Posts

How to Prevent Child Identity Theft

, ,

Fraud Expert John Sileo discusses why your child is 51X more likely to become a victim of ID Theft on Fox Business.

Why are our kids, the very people we most want to protect, so vulnerable to identity theft? Because they have unused, unblemished credit profiles. According to Carnegie Mellon University’s CyLab 10.2% of the children in a recent report had someone else using their Social Security numbers. That figure is 51 times higher than the rate for adults of the same population.

Thieves steal a child’s identity early on, nurture it until they have a solid credit score, and then abuse and discard it. If it’s not discovered in time, fraudulent use of your child’s identity could mean the loss of educational and job opportunities and starting off adulthood at a serious disadvantage with someone else’s bad credit in her name.

Oddly enough, credit checks do not have any way to match your child’s date of birth with that listed with the Social Security Administration. Therefore, the criminal can put down any date of birth and gain access to your child’s credit. The most unsettling part is thatthe age of the applicant (in this case,the person posing as your child) becomes official with the credit bureaus upon the first credit application.This makes clearing a sabotaged credit record even more difficult because you have to prove to the credit bureau that your child is a child and not responsible for thousands of dollars of debt.

In most cases, you won’t discover the illegal purchases and identity theft until your child applies for a job, tries to get a driver’s license or enters college. At that point, you are left with the time-consuming dilemma of cleaning up someone else’s fraudulent mess. If only clearing up a credit report was as easy as cleaning up after your kids.

Common Sources of Child Identity Theft

  1. Undocumented Workers who need identities to keep working in the US (see NBC News Video Above).
  2. Organized Criminals who reap huge financial gains with little risk of prosecution.
  3. Friendly Fraudsters (friends and relatives) who abuse their relationship with the child to cover debts and expensive habits.

Here are some of the ways your child’s information is stolen:

  • When registering for daycare, schools and recreational sports
  • On medical, dental and hospital records
  • When joining organizations like the Girl Scouts, Boy Scouts, etc.
  • When their identity is stored and accessed by volunteers or employees
  • When one of the above organizations is breached by a hacker or malicious software
  • When an adult befriends your child on a Facebook and socially engineers private information out of them

For parents, cleaning up the disaster of identity theft for their children is costly and incredibly time consuming. Getting a new Social Security number is almost impossible, and rarely the best option. Taking steps right now to protect your child from this horrible crime is one of the greatest investments you will ever make in their financial and emotional future.

Consequences of Child ID Theft

Acting now on behalf of your child will protect them from consequences common to child victims:

  • Starting adulthood with a credit rating low enough to scare away the hungriest of loan sharks.
  • Being denied a loan, credit card or apartment rental because of a crime committed 10-15 years earlier .
  • Being denied access to college, financial aid or a new job based on a past criminal record, falsified earnings or tarnished reputation.
  • Having an arrest warrant for crimes your child didn’t commit.

Protecting Your Children

In the same way that you can’t protect your children from every bruise and scrape, you can’t entirely remove the risk of identity theft. You can, however, prevent or soften the fall if it does happen. Take these steps first:

  1. Watch for mail in your child’s name. This is a potential sign that credit has been established using their identity. The most common types of mail that signal identity theft are financial (pre-approved credit cards, etc.).
  2. Consider ordering a free credit report for your child. If you suspect foul play, write to the three credit reporting bureaus (Equifax, Experian and TransUnion) to see if your child has a credit profile (no profile, no chance that it is being used illegally). If they do have an active credit profile, you will need to resolve this with the specific credit bureau. Please note that requesting your child’s credit report repeatedly can actually establish a credit profile in their name. For a more convenient option, use an identity monitoring service for you and your family that alerts you when credit is established in any of your names.
  3. Stop giving out your child’s personal information. Until you are confident that it is absolutely necessary to receive the services desired, withhold their personal information. More than 80% of organizations that ask for your child’s Social Security number don’t actually need it to establish services. If you must give it, ask them how they will use it, how long they will keep it and how it will be protected while they have it.
  4. Protect your child’s identity documents. Birth certificates, passports, bank account information, wills and trusts involving children should all be locked securely in a fire-safe or bank’s safety deposit box. Physical document theft is one of the most prevalent ways kid’s identities are stolen.
  5. If you find evidence of fraudulent activity, contact the police, the source of the fraud and all three credit bureaus. Filing a police report helps to establish your child’s innocence in an official way.Have the credit bureaus FREEZE your child’s credit for maximum protection. Keep detailed records of all correspondence between yourself, the police, the merchant and the credit bureaus. It will come in handy should you ever find yourself in court, as I did.
  6. Educate your children on the importance of protecting their personal information. Teach them about the value of their personal information: their name, address, phone numbers, email address, Social Security Number and any passwords and PIN numbers. Reinforce that they own their private information and that it should not be shared with friends, over the internet or with anyone whom they don’t know or trust.Education is absolutely the best financial gift you will ever give to them.

