM

Over 90% of Rachael Ray Show Audience Faces Identity Theft Risks

Recently, I was asked to do a segment for The Rachael Ray Show that demonstrated very visually how many audience members face immediate identity theft risks. Watching them move across the stage as we exposed two or three common sources of identity theft was remarkable. Once we had experienced the numbers, we ventured into the house of one of Rachael’s audience members to see how to mitigate the risk. Watch the video to see if you would have joined the “at risk” group, or read the transcript below:

Rachael: We had the audience stand back here because we all carry several items on any given day, EVERY given day, that put us at risk.  So John, you’re going to weed out our audience so we can all learn in how many areas we are seriously at risk if we have certain items on us, correct?

John: Perfect.

Rachael: Okay, how are we going to get them started?

John: The first one is your Social Security card. If you carry your Social Security card.

Rachael: If you have your actual your Social Security card, I’d like you to cross the room and come to this side of the studio.  (Audience members cross.)  A few people–not many.  I don’t carry mine, either.

John: A few have got it.  A lot of us do it.

Rachael: To me, Social Security numbers- they ask for them everywhere. The bank, the doctor–everywhere.  I know the number.  I don’t carry the card, but it is like your signature.

John: It is.  It’s your net worth.  It’s your future buying power, so a thief with a Social Security number–they can buy a home as you.  That’s what happened in my case.  They purchased a home.  They go bankrupt as you.

Rachael: A house?

John: Yes, she bought a house.  It was a woman.

Rachael: Just like in the movie! That is amazing.  And a woman took your Social Security number and it didn’t even occur to anybody- it’s not a man named John?

John: I know and then went bankrupt-as me.

Rachael: Oh my God–I just want to feed you spaghetti!  Okay, I think we’re going to move a lot of people on this next item.  Tell them the next item.

John: Yes.  If you have a smartphone without a passcode on it.  So without the four digit code or some sort of a passcode.

Rachael: If you have an unprotected phone, move it.  (Many audience members move.)  I knew we’d get a lot of them on that one.  Okay, now explain why you’re even more at risk without a passcode, even though it’s fairly obvious.

John: You bet.  So the smart phone is part of who we are, right?  It’s become an extension of ourselves.  It’s literally part of our identity.

Rachael: Access to everything.

John: Let me give you an example of how easy it is.  The thief takes it off the table at a cafe, right?  They walk outside- no passcode on it.  So they quickly surf through your websites or your contacts.  They see where you bank.  Then they go, ON THAT PHONE, to the bank’s login page and they hit the “forgot my password” link…

Rachael: And it sends it to you!

John: And it emails it to the thief!

Rachael: AGGGHHH!

John: They’re right in your account.  Bam! It’s that easy.

Rachael: One more thing.  We’ve gotta move more people.  Give us one last item that puts us at risk that you think most, if not all, of these people have.

John: If you have a debit card or bank card. (Almost everyone else crosses room.)

Rachael: Now everybody has to have their bank card with them.  I carry mine, too.  Don’t you carry one?

John: I don’t.  I’m not saying you can’t carry a debit card or a bank card.  It’s how you carry it.  It’s that you’re smart with it.  Your debit card, your checkbook, connects directly to your bank account.

Rachael: (Looks at remaining audience members who didn’t move.)  We have about ten/twelve people left.  You guys don’t have any bank or debit cards on you?  Wow, That’s amazing!

John: It’s doable.  Use your credit card.  I realize it’s a great budgeting tool, but if you can get it out of your purse when you don’t need it…lock it up at home- just like you do your Social.

Rachael: Get cash once or twice a week.  Leave the card at home and carry credit cards that have protection.

John: Yes, you have much better protection liability-wise.  The money doesn’t come directly out of your  account when it’s stolen.

Rachael: It’s amazing.  I love the visual of watching the risk factor.

New segment 

Rachael: We wanted to take this a few steps further.  We didn’t have time to go to every single person’s home here, so we sent you to one of our viewer’s homes to find the places in our homes where we’re putting ourselves at even more risk, right?

John: Yes, at Lisa’s.

Rachael: So, he went to Lisa’s house.  We’re going to have these guys take a seat.  You check out what happened at Lisa’s and we’ll meet back here.

Video

(Shows family activities at Lisa’s house.)

Lisa:  I”m a wife and a mother of three and I just want to do everything I can to protect my family.  About a year and a half ago we were victims of identity theft.  You feel like your whole life has been stolen from you. At first when that identity theft happened, we were taking steps.  We put alerts on with credit reporting agencies, but I think I fell back into being more lax about it.

(John arrives at Lisa’s house.)

John:  So our plan of attack today with Lisa is to take her around the house and we’re just going to look at the different ways her data might be exposed.

(In her office)

We’ve got a file cabinet…a locking file cabinet that undoubtedly is …unlocked.   (It is. John looks through items) Birth certificates…

Lisa:  I try to hide it.

John: You try to hide it, yeah, but we all hide it in the same way.  What I really suggest is a locking fire safe.  You can buy these big, heavy safes that protect against water and fire, but they also allow you to store these documents in a really safe way.

(On to Kitchen)

Lisa:  My purse is over here.

John: Wow.  What is this, an organizer?  (Huge, overflowing wallet)  You keep your life in here, don’t you?  Let’s see what we’ve got.  Debit cards, multiple credit cards…I would get in the habit of thinking, “Okay, I’m going out to do this shopping.  What cards do I need?  Take the cards that you use most often and get in the habit of leaving the rest at home.  On a credit card or debit card, one thing that I recommend is that you simply write Photo ID Required on it.  It lets the retailers know, “Hey, my identity matters.  Ask for it.”  It makes it harder for someone to shop and impersonate you. (Continues to look through wallet) Cash-we don’t worry too much about that.  It’s really the data that we’re looking at. And a lot of times the thieves will take the cash, they’ll take photos of this (other cards/data), and they’ll put it all back.  They don’t want you to know they’ve taken it.

Lisa: I didn’t even think of that.

(They head outside to Lisa’s trash can.)

John: You have to be really mindful of what we leave outside of the door.  We put things in our trash that are incredibly valuable.  This is called dumpster diving.   (John looks through trash.) This looks good here.  Looks like a bank statement, we’ve got an insurance statement.  We’ve got a credit card statement.  It has your full account number on it-right there. Bonanza!  You also need to shred anything with any identity on it.

(Moves to mailbox- unlocked out on the street)

Do you mind if I go through your mail a bit?

Lisa: Not at all.

John: Allright, so here’s a pre-approved credit card offer.  This makes it really easy for somebody to apply for a credit card in your name.  There’s an easy solution.  It’s called opting out.  You can opt out of financial junk mail so it’s never in your mailbox in the first place.

Lisa: I didn’t even know you could do it.

John: You should take this now and shred it.  Everything that you can shred, you shred.

(Moves to Lisa’s computer.)

John: I love talking to people about their computers because it is the jackpot in the house of all our financial information.  I was glad to see that you have a password to get in.  That way if somebody walks out with the box, it’s a little more protected.  Do you shop online at all?

Lisa: Yes, I do.  I shop online a lot.  I’ve been using my debit card a lot more lately.

John: Okay, shopping online- I’m totally good with.  Using your debit card is risky.  It’s connected to your bank account.  I recommend you use a credit card and, in fact, I think it’s smart to have a separate credit card you use online and a credit card you use out and about.  That way if something happens online, you can shut down the one card and you’ve kind of cordoned it off.

(Back to studio.  Rachael welcomes Lisa and introduces Privacy Means Profit.)

Rachael: The biggest thing that I got out of that segment that I want to do immediately when the show is over–putting the stickers on every single front of my credit card or debit card (that says) “Ask for Photo ID”.  You said everyone ignores it on the back, but everyone demands it on the front.

John: That’s exactly right.

Rachael: Everyone could buy “stickems” and that’s a really good one.  That’s so easy and fantastic.  So Lisa, that was enlightening. Thank you for letting us into your home.  What did that feel like from your side of it?  Did you feel like “Uh!” (slaps forehead) “I can’t believe I did that”?

Lisa:  I couldn’t believe everything I was doing wrong.  John gave me such great tips- just little things you can do to protect your identity.  It was scary because I thought I was being more diligent than I was.

John:  We all do.

Rachael: That’s the thing. It seems so obvious when he puts a highlighter pen over it.   Then we all say “I do that, I do that, too.”  I love that sticker thing though.  Isn’t that a great tip?

Lisa: Yes.  Actually  I started to implement that.  That was the first thing I did.

Rachael: (To John) So, who are identity thieves?  What are the most popular types of identity thieves?

John: It breaks down into three big categories.  The first is friendly fraud.  It’s the people that we know.  I see these every week.  It happens constantly.  It’s the college roommate who visits who has fallen on hard times so they sneak a check out of the middle of your checkbook.  The second is the local.  This is the person in your neighborhood who is a drug addict, a gambling addict, they need a little extra money and they’re willing to filter through your trash or your mail to get it.  The third, the fastest growing one, is organized crime.  These are international people who have huge resources to hack into very secure databases.  These are not poor databases.

Rachael: They’re really investing in their crime with top quality computer programmers.

John: Absolutely, that’s exactly what they do.

Rachael: So, tell us about medical identity theft.

John: It’s so quickly growing because health insurance is really expensive, right?  Here’s one we see a lot of right now.  They wear a pair of Google Glass glasses that record, or they have an iPhone.  They walk through the emergency room where people are totally stressed out and they’re filling out forms and they’re looking at them.

Rachael: That is so creepy!

John: And listen to this one: photocopiers.  You have your doctor photocopy stuff- that has a hard drive in it and when someone services it…

Rachael: You’re giving me hives!

John: So you photocopy it at home.

Rachael: So how do you protect yourself from it?

John: Number one-those benefits statements that we get? Review them, just like you would your credit card statement.  If something is wrong, you shut it down.  You call them immediately.

Rachael: Pay more attention.

John: Yes, pay more attention.

Rachael: And guard what you’re writing.

John: Yes, they can be snapping photos.  A lot of times what I’ll do is put it on a sticky note and I’ll take it off after.  It doesn’t stay on their records, but it stays in the system.  It’s  a little bit better protection.

Rachael Ray Promo.jpg

Cyber security expert: SEC chairman pointing efforts in right direction

To this somewhat hopeful cyber security expert, it appears that Mary Jo White, the new chairwoman of the SEC, is interested in making investors’ online security a priority. Will it make you safer? Not without action. Shortly after being officially confirmed in her new role this week, White held a meeting to establish stricter identity theft prevention measures – an initiative that was started back in 2011. Specifically, the measures encouraged businesses to disclose their security vulnerabilities and any history of prior cyber attacks for the purpose of better informing constituents.

White’s initiative was sparked in part by West Virginia Senator John Rockefeller, who has reached out to her to increase efforts in this area. In a letter to White sent this week, Rockefeller urged the SEC to put stronger regulations in place to help enforce cyber security. His statements of concern requesting “formal guidance from the SEC” hit the nail on the head.

“Investors deserve to know whether companies are effectively addressing their cyber security risks – just as investors should know whether companies are managing their financial and operational risks,” Rockefeller’s letter reads. “This information is indispensable to efficient markets, and as a country, we need the private sector to make significant investments in cyber security.”

As both an investor and a cyber security expert I’d take it one step further. If investors are unsure about the security practices of a company, how can they be confident that their investments in that company will be appropriately protected? Security is an underlying pillar of trust, and without investor trust, companies have little sustainable value. It’s hard to over-emphasize the importance of investor trust that grows as a byproduct of sound cyber security. How long did it take TJX Companies to recover investor value after their hacking disaster a few years ago? Sony Playstation?

Of course, there are bound to be disagreements around the proper approach. Thanks to the Dodd-Frank law from 2010, the Commodity Futures Trading Commission, along with the SEC, can create and promote the rules surrounding regulation of cyber security in this area. According to Anne Cotter of Dodd-Frank.com, “The federal securities laws, in part, are designed to elicit disclosure of timely, comprehensive, and accurate information about risks and events that a reasonable investor would consider important to an investment decision.”

Cyber security, or lack of it, is one such risk that merits disclosure. It’s important that we not let political differences keep us from strengthening the means to keep out hackers. We are headed down the right path in the sense that the government and corporate America are paying attention. But acceptance of our need for cyber security does not equate to action. We will succeed at this effort as a nation, or fail at it together.

John Sileo is an cyber security expert and keynote speaker on privacy, identity and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

6 Ways Your Facebook Privacy Is Compromised | Sileo Group

One billion people worldwide use Facebook to share the details of their lives with their friends and may be unaware their Facebook Privacy could be compromised. Trouble is, they also might be unintentionally divulging matters they consider private to co-workers, clients and employers.

Worse yet, they may be sharing their privacy with marketing companies and even scammers, competitors and identity thieves. Luckily, with some Facebook privacy tips, you can help protect your account online.

Here are six ways Facebook could be compromising your private information and how to protect yourself:

Facebook Privacy

1.  The new Timeline format brings old lapses in judgment back to light. Timeline, introduced in late 2011, makes it easy for people to search back through your old Facebook posts, something that was very difficult to do in the past. That could expose private matters and embarrassing photos that you’ve long since forgotten posting.

What to do: Review every entry on your Facebook timeline. To hide those you do not wish to be public, hold the cursor over the post, click the pencil icon that appears in the upper right corner, select “Edit or remove” then “Hide from timeline.” Being able to “revise” your history gives you a second chance to eliminate over-sharing or posts made in poor taste.

Facebook Privacy2.  Facebook third-party app providers can harvest personal details about you—even those you specifically told Facebook you wished to be private. Third-party apps are software applications available through Facebook but actually created by other companies. These include games and quizzes popular on Facebook like FarmVille and Words with Friends, plus applications like Skype, TripAdvisor and Yelp. Most Facebook apps are free—the companies that produce them make their money by harvesting personal details about users from their Facebook pages, then selling that information to advertisers. In other words, you are paying for the right to use Facebook using the currency of your personal information.

Many apps collect only fairly innocuous information—things like age, hometown and gender that are probably not secret. But others dig deep into Facebook data, even accessing information specifically designated as private.

Example: A recent study found that several Facebook quiz game apps collected religious affiliations, political leanings and sexual orientations. Many Facebook apps also dig up personal info from our friends’ Facebook pages—even if those friends don’t use the apps. There’s no guarantee that the app providers will sufficiently safeguard our personal information and there are numerous instances where they have done just the opposite.

What to do: Read user agreements and privacy policies carefully to understand what information you are agreeing to share before signing up for any app. The free Internet tool Privacyscore is one way to evaluate the privacy policies of the apps you currently use (www.facebook.com/privacyscore), but remember that it is provided by the very company that is collecting all of your data. You also can tighten privacy settings. In “Facebook Privacy Settings,” scroll down to “Ads, Apps and Websites,” then click “Edit Settings.” Find “Apps You Use” and click “Edit Settings” again to see your privacy options. And be sure to delete any apps you don’t use. While you are in the privacy settings, take a spin around to find out other data you are sharing that might compromise your privacy.

Facebook Privacy3.  Facebook “like” buttons are spying on you—even when you don’t click them. Each time you click a “like” button on a Web site, you broadcast your interest in a subject not just to your Facebook friends but also to Facebook and its advertising partners.

Example: Repeatedly “like” articles in a publication with a specific political viewpoint, and Facebook advertisers might figure out how you vote.

Not clicking “like” buttons won’t free you from this invasion of privacy. If you’re a Facebook user and you visit a Webpage that has a “like” button, Facebook will record that you visited even if you don’t click “like.” Facebook claims to keep Web browsing habits private, but once information is collected, there’s no guarantee that it won’t get out.

Example: If an insurance company purchases this data, it might discover that someone applying for health coverage has visited Web pages about an expensive-to-treat medical disorder. The insurer might then find an excuse to deny this person coverage, or to raise their rates substantially.

What to do: One way to prevent Facebook from knowing where you go online is to set your Web browser to block all cookies. Each browser has a different procedure for doing this, and it will mean that you will have to re-enter your user ID and password each time you visit certain Web sites.

Another option is to browse the web in “InPrivate Browsing” mode (Internet Explorer), “Incognito” mode (Google Chrome) or “Private Browsing” mode (Firefox and Safari), which seems to be a less intrusive way to raise your privacy levels.

Less conveniently, you could log out of Facebook and select “delete all cookies” from your browser’s privacy settings before visiting Web sites you don’t want Facebook to know about. There are also free plug-ins available to prevent Facebook from tracking you around the Internet, such as Facebook Blocker (webgraph.com/resources/facebookblocker).

Facebook Privacy4.  Social readers” tell your Facebook friends too much about your reading habits. Some sites, including the Washington Post and England’s The Guardian, offer “Social Reader” Facebook tools. If you sign up for one, it will tell your Facebook friends what articles you read on the site, sparking interesting discussions.

The problem: excessive sharing. The tools don’t share articles with your Facebook friends only when you click a “like” button, they share everything you read on the site. Your Facebook friends likely will feel buried under a flood of shared articles, and you might be embarrassed by what the social reader tells your friends about your reading habits.

What to do: If you’ve signed up for a social reader app, delete it. In Facebook privacy settings, choose “Apps you use,” click “Edit Settings,” locate the social reader app, then click the “X” and follow the directions to delete.

Facebook Privacy5.  Photo and video tags let others see you in unflattering and unprofessional situations. If you work for a straight-laced employer, work with conservative clients or are in the job market, you may already realize that it’s unwise to post pictures of yourself in unprofessional and possibly embarrassing situations.

But you may fail to consider that pictures other people post of you can also hurt you.

A Facebook feature called photo tags has dramatically increased this risk. The tags make it easy for Facebook users to identify by name the people in photos they post—Facebook even helps make the IDs—then link these photos to the Facebook pages of all Facebook users pictured.

What to do: Untag yourself from unflattering photos by using the “remove” option on these posts. Arrange to review all future photos you’re tagged in before they appear on your Facebook Timeline by selecting “Timeline and Tagging” in Facebook’s Privacy Settings menu, clicking “Edit settings,” then enabling “Review posts friends tag you in before they appear on your timeline”. Better yet, ask your friends and family not to post pictures of you without your permission. Be sure to extend the same courtesy to them by asking whether or not they mind you tagging them in a photo.

Facebook Privacy6.  Our Facebook friends—and those friends’ friends—offer clues to our own interests and activities. Even if you’re careful not to provide sensitive information about yourself on Facebook, those details could be exposed by the company you keep.

Example: A 2009 MIT study found it was possible to determine with great accuracy whether a man was gay based on factors including the percentage of his Facebook friends who were openly gay—even if this man did not disclose his sexual orientation himself.

Sexual orientation isn’t the only potential privacy issue. If several of your Facebook friends list a potentially risky or unhealthy activity, such as motorcycling, cigar smoking or bar hopping among their interests—or include posts or pictures of themselves pursuing this interest—an insurer, college admissions officer, employer or potential employer might conclude that you likely enjoy this pursuit yourself.

