ID Theft - Merchants Information Solutions, Inc.

If it can happen to the U.S. Government...

noreply@blogger.com (J. Crismon) — Wed, 21 Dec 2011 21:36:00 +0000

Ever wonder what could possibly happen if you click on a link within an email you receive from an unknown and untrusted source? The U.S. Chamber of Commerce found out the hard way, many years after the fact. Read details about the spearphishing attack here.

It seems that an employee of this government branch was the victim of a "spearphishing" email back in 2009. "Spearphishing" is when an email is sent to a specific individual, rather than a general "phishing" email which casts a wide net to any user. The desired result of opening the email is that the user can be duped into clicking links or downloading spyware which is then used to gather personal information, such as passwords or bank account numbers. This employee either clicked a link within the email, or opened a document which did contain spyware and gave the hackers access to the servers.

Over the course of the next year, Chinese hackers were able to collect passwords which granted administrative rights. This then allowed the hackers to place additional software code, known as a "backdoor", onto the U.S. Chamber of Commerce's servers. This code would then allow the hackers to steal data.

The lesson here? If it's this easy to dupe a government employee into opening a document or clicking a link within an email, you, as a private citizen can be just as easily deceived into putting your own organization or your own personal information at risk. Anti-virus protection remains a must, even more so now than ever before. These types of attacks are becoming increasingly popular. ID thieves will stop at nothing to get any type of information they can use to commit fraud at any level.

The next time you receive an email from an untrusted source that wants you to click a link or open a document, "just say no." You have plenty of other junk mail to read.

Busted in a Medical Gown

noreply@blogger.com (J. Crismon) — Tue, 04 Oct 2011 21:27:00 +0000

Talk about getting caught with your pants down! A recent article in the Sacremento Bee highlights the humbling arrest of a Bay Area woman who stole the identities of several employees from one company that she obtained while working as a benefits clerk for Service Employees International Union-United Healthcare Workers office. She went on several spending sprees and was even arrested once, but managed to get out on bail, only to rack up thousands more in stolen property. She even racked up $300,000 in one person's name.

What eventually led to the arrest of this individual was the $12,000 payment for a liposuction appointment using a credit card she opened in the name of one of these employees. Authorities were able to catch up with the identity thief while she was in a surgical gown waiting to have the liposuction. That walk to the police car must have been a bit drafty! Probably not the best outfit for a mugshot either. Nevertheless, she was sentenced to 12 years and 4 months in prison. Meanwhile, other victims are just now beginning to feel the results of this individual's actions and coming forth.

I hope that restitution is forthcoming for the remainder of her victims. It seems to me that some justice must be served for those victims who have yet to be identified or notified that something is wrong with their credit or unexplained bills, etc.

Identity Theft - An Inside Job

noreply@blogger.com (J. Crismon) — Tue, 04 Oct 2011 17:36:00 +0000

Identity theft is quite often an inside job. That is to say, that when a data breach or identity theft event occurs, it is often not the result of a hacker breaking into a secure data system and stealing sensitive information. Rather, the threat comes from employees (disgruntled or otherwise) within the company who have access to sensitive information and have a motive to steal that information to use for their own nefarious purposes. This type of threat is not merely limited to large corporations and does not always involve data. Inside jobs can happen at the smallest of companies and often involve the theft of money, products or company belongings.  Even our public schools are not immune to inside jobs.

An article in The Daily Stamford I read today illustrates just this point. A teacher's aide apparently took the same "we need to learn to share" idea our parents try and impress upon us while we are young, just a little too far. She helped herself to the purse of the teacher to whom she was providing aide and managed to take the cash and a credit card when the teacher was not looking.  Share and share alike! She then decided to pay a cellphone bill and then do some online shopping.

Luckily, the observant teacher noted the disappearance of her items and alerted the authorities, also noting that only herself and the aide would have had access to her purse at the school where the items seemed to have disappeared. It didn't take authorities long to trace the online purchases to the aide, the prime suspect, who was then promptly arrested, though not before she racked up $700 in online purchases at Victoria's Secret.

So does this story illustrate that we should not trust our co-workers? Hardly.  It merely points out that there will always be some bad apples out there, so keep your eyes open. Although you'd like to trust those you work closely with, you should still exercise caution and develop some habits of your own to secure your belongings and Personally Identifiable Information (PII) while at work. Here are just a few simple and helpful suggestions. Had this teacher applied just some of these, this inside job could have been avoided.

When it comes to your purse or wallet, leave these items either locked up or in your pocket when possible and out of the site or reach of those with prying eyes, and hands.
If you have a lockable drawer in your desk, use that to secure your belongings and keep it locked at all times.
If you have an office and need to leave for whatever reason, lock the door when you leave for any length of time.
Lock your computer with a secure password when you step away from it for any period of time. Your email and other digital files may provide that sensitive information someone can use to open up new credit accounts and steal your identity, leaving you with damaged credit and hefty bills to pay.

An ounce of prevention is worth a pound of cure.

Identity Thieves -- A Family Affair

noreply@blogger.com (Jaycee Fox) — Thu, 13 May 2010 02:30:00 +0000

Remember Bonnie and Clyde? They weren’t family exactly but they were a couple, young and unmarried, with a scandalous reputation on many levels. Bonