Fraud

Has A Hacker Victimized You?

December 14, 2017 By Twila VanLeer

“Pwned.” Strange word that you won’t find in an English dictionary, but one that has affected people all over the world. It’s the coined word used to identify a person whose personal information has been breached when a corporate data base is hacked. Gamers recognize it as meaning “utterly defeated.”

We hear about it a lot these days. Large retailers and other companies have been attacked by hackers, compromising the data of millions of customers. Even Equifax, the credit rating company, was not immune. A breach of its data gave fraudsters millions of names to work with. The list of other well-known companies that have lost data has become long. The thieves have a hey day using the personal data for their own purposes.

Are you one of them and how can you find out?

An Australian named Troy Hunt may be able to tell you. He has accumulated some 4.8 billion pieces of hacked data and he uses it to help ordinary people determine if they have had their personal data lifted. His website, Have I Been Pwned?, has been in operation since 2013. It’s free.

Hunt has become a specialist regarding big breaches and has exposed some hack jobs before the victim companies have been aware themselves. He used to be a software architect at Pfizer, the pharmaceutical giant, but quit to work as an independent information security consultant and instructor.

The U.S. Congress recently availed itself of his expertise when he testified before that body, which has become increasingly concerned at the number of their constituents who have been victimized. He had to buy a new suit and tie (and visit a website to find out how to tie the tie.) His usual garb is beachwear or jeans — what the well-dressed Aussie wears while working on the beach.

The problem is serious. So much personal data has been breached that traditional methods for verifying identity, such as user names, passwords and/or knowledge-based questions, have become less reliable.

Hunt’s relentless search for hacked information has put him ahead of the game in several instances. He has made it harder for big companies that have been hacked to hide the fact. Uber, for instance, had failed to publicize a breach that put 57 million bits of information on passengers and drivers into the hands of fraudsters. On the other hand, when he advised Imgur, a photo-sharing corporation, that they had been hacked, they made the information public within a day.

People using his site to determine the status of their information can search Hunt’s website on their email address. Some 1.7 million people also have subscribed to alerts that sound when their data pops up in newly discovered breaches.

Add a Selfie To Your Credit Card Application

November 4, 2017 By Twila VanLeer

Add Selfie to Identification — Banks and other financial companies are likely to see the advantages of biometric identification and offer it as another safeguard for customers

The ubiquitous selfie may find yet another niche in the area of personal finances. Your bank may request one when approving a purchase or considering a credit card application.

Visa Inc., a payment processing giant, is launching a platform that will allow banks to use various forms of biometrics such as fingerprints, face recognition, voice, etc., that will provide positive identification.

In its simplest form, a bank may ask for a selfie and a picture of a current driver’s license or passport as backup. The technology will compare the photos for facial similarities and the validity of the supporting license or passport, all within seconds.

Selfies also could come into the picture with online shopping. Chipped credit and debit cards have made some inroads into fraud in retail shopping, but protecting online shoppers still is a concern. One in six potential transactions is declined because of suspicious activity.

Banks routinely autodial a customer when there is a question. The new technology would allow the customer to use Apple’s Touch ID or other fingerprint recognition technology or provide a selfie to verify the transaction.

Visa Inc. officials believe that soon customers can choose among a variety of authentication methods, whichever technology suits them.

The recent breach of data at Equifax, a huge credit bureau, with millions of bits of personal data stolen, has been impetus for more serious thinking about how such information can be protected.

It is harder to mimic a person’s face, fingerprint or voice, the innovators say. Passwords that have been common methods of protecting information have flaws that make them vulnerable because few people change them frequently enough or make them complex enough to avoid fraud. If they use the same password for more than one purpose, a breach at one site will put other locations at risk.

It is likely that the technology will be initially used in larger financial institutions. It took two years for chip technology to integrate itself into financial transactions. But ultimately, banks and other financial companies are likely to see the advantages of biometric identification and offer it as another safeguard for customers.

Has Your Identity Has Been Stolen

October 29, 2017 By Twila VanLeer

Identity Theft — Learn how you can know that you are safe from identity theft.

With data breaches at large retailers and the Equifax credit rating company, it’s easy to feel jittery about how secure your personal finances may be. The highly publicized instances gave hackers access to the personal data of millions of Americans. So how do you know if your information is being used without your knowledge?

Unfortunately, it may be years before it is apparent that your ID is compromised. And the longer it goes unnoticed, the longer the crooks have to misuse your name, Social Security Number and other personal information for their own purposes.