In the case of child identity theft, an ounce of prevention is worth a lifetime of financial security. Don’t let the center of your universe become just another statistic. Because you love and protect your children as much as I do, start this process immediately.

John Sileo is an award-winning author and speaker on social media privacy, data security, fraud and identity theft. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentations or watch him on Anderson Cooper, 60 Minutes or Fox Business

ID Theft – Five Tips for Vacation Protection

, ,

Holiday travel brings various levels of challenge and stress. Don’t let identity theft risk add to your anxiety.

Here are five tips to help you to avoid becoming a victim while on vacation:

1. Stop your mail and newspaper. Avoid letting un-invited credit invitations sit in your mail box. You can stop your mail by phone or online at usps.com. Also, ask a trusted neighbor to watch for package & parcel deliveries and to hang on to them until you return. If you receive a daily newspaper, put your subscription on hold. A pile of un-retrieved newspapers in your driveway is a “Welcome” sign to thieves.

2. Don’t advertise that you’re on vacation. Make sure if you are going to post vacation updates on your e-mail, on social networking websites, or on your voice mail greeting, that you post generically, no specifics. Put a few lights on timers so that your home doesn’t look unoccupied for the entire time you’re gone. Replace the front porch light bulb.

3. Enroll in a protection product that safeguards your most valuable asset, your identity. You may think you have all your bases covered, but it can be harder than you think, especially once you need to recover from a theft. One way to make sure you’re protected is by using a product that monitors if you are vulnerable to having your identity stolen. A number of quality service providers offer alerts via text or email of potentially suspicious activity as well as resolution assistance to help you cut through the red tape should you need it.

4. Leave your checkbook & debit card at home. If you don’t want to use cash or credit cards, purchase traveler’s checks instead of bringing your checkbook or debit card. A stolen checkbook has your bank account number and routing number on the checks – valuable tools a thief can use to steal your identity or clean out your bank account. Traveler’s checks require a signature when you purchase them, and then another when you use them at a store or restaurant on your travels. And, usually a photo ID is required when you use them. A thief that steals them will find them much harder to use. A debit card is essentially an immediate cash transaction.

5. Give your credit card company a heads up. This is especially important if you are traveling internationally, because any activity that happens domestically will raise a red flag. If you don’t let them know, they may become concerned when they see overseas transactions and freeze your card, potentially ruining your holiday.

A good measure of common sense and basic precaution can go a long way to protect you and your family.  Taking some of these simple steps can give you the peace of mind you deserve during your hard-earned vacation. Travel safely (and securely)!

John Sileo is an award-winning author and speaks worldwide on the dark art of deception (identity theft, social media privacy, data breach) and it’s polar opposite, the powerful use of trust to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply results and increase positive impact by building a culture of deep trust. His satisfied clients include the Department of Defense, Pfizer, the FDIC, Homeland Security, Experian UK and Blue Cross. Contact him on 800.258.8076, follow him on Facebook and Twitter, or view his work on YouTube.

Use a Credit Freeze to Stop Financial Identity Theft and Secure Your Wealth


Freezing your credit is the number one way to protect against financial identity theft. If everyone in the country applied for a Credit Freeze, identity thieves would quickly be out of business. At least, a major part of their business. Take 30 minutes and lower your chances of identity theft drastically (see the online Freeze links at the bottom of this post).

To go directly to placing a security freeze on your 3 bureau accounts, page down to the bottom section.