What to do: Take a close look at the interests and activities mentioned by your Facebook friends on their pages. If more than a few of them discuss a dangerous hobby, glory in unprofessional behavior, or are open about matters of sexual orientation or political or religious belief that you consider private, it might be wise to either remove most or all of these people from your friends list, or at least make your friends list private. Click the “Friends” unit under the cover photo on your Facebook page, click “Edit,” then select “Only Me” from the drop-down menu.

Most of all, remember that Facebook and other social networking sites are social by nature, which means that they are designed to share information with others. The responsibility to protect your personal and private information doesn’t just fall on the social networks; it is also up to you.  Following these Facebook privacy tips can help you succeed in keeping your most personal information safe. 

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Check washing & check fraud can dirty your spring cleaning

, , ,

Check washing is so simple, you must learn to prevent check fraud

Are check fraud and check washing still relevant in the age of digital payments? If you’re like the average person, chances are you don’t write too many checks anymore. With the convenience of online payment options, nearly universal acceptance of credit and debit cards, and the proliferation of ATMs offering you easy access to money at every turn, why resort to the archaic, labor-intensive method of writing a check?

The simple answer—sometimes we have no other choice!  Some places still don’t accept credit cards (Costco if you don’t have an American Express), or they charge an extra fee for them.  Some retailers don’t offer online payment options.  And frankly, sometimes it’s just an old habit and we haven’t made the effort to find a safer option because we’re stuck in the mindset of “it’s never happened to me” when thinking about check fraud.

Yet, according to a recent AFP Payments Fraud and Control Survey, checks remain the payment type most vulnerable to fraud attacks. In an American Bankers Association Deposit Account Fraud Survey, 73% of banks reported check fraud losses totaling approximately $893 million. And perhaps scariest of all, the imprisonment rate for check fraud is only 2% according to a statement made by the Department of Justice.  So although it’s not as glamorous or high tech as some other forms of fraud, check fraud is very tempting to criminals. It’s often as easy as taking an afternoon stroll down a street looking for vulnerable mailboxes, and then doing a little bit of “laundry”.

Check Washing Check Fraud

One form of check fraud that hits home for businesses and individuals alike is check washing.  It is the practice of removing legitimate check information, especially the “Pay To” name and the amount, and replacing it with data beneficial to the criminal (his own name or a larger amount) through chemical or electronic means. We conducted our own experiment to see just how easy it is to alter a check.  Take a look at our results in the video above.

What can you do to prevent this form of check fraud from happening to you?  There are many steps you can take:

  • Always use high security checks with multiple check fraud and check washing countermeasures
  • Use security gel-based pens with dark ink 
  • Don’t leave mail containing checks in an unattended or unlocked mailbox  (i.e. w/ red flag up)
  • Buy a locking mailbox (one large enough for a postal carrier to put mail through, but not large enough for a hand)
  • Shred voided checks
  • Check your bank statements regularly and immediately when you receive them.  You have a limited time in which to report check fraud.
  • Put clear tape over important fields when mailing a check
  • Do not leave blank spaces on payee or amount lines
  • Have new checks delivered to your bank if possible so they are not sitting in your unattended mailbox

Businesses are highly susceptible to massive check fraud via check washing, because the balances in their accounts tend to be higher and more vulnerable. This simple change from regular checks to high security checks can drastically reduce your risk of check washing and check fraud.

John Sileo is CEO of The Sileo Group, and a  keynote speaker on cyber security, identity theft and business fraud prevention. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Stop Check Fraud with Security Checks

, ,

How to Stop Check Fraud and Check Washing

stop check fraudCheck washing, a highly common form of check fraud, is the practice of removing legitimate check information, especially the “Pay To” name and the amount, and replacing it with data beneficial to the criminal (his own name or a larger amount) through chemical or electronic means.  One of the many ways to protect yourself against check fraud is so important that it deserves its very own article.

A foolproof way to protect your checks from being altered, whether by washing or by electronic means, is to use security checks offered by most companies.

Here are some of the features to look for when you’re purchasing High Security Checks.  These features will safeguard you not only against check washing, but other high tech forms of check fraud as well:

  • Safety security paper (visible and invisible fluorescent fibers, chemical-sensitive)
  • Foil hologram (cannot be reproduced by copiers or scanners)
  • High resolution border elements (intricate design is difficult to reproduce)
  • True watermark (cannot be reproduced by copiers or scanners)
  • Toner adhesion  (damage is visible if toner is lifted or scraped)
  • Void element (the word void appears if photocopied or chemically altered)
  • False positive test area (instant authenticity test with black light or counterfeit pen)
  • Complex pantograph background pattern and high-security colors
  • Thermochromatic ink (reacts to heat to deter copying)
  • Original document backing (deters cut and paste alteration attempts)
  • Chemical wash detection area (shows chemical alteration attempts)
  • Security warning box (becomes visible when photocopied)
  • Padlock icon (signifies that checks meet industry standards)

One more vital tip to foil the check washers: use a dark ink, gel-based pen, preferably one that states it is a security pen. Take a look at the video to the left to see how easy it is to wash a check if you are not using a high security gel-based pen. 

Yes, you may spend a few extra dollars for security checks and pens, but compared to the staggering cost of recovering from check-washing schemes (small businesses lose more than 7%  of their annual revenue to check fraud  – over $600 billion), it’s a drop in the bucket!  Your peace of mind and saved recovery time are worth it.

Checks Unlimited provides personal Securiguard checks with 7 advanced security features including chemical protective paper, microprint signature lines, and a 2 dimensional holographic foil that is irreproducible on copiers or scanners.  Their Security Center also offers fraud prevention tips and security products!

John Sileo is CEO of The Sileo Group, and a  keynote speaker on cyber security, identity theft and business fraud prevention. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

Celebrity hackers target Michelle Obama, Hollywood stars and… you!

It can't be said enough: these days, any of us can become a victim of identity theft, and those in power are even more at risk. Whether they want to or not, many of America's most familiar faces are being forced to realize the reality of what hackers can do.

You heard it from the leader of the free world himself. This week, President Obama told George Stephanopoulos of ABC News that "we should not be surprised" at the abilities of hackers to access our personal data. Still, you have to wonder if he was at all surprised when AnnualCreditReport.com (the credit monitoring site that is a joint venture between Equifax, Experian and TransUnion designed to help consumers like you and me to make sure we aren't the victims of identity theft) revealed the credit reports, Social Security numbers and other pieces of information on many noted public figures, including the First Lady. In a bitter chunk of irony, even the tools we use to protect ourselves against identity theft are being targeted by hackers.

For others, specific documents have been posted, including addresses and credit card bills, as well as 30 pages of financial information on the Chief of the LAPD, Charlie Beck.   

Of course, it's unclear how accurate this information is, but the wide range of big-name individuals targeted is eyebrow-raising at the least. The list of victims includes the sort of people who are under round-the-clock security, from celebrities like Jay-Z to politicians like Hillary Clinton and Sarah Palin. Even Robert Mueller was among the attacked, and he's the director of the FBI! Because this was a corporate data breach (where the data was hacked all at one time), there was almost nothing that these people could do to protect themselves, even with their heightened security.

So why them and not me? Actually, you are just as likely to have been breached. As we all know, with celebrity comes exposure. Exposure to paparazzi, exposure to wealth and fame, and exposure to exploitation. But it's not that you haven't been exposed (if you have used AnnualCreditReport.com, you are likely one of the victims), it's just that your case isn't being reported on in the news. Just like Michelle Obama, you are a victim of the same breach, and are at the same risk of having your credit profile abused. 