Look for these signs:

If you get strange bills or statements that you can’t immediately identify, it may be the first signs of identity theft. Always open your mail even if it looks unimportant. An unfamiliar service provider or credit account may be your first clue. What you first think is junk mail may be a bill for services or goods you have no knowledge of.

On the other hand, be aware if there are irregularities in the bills you ordinarily receive. It may be that a criminal has changed the address on the account to help him or her to establish other accounts. If your expected regular mail stops, it is a sign that a change of address request has been filed to facilitate the crook’s use of your identity.

Odd charges on credit card or banking accounts are a signal that your information is being used by someone else. Credit card companies try to alert customers to unusual activity, but they can’t catch all of it. The fraud may start out small as the thief tests to see if the card is active. Some of the scammers keep their charges small to prolong the time before they are discovered and steps taken to halt them.

If you are denied money by an ATM, turned down for a loan or advised that your health insurance is being denied because you are over the annual limit, take immediate steps. Even if you think you are talking with someone who has a legitimate concern in your financial matters, never share a PIN by phone. Caller ID numbers can be spoofed.

If creditors and collection agencies start calling about late or missed payments, don’t shrug the calls off as errors. Get on the chase at once.

If you were expecting a tax refund or if the IRS notifies you that you filed two tax returns, that is a red flag. The Department of Justice knows that thieves have stolen billions of dollars from the U.S. Treasury by filing bogus tax returns using stolen identities. Verify that a caller asking questions about your taxes is a bona fide representative of the IRS before divulging any information.
You can get a free copy of your credit report if you are suspicious of activities surrounding your finances. If the report shows accounts with which you are not familiar, it’s time to start down the long and winding road to resolution of the theft of your identity. You should routinely check your credit report even if you have no reason to think your information is being used by someone else.

Equifax Fallout Begins

October 26, 2017 By Twila VanLeer

People who froze their credit to minimize financial damage in the wake of the hack of credit reporter Equifax are now realizing what that means.

The problem is massive. Equifax reported that 143 million Americans had their information, including Social Security numbers and other personal data, exposed in the hack. The company’s CEO resigned in the wake of the credit disaster and Congress is discussing how another such disaster might be avoided.

The aftermath is becoming apparent as people who reacted by freezing their credit try to buy things such as the new iPhone that is in high demand or other big-ticket items.

It is possible to unfreeze your credit if you are anticipating a large purchase and then freezing it again afterward. But that may take time and your credit is vulnerable during the interim.

Experts advise that you let the major credit bureau know several hours or at most several days before you apply for financing. The three bureaus are TransUnion, Experian and Equifax. You will likely be charged $3 to $10 for each action at each of the three bureaus.

Sellers, such as Apple and other wireless carriers, often asked for a credit report before they approve the sale of a new phone. The costs and the hassle of unfreezing and refreezing your credit information may make the acquisition of a new super-phone – or any other costly item – more trouble than it is worth to the consumer.

Citizens Financial Group of Providence, R.I., which runs the Apple financing program, has already announced that it will not new or existing customers who have frozen their credit, at least temporarily. Sprint, Verizon, 4:58 PM-Mobile and AT&T also run credit checks with the three credit agencies. Their policies vary, but it is one of the indications that the Equifax hack will affect the buying practices of many Americans.

Congress Reluctant To Fix Data Leaks

October 25, 2017 By Twila VanLeer

With the country reeling from the effects of the Equifax data breach, which gave hackers access to personal information of an estimated 43 million Americans, Congress still seems wary of regulations to try to prevent further episodes of the sort.

In fact, under the leadership of President Trump, Congress has been repealing the new bank laws passed after the 2008 recession that resulted in an economic crisis. More than a dozen of the Obama-era laws, designed to prevent future meltdowns have been repealed.

Very serious hacking incidents at businesses such as Target, Yahoo, Neiman Marcus and Home Depot also have failed to move Congress to action. The argument is that too much regulation in the business arena could stifle economic growth.

Consumer watchdogs such as Consumer Reports have said they can’t imagine what would have to happen to have the federal lawmakers take steps that might impose tougher data security regulations. The advocacy groups are lobbying for such measures. They hope for higher standards for companies that store personal information of customers and for immediate notification to those customers when breaches occur.

Republicans in both houses of Congress say they are gathering facts and that the issues will be on their agendas in October. Democrats are watching to see what will happen and some are calling for measures that will protect Americans from further thievery of their private information.

Among proposals being tossed about is a bill that would require a credit reporting company to immediately inform all affected consumers in the event of a data breach and to freeze the affected accounts without charge. A freeze is the most effective move a consumer can make to prevent the illegal use of the information that has been hacked, but it complicates personal financial decisions.