Heard it from a friend who
Heard it from a friend who
Heard it from another you been messin’ around
-Gary Richrath, Guitarist REO Speedwagon
My first indication that something was wrong started with a text message from my daughter asking me, “Why are you sending me a Facebook Friend Request. She told me she had received one “just a few minutes ago” and she wanted to know “Why did you do that?” (We had been friends on Facebook for over a year now.) When I confirmed that I wasn’t on Facebook today she said, “I think someone has stolen your identity and you need to change your password!” It only took a few more minutes to hear from another five of my Facebook friends that they had been approached in the same way. I immediately posted a message on my account that I was not sending out friend requests and if you received one, it wasn’t from me. A few minutes later, I heard from an old college classmate who had accepted the friend request and had been chatting with “me” for nearly a half hour. He was more than confused, that now he had two “Clarence’s” talking to him! I’m a victim of thetype of identity theft the FBI refers toas Social Engineering – I call it “Fraud Gets Personal”.
Basically, your personal information is used to build a fake identity, utilizing information that is available from public sources. A quick Google search reveals basic information about a victim’s identity and a follow-up visit to multiple social networking sites supplies more than enough information to convince your friends and acquaintances that the new clone is valid. Once the new identity is completed, your friends and relatives (listed on those same social networking sites) are contacted through message boards, chat requests and blanket emails with a plausible reason that money was needed immediately. Since the personal information available, an accomplished thief can convince even the closest of relatives and friends that you are in trouble and they need to help. (Other variations of the pitch could involve “no risk” and “only need a minimum investment”, ways to make money) Because I was notified early in the scam by my daughter, I was able to react quickly and post a warning on Facebook that my identity appeared to have been stolen. I warned that “any posting, friend request or chat invitation from my name should be suspect”. My daughter was able to observe the deception first because the new page was “Blocked” by the scammer, so it was invisible to me on Facebook. Everyone else could see the new account but me.
The only way I was able to gain access was to have my daughter log into her account and search for the new “Clarence”. With my daughter’s help we were able to view the new account’s “Timeline”. (The Facebook timeline verifies that the account had just been created, while my real timeline showed a history going back a number of years.) With the face account now visible we were able to report it to Facebook as a fake. Within minutes Facebook reacted and closed the bogus account. While this cyber security breach ended quickly, with no known financial losses (hopefully), the lost “Friends” who decided that my Facebook relationship was not worth the risk and the consternation it caused to others, wounded me.
Identity fraud is not new
Regrettably, this was actually my third encounter with stolen identities. On two other occasions, scammers used banking account information to pass forged checks as my wife or me. The first occasion involved a young relative who found some of my old check blanks from a closed account and decided that it was an easy way to get some quick cash. (A low tech but effective way to commit fraud) Luckily an alert cashier, who happened to know me, thwarted the attempt and alerted me. A quick call to my cousin yielded swift results. The offending youngster’s life of crime came to a screeching halt, complemented by a quick trip to my apartment to offer an apology. While it may seem shocking that a relative would be involved with fraud, numerous studies show that up to 30% of these occurrences are perpetrated by relatives or close friends.
The second occasion was much different. My wife and I were shopping at a large department store. When we gave the clerk a personal check to cover our purchases and a warning flashed rejecting the payment type. Figuring that it was a bank error, we offered our debit card, which in turn was rejected. Finally, we were able to complete the purchase by putting it on a credit card. Feeling embarrassed about having our check rejected in front of a group of strangers, we asked for an explanation of why it had happened. The clerk provided us with an “800” number where we could call and get answers. We discovered that our accounts were frozen due to fraudulent activity, and the bank demanded payment for checks that had been passed hundreds of miles away at other stores. When we stated that it was fraudulent activity, we learned of the stark reality of collection industry’s stance of “presumed guilty”. We learned that check verification services are a huge specialized business. These companies (which you’ve probably never heard of) work with retailers to facilitate the transfer of payments. If their system detects fraud (using a variety of methods), an alert is issued, letting all retailers using that system block any further attempts to swindle. These companies have a lot of power and can act with little restraint. They are not subject to state regulations and are not specifically administrated by a single branch of government, meaning they basically have no oversight. We suffered through months of having our checking accounts frozen and literally hundreds of phone calls from the collection department demanding payments. This was followed by multiple certified letters from the same company seeking all sorts of fines for “bounced” checks. We tried to live our life without the use of debit or checking accounts and we learned to live on cash alone. The one thing these three identity fraud events had in common was that we were left on our own to clean up the messes. I learned that with fraud, no one is on your side. You are on your own when it comes to repairing the damage. While police departments, company help lines, insurance companies and verification services are great at investigating theft, stopping crime, and reimbursing (monetary) damages – it is up to you to repair your reputation.