Digital identity theft is more than a scourge and it affects more than the rich and famous. It's a business, and business is booming. It is the responsibility of corporate America to begin hardening their cyber data security, the duty of our government to take an offensive stance on these attacks, and your responsibility to learn more about identity theft prevention. The sooner you do, the better chance you have of ending up in the news like these celebrities.

John Sileo is a cyber security expert and keynote speaker on privacy, identity and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

CEOs taking notice of online privacy threats?

Threats to online security have been coming thick and fast. But a new study shows that CEO's may finally be taking notice. Is that enough?

If there's an upside to the recent rash of hacks and digital subterfuge, it may be that businesses are beginning to see the ugly reality of online privacy exposure. According to the Wall Street Journal, a study by analysts at AIG recently showed that more executives are concerned about breaches than harm to their property. Eighty-five percent of executives polled placed more emphasis on their information and digital reputation than their physical holdings. 

Awareness is one thing, but are these executives putting their money where their mouth is?

It appears so. Studies show that there has been a corresponding increase in the amount of money recently spent by retail companies on cyber security measures and experienced anti-fraud experts. It's remarkable what a little bad press (hacking of the New York Times, Wall Street Journal, Twitter, Evernote) will do to motivate previously complacent companies.

As precious as your material property may be, it's not being targeted at all times like your data, which is under automated 24/7 attacks by hackers in their pajamas. Breaking into a house carries a great deal of risk, but hacking your email or bank account can be done from anywhere, anonymously, and with little chance of being caught. Unlike burglars, the cyber thieves that steal your personal information aren't very likely to leave behind a trail.

While it's good that executives appear to be getting the message, there's no substitute for proper cyber security training. Behind all of the technology and at the source of every data breach is a human being (generally, a poorly trained human being). Security isn't a department, it's a system of beliefs that must be instilled in your people. And when those people take protecting your data as seriously as they do their homes, then you've made progress.

John Sileo is a cyber security expert and keynote speaker on privacy, identity and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Sileo Identity Theft Prevention & Online Privacy Checklist

CheckmarkIdentity theft prevention is not a one-time solution. You must accumulate layers of privacy and security over time. The following identity theft prevention tips are among those I cover in one of my keynote speeches.

  1. Review your Free Credit Report 3X per year at www.AnnualCreditReport.com.
  2. Opt-Out of financial junk mail.
  3. Stop Marketing Phone Calls at www.DoNotCall.gov.
  4. Freeze Your Credit. State-by-state instructions at www.Sileo.com/2.
  5. If you don’t want to use a credit freeze, place Fraud Alerts on your 3 credit files.
  6. Use sophisticated Identity Monitoring software to detect theft before it’s disastrous.
  7. Stop Sharing Identity (SSN, address, phone, credit card #s) unless necessary.
  8. Protect Your Wallet or Purse. Watch this video.
  9. Protect Your Computer and Online Identity. Privacy Means Profit
  10. Protect your Laptop. Visit www.Sileo.com/laptop-anti-theft for details.
  11. Bank Online: online bank statements, account alerts and bill-pay.
  12. Buy a Shredder (or 2) & shred everything with identity you don’t need.
  13. Minimize Social Networking Exposure. Privacy Means Profit
  14. Lock down your Social Networking Profiles www.Sileo.com/facebook-safety.
  15. Realize that approximately 50% of the worst ID theft crimes are committed by Acquaintances & Friends.
  16. Set up two-factor authentication with your bank.
  17. Stop Clicking on Links in emails and social networking posts that you don’t recognize as legitimate.
  18. Avoid emails/faxes/letters/calls/people promising Something for Nothing.
  19. Know that protecting Other People’s Privacy is part of your responsibility.
  20. For more tools, purchase a copy of John’s Latest Book on Information Survival, Privacy Means Profit.
  21. Subscribe to The Sileo Report eNewsletter and follow John’s Blog.
  22. Consider bringing John Sileo to speak to your organization on identity theft, cyber crime, social engineering, social media exposure and other topics of information exposure.