Every time you establish new credit (e.g., open up a new credit card, store account or bank account, finance a car or home loan, etc.), an entry is created in your credit file which is maintained by companies like Experian, Equifax and TransUnion (listed below). The trouble is, with your name, address and social security number, an identity thief can pretend to be you and can establish credit (i.e., spend your net worth) in your name.

A credit freeze is simply an agreement you make with the three main credit reporting bureaus (Experian, Equifax and TransUnion – listed below) that they won’t allow new accounts (credit card, banking, brokerage, loans, rental agreements, etc.) to be attached to your name/social security number unless you contact the credit bureau, give them a password and allow them to unfreeze or thaw your account for a short period of time. Yes, freezing your credit takes a bit of time (maybe an hour of work), can be a little inconvenient when you want to set up a new account (that said, let’s face it, businesses want to make it as easy as possible to unfreeze your credit because they benefit when you set up new accounts and spend more money) and it can cost a few dollars (generally about $10 to unfreeze, a small price compared to the recovery costs of identity theft). And it is worth it! It’s like putting locks on your doors.

Since all states don’t allow you, by law, to freeze your credit, the three credit reporting bureaus have begun to offer credit freezes on a national basis. This is a major step forward in the prevention of identity theft, even if they are offering it for profit reasons (they make money every time you freeze/unfreeze your credit). If your state does not currently offer credit freezes by law, you can now apply with each credit reporting bureau individually. Regardless of where you live, freeze your credit today.A credit freeze doesn’t affect your existing credit – it doesn’t freeze credit cards, bank accounts or loans you already have. It only freezes access to your account unless someone has a password to get in. It’s like having a PIN number on your ATM card. It also doesn’t lower (or raise) your credit score.

Equifax Credit Freeze
P.O. Box 105788 Atlanta, Georgia 30348credit-freeze
Toll-Free: 1.800.685.1111

TransUnion Credit Freeze
Fraud Victim Assistance Department P.O. Box 6790 Fullerton, CA 92834
Toll-Free: 1.888.909.8872

Experian Credit Freeze
P.O. Box 9554 Allen, TX 75013
Toll-Free: 1.888.397.3742

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation (he shares how he lost $300,000, 2 years and his business to data breach) or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

Sileo on 9News: Aurora City Council Identity Theft

,

By Kevin Torres, 9News

AURORA – Five of Aurora’s most powerful politicians found out how vulnerable they truly are. They’ve joined a long list of people who have fallen victim to identity theft.

The city councilors thought they were alone, until they heard from their colleagues at a council meeting.

“It was kind of a relief when I found it was a council thing and not me personally,” said Councilor Molly Markert.

Markert and four other councilors received bills for items they never even purchased, including electronic devices.

If there was ever an expert on identity theft, John Sileo would certainly be high on the list.

He’s written a few books on the issue and even does work for the Department of Defense and Homeland Security.

Sileo says the thief or thieves likely cracked the councilors’ codes by one of two ways.

“It’s either an inside job which is someone got paid to funnel information out, or, the second way is their systems were hacked in to, it’s also very common,” Sileo said.

Read the full Aurora City Council Identity Theft Story.

 

John Sileo is America’s leading keynote speaker on identity theft, social media privacy and trust building. His clients include the Department of Defense, Homeland Security, the FDIC, Pfizer and organizations of all sizes. Learn more at ThinkLikeASpy.com.

Identity Theft Expert John Sileo on 60 Minutes

, , ,

During a recent 60 Minutes interview, I was asked off camera to name the Achilles’ heel of an entire country’s data security perspective; what exactly were the country’s greatest weaknesses. The country happened to be New Zealand, a forward-thinking nation smart enough to take preventative steps to avoid the identity theft problems we face in the States. The question was revealing, as was the metaphor they applied to the discussion.

Achilles, an ancient Greek superhero — half human, half god — was in the business of war. His only human quality (and therefore his only exploitable weakness) was his heel, which when pierced by a Trojan arrow brought Achilles to the ground, defeated. From this Greek myth, the Achilles’ Heel has come to symbolize a deadly weakness in spite of overall strength; a weakness that can potentially lead to downfall. As I formulated my thoughts in regard to New Zealand, I realized that the same weaknesses are almost universal — applying equally well to nations, corporations and individuals.

For starters, let’s assume your business is strong, maybe even profitable in these tough economic times. In the spirit of Sun Tzu and The Art of War, you’ve dug in your forces, preparing for a lengthy battle: you’ve reduced costs, maximized your workforce, and focused on your most profitable strategies. As your competitors suffocate under market pressure, you breathe stronger as a result of the exercise. But like Achilles, your survival through adversity blinds you and even conditions you to ignore pending threats. You begin to think that your overall strength translates into an absence of weaknesses; and in general, you might be right. But Achilles didn’t die because of his overall strength, which was significant; he died because he ignored critical details. What details are you and your company ignoring?

Information, like Achilles himself, is power. And maintaining control and ownership of your information is quite possibly the most threatening Achilles’ heel any data-reliant business faces. Companies that don’t actively take control of their data are prime targets for identity theft, social engineering, data breach, corporate espionage, and social media exploitation. Regardless of your title, you have a great deal to learn from Achilles’ mistakes, and a significant opportunity to protect your own corporate heel.

Achilles 3 Fatal Mistakes and How to Avoid Them

Admit Your Vulnerabilities. Achilles forgot that he was human, failing to take inventory of his weakness in spite of superior strength. Though his faults were limited — a small tendon at the base of his foot — his failure to protect himself in the right spots proved fatal. When protecting data, it is imperative to understand that your greatest vulnerabilities lie with the people inside of your company. No matter how secure your computer systems, no matter how much physical security you deploy, humans will always be your weakest link. The more technological security you implement, the quicker data thieves will be to attempt to socially engineer those inside your company (or pose as an insider) to capture your data. Admitting vulnerabilities doesn’t have to be a public, embarrassing act. It can be as simple as a quiet conversation with yourself and key players about where your business is ignoring risk.

The three greatest human vulnerabilities tend to be: 1. Unawareness of the risks posed by data loss, 2. Lack of emotional connection to the importance of data privacy (personally in professionally) and it’s affect on profitability, and 3. Misunderstanding that in a world where information is power, it’s no longer about whom you trust, but how you trust. These symptoms suggest that your privacy training has either been non-existent or dry, overly technical, policy related and lacking a strong “what’s-in-it-for-me” link between the individuals in your organization and the data they protect every day.

If this is true inside of your business, rethink your training from this perspective: Your audience members (employees) are individuals with their own identity concerns, not just assets of the company who can be forced to follow a privacy policy that they don’t even pretend to understand. By tapping into their personal vulnerabilities regarding private information (protecting their own Social Security Number, etc.), you can develop a framework and a language for training them to protect sensitive corporate information. Like in martial arts, where you channel your opponent’s energy to your favor, use your employee’s humanness to your advantage. Pinpoint these vulnerabilities and shine the light of education on them.

Fight Prevention Paralysis. One of the most unfortunate and destructive character traits among humans is our hesitation to prevent problems. It is human nature to invest time to prevent tragedy only after we’ve experienced the pain that results from inaction. We hop on the treadmill and order from the healthy menu only after our heart screams for attention. We install a home security system only after we’ve been robbed. Pain motivates action, but the damage is usually done. You can bet that had he the chance to do it all over again, Achilles would slap a piece of armor around his heel (just like TJMAXX would encrypt their wireless networks and AT&T would secure their iPad data).

Prevention doesn’t get the proper attention because its connection to the bottom line is initially harder to see. You are, in essence, eliminating a cost to your business that doesn’t yet exist (the costs of a future data breach: restoring and monitoring customer credit, brand damage, stock depreciation, legal costs, etc.). This seems counterintuitive when you could be eliminating costs that already exist. But here is the flaw in that method of thinking: the cost of prevention is a tiny fraction of the cost of recovery. When you prevent disaster, you get a huge return on your investment (should a breach ever occur). Statistics say that a breach will occur inside of your organization, which means that by failing to invest in prevention you are consciously denying your organization a highly profitable investment. Why would you insure your business against low percentage risks (fire), but turn the other way when confronted with a risk that has already affected 80% of businesses (data breach) and has an almost guaranteed double digit ROI? It is your responsibility to demonstrate how the numbers work; spend small amounts of money preventing, or vast sums of time and money recovering.

Harden the Riskiest Targets. Once you have admitted to and cataloged your vulnerabilities and allocated the resources to protect them, it is time to focus on those solutions with the greatest return on your investment. A constant problem in business is knowing how to see clearly through information overexposure and pick the right projects. Just think of how much stronger Achilles would have been had he placed armor over his heel (which was human) rather than his chest (which was immortal). There is no financially responsible way to lower your risk to zero, so you have to make the right choices. Most businesses will gain the greatest security by focusing on the following targets first:

  1. Bulletproof Your People. Most fraud is still committed the old fashioned way – by manipulating trusting, unsuspecting people inside of your organization. Train your people for what they are: the first line of defense against fraud. Begin by preventing identity theft among your staff and then bridge this personal knowledge into the world of professional data privacy.
  2. Protect Your Mobile Data. Laptops, smart phones and portable drives are the most common sources of severe data theft. The solution to this very powerful and ubiquitous form of computing is a quilt-work of security including password strengthening, data transport limitations,  access-level privileges, whole disk and wireless encryption, VPN and firewall configuration, physical locking and human decision making (e.g., don’t leave it unattended the next time you get coffee at your corporate conference).
  3. Prevent Insider Theft: Perform thorough background checks, reference verification and personality assessment to weed out dishonest employees before they join your organization. Implement an ongoing “honesty meter” for your employees that ensures they haven’t picked up bad or illegal habits since joining your company.
  4. Classify Your Data. Develop a system of classification that includes public, internal, confidential and top secret levels, along with secure destruction and storage guidelines.
  5. Anticipate the Clouds. Cloud computing (when you store your data on other people’s servers), is quickly becoming a major threat to the security of organizational data. Whether an employee is posting sensitive corporate info on their Facebook page (which Facebook has the right to distribute as they see fit) or you are storing customer data in a poorly protected, non-compliant server farm, you will ultimately be held responsible when that data is breached. You must be aware of who owns that data, today and in the future, when your storage company is bought out or goes bankrupt.

We have much to learn from the foresight of New Zealand; they are an excellent example of how organizations should defend their Achilles’ heel. To begin with, they have begun to acknowledge their vulnerabilities in advance of the problem (in fact, their chief vulnerability is that dangerous form of innocence that comes from having very few data theft issues, so far). In addition, they are taking steps to proactively prevent the expansion of identity theft and data breach in their domain (as evidenced by the corresponding educational story on 60 Minutes). Finally, they are targeting solutions that cost less and deliver more value. I was in New Zealand to instruct them on data security. Ironically, I gained as much knowledge on my area of expertise from them as I believe they did from me.

John Sileo speaks professionally on identity theft, data breach and social networking safety. His clients include the Department of Defense, the FDIC, FTC, Pfizer and the Federal Reserve Bank. Learn more about bringing him in to motivate your organization to better protect information assets.

Information Survival: Your Life Depends on It

,

I became a professional identity theft speaker because my business partner used my identity (and my business’s impeccable 40-year reputation) to embezzle more than a quarter million dollars from our best, most trusting customers. Thanks to drawn-out criminal trials and a seriously impaired lack of attention to my business, I suddenly found myself without a profession.

So I wrote a book about my mistakes, and with a little luck, it led to a speaking career based in first-hand experiences with data theft. The formula works – sharing my failure to protect sensitive information and losing just about everything as a result – my wealth, my business, my job and nearly my family – is a powerful motivator for audiences, both as individuals and professionals. People only understand and act upon the corrosive nature of this crime when they can taste it’s bitterness for themselves. My goal has always been to provide a safe and effective appetizer of data theft that convinces audiences to feed on prevention rather than recovery.

But I’ve realized through my contact with exceptionally smart people, from the Pentagon and Department of Homeland Security to Fortune 500 executives and privacy experts, that identity theft (and it’s close business relative, data breach), are just symptoms of a larger movement undermining personal lives and profit margins on a daily basis —  a movement that demands we be trained in the art of information survival.

What is Information Survival?

We are bombarded by information, 24 hours a day –  24/7 news, email, Facebook, Twitter, LinkedIn, YouTube, texting, instant messaging, voice mail, cell phones – and the mobile revolution means that we have access at all times of the day, every where we go. Confronted by so much data, we are often forced to process it instantly, relying on shortcuts and bad data along the way to make rapid decisions at digital speeds. And when we make rapid decisions, we often make mistakes.

Recently, Tyler Clementi, a student at Rutgers University, witnessed the cruel speed and ubiquity of information when his room mates posted a YouTube video of him having what he believed was a private sexual encounter in his dorm room. Humiliated, Tyler made a rushed decision to throw his young life over the George Washington bridge. His is the cruelest failure of information survival because Tyler never had a chance to control the information, the video, that would destroy him. Thankfully, we can teach other youngsters how to control what information they can control, and how to survive the rest.

Best selling author, Larry Winget, put it well in a post on my Facebook wall last week:

I agree that teaching our children not to bully others is an issue that must be addressed – but teaching our children not to be victims of bullies is more important. — Larry Winget (emphasis mine)

Information survival is the skill set that allows each of us to weather the downsides of a data-driven economy, to thrive in a knowledge-is-power world without stooping to use information as a weapon, like Tyler’s roommates did. Information survival is part data control, part self-esteem.

When we consciously withhold certain information from our Facebook profile (date of birth, hometown, current location), we are engaging in information survival. When the United States forms a task force to defend our power plants, stock markets, banks, air traffic control, water supply and phone connections against cyber attack, we are acknowledging the power of information, and the imperative of survival training. The company employee who refuses to transmit sensitive data on an unprotected wireless connection in a cafe, the executive who leads by example while instilling a culture of privacy in his corporation, the college student who understands the destructive power of their next post — these are all examples of information survival in action.

Don’t wait to train your people on information survival – whether they are your kids, your employees, or yourself.

John Sileo is a professional speaker on information survival, social media exposure, identity theft and cyber crime for the Department of Defense, Fortune 1000 companies and any organization that wants to protect the profitability of their private information. Contact him directly on 800.258.8076 or visit his speaker’s website at www.ThinkLikeASpy.com.

Identity is a National (Security) Asset

“It lies at the core of a great deal of what we do protecting our financial security, our personal security, and our reputational security,” Chertoff said. “And what I’m referring to is how we manage and protect our personal identities because I’m going to submit to you that in the 21st Century, the most important asset that we have to protect as individuals and as part of our nation is the control of our identity, who we are, how we identify ourselves, whether other people are permitted to masquerade and pretend to be us, and thereby damage our livelihood, damage our assets, damage our reputation, damage our standing in our community.”               — Michael Chertoff

Identity Theft Speaker

Some readers might not know that I was a two-time victim of identity theft for losses of more than $300,000. That is the reason I wrote Stolen Lives and that I am now a professional identity theft speaker. I don’t promote my services any more than necessary on my blog (I leave that to my commercial website which deals with my profession as an identity theft speaker and expert). Quite often, however, I have blog readers requesting to see a preview video of my speaking. To satisfy that request, I’ll post a copy of my identity theft speaker preview video below. By the way, I learned the value of linking my YouTube videos, my blog and my website from an amazing SEO guy named Steve Mertz. Check out his SEO advice.

John Sileo
Keynote Speaker

Identity Theft Prevention in a Hotel

, ,

I just finished giving an identity theft prevention and data privacy speech for Pfizer and one of the questions I received was how to protect your laptop, passports, client files, etc. when you leave them behind in your hotel room. I’ve blogged on this before, but thought that I would post a quick video reminder on protecting your identity in a hotel room. We are at such a greater risk of identity theft when we are traveling that it is worth taking a second look at your habits.

For more tips of this type, please visit my YouTube Identity Theft Expert Video Channel at www.YouTube.com/JohnSileo. It is relatively new, but my office is working diligently to add content every week. Some people like to read, some like to watch, so I will continue to add blogs of both types. Travel wisely this summer.

John Sileo
Motivational Identity Theft Speaker