Identity Insurance to the Rescue?
Some insurance companies offer a product that claims to mitigate the damage inflicted by identity theft. According to the National Association of Insurance Commissioners (NAIC) “Identity theft insurance cannot protect you from becoming a victim of identity theft and does not cover direct monetary losses incurred as result of identity theft.” What the coverage does do, is provide coverage for the cost of reclaiming your financial identity: phone calls, copying expenses, postage and lost wages due to taking time off from work without pay. Some policies will also assist in pre-approved attorney fees. Before you purchase one of these policies, be sure to read the fine print. Some policies severely restrict the limit of the total claim. The most common policies have limited losses paid to policy holders to between $10,000 and $15,000. Besides the limited payouts, there is often a deductible: the amount you would have to pay out of your pocket before the insurance company becomes involved. Typically this amount would be between $100 – $500. If you decide to purchase identity protection, make sure you are dealing with a company and an agent that is licensed to sell the product in your individual state. Each state has specific rules and regulations regarding the terms and sale of insurance products, Don’t complication your loss by adding the risk of insurance fraud.
Avoidance is the Key!
There are many ways a criminal can duplicate you identity, but in most cases they will need some key information to put you in danger. For example, they may figure out how to access your online banking service. Then, they can begin taking money from your debit card account. To avoid becoming a target, guard the following information closely: Identification numbers: Social Security, Driver’s License, Credit Card, Savings and Checking Accounts or any form of Government ID Personal Information: Birthdates, Family Names, Addresses Remember a banking institution is not going to call you up and ask for your account information. They will not ask you to verify passwords. If they need that information, they will have it and most certainly would not call you to verify it. When working online, be sure to access websites directly. Be wary of links to financial institutions that are not secure (or begin with “https” indicating a secure link) No banking organization or government agency is going to have an email address from a free email service. If you receive a request for information from an account like InternalRevenueService@gmail.com or FederalBusiness@yahoo.com, you are right to suspect its origins. Similarly, do not assume highlighted hyperlinks lead to the same place described in the text. For example, even though the following text refers to Google.com the link is directed to Yahoo instead. Web addresses are easily modified in hyperlinks. Identity thieves employ many methods to obtain your information, including malware. These troublesome programs are sometimes installed by clicking on unsecured links or when bundled with other programs. These programs may present themselves as optional toolbars, dialers, adware or spyware. Toolbars are programs and add-ons to programs that you might already have on your computer. These might include additional programs for Internet Explorer, MS Word, Google, or Yahoo. While they may promise additional functions, they may also include computer code designed to send your personal information to networks of identity thieves. Dialers are less prevalent now that most computers are connected to the internet through network or Wi-Fi connections rather than dial-up phone lines. Adware is any unwanted advertisement placed to pop-up on your computer or are embedded in programs. They can show up while surfing the internet, listening to music, or while writing a document. In some cases, these ads become so prevalent they can actually slow your computer speed. Spyware can come from a variety of sources. They may infect your system while you surf the web, read emails, download documents, or share files. Once loaded on your machine, they can move your private information from your computer to websites located throughout the world. Once this information (such as the content of your contact list, login names or passwords) is in the hands of these internet thieves, it can be sold to spammers or used in conjunction with stored credit card numbers to make illicit purchases. Anti-virus software can help protect your computer from these threats, but your best bet is to use a dedicated anti-malware program and remain vigilant when adding or using programs that promise additional functionality.
Repairing the damage done
The first step to repairing the damage of identity theft is to notify any related businesses. Once that is done, move on to inspecting your credit report from the credit bureaus. (Credit bureaus or consumer reporting agency are companies that collect private consumer information and then provide that information to companies for a variety of reasons, including the prediction of an applicant’s expected loan performance.) Order copies from each of the major credit bureaus: TransUnion: http://www.transunion.com/personal-credit/credit-management.page Expirian: http://www.experian.com/global-credit-bureau/credit-bureau-operations.html Equifax: http://www.equifax.com/home/en_us Verify that all your information is correct including lists of employers, phone numbers, and addresses. If you see any errors on the reports or debts that you didn’t incur, contact the fraud divisions of any of these companies to report the errors. Keep a log of people you speak with, conversations or communications you have with these companies, and keep any written records you might obtain.
The government has a number of websites that contains a lot of helpful information on privacy and identity theft including:
- The Federal Trade Commission (FTC): http://www.consumer.ftc.gov/topics/privacy-identity
- The US Department of Justice: http://www.justice.gov/criminal/fraud/websites/idtheft.html
- Social Security Administration: http://ssa-custhelp.ssa.gov/app/answers/list/c/16,35/search/1
- Internal Revenue Service: http://www.irs.gov/uac/Identity-Protection
- 2007 Presidential Taskforce on Identity Theft: http://www.idtheft.gov/
Keep in mind that commercial credit reporting and scoring bureaus also are employed by companies that evaluate commercial business loan performance. Some of these are:
- Paydex: http://www.dnb.com/company/our-data/risk-management-tools-dnb-ratings/rating-paydex-and-score-tables.html
- Experian Intelliscore: http://www.experian.com/business-information/credit-risk-management.html
- NACM National Trade Credit Report: http://www.nacm.org/business-credit-reports.html
Protect your entire family
While your personal identity theft is always a concern, keep in mind that your children can also be targets for thieves. Because children’s credit histories are not normally monitored, they make desirable target for scammers because often the crime isn’t discovered until years later. Identity theft problems can appear when: opening a child’s saving account, applying for a driver’s license, or when applying for employment. A worst case scenario could involve your child’s arrest for someone else’s illegal activity. In cases involving a minor, the parents will have to act on the victim’s behalf to resolve the problem. Immediately report the incident to the police. You may want to involve a family law attorney if a family member is the cause of the crime.
But don’t fall victim to identity theft fears
While identity theft is a real concern, services offered by some identity theft experts can cross the line into their own type of fraud. Many of these credit services use fear as their main sales tool. According to the U.S. Department of Justice, most cases of credit card theft are limited to $50 if reported within two days of when a consumer learns about it. Also many credit card service provide free credit protection as an additional service. In most cases the best defense against identity theft is your own vigilance. Yearly monitoring of credit bureau reports and careful examination of all monthly credit card and banking statements are vital in mounting your identity defense. Your watchful eye can yield as much protection as the high priced credit protection services.
Taking Charge (Federal Trade Commission Document) – http://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf Identity Theft Assistance Information (ITAC, the Identity Theft Assistance Center) – http://www.identitytheftassistance.org/pageview.php?cateid=47 Protecting Yourself from Identity Theft (IRS) – http://www.irs.gov/uac/Protect-Yourself-from-Identity-Theft-1 Scams & Safety (The FBI Federal Bureau of Investigation) – http://www.fbi.gov/scams-safety Debunking the hype over ID theft (Consumer Reports) – http://www.consumerreports.org/cro/2012/02/debunking-the-hype-over-id-theft/index.htm
While the majority of people want an agent involved in their purchase of insurance, many people want to see if they can save money by buying direct from the insurance company. Others want to try a direct quote to make sure the premium they’re now paying through their local agent is fair. If you want a quote for your coverage, click on the competitive quote button on the right side of this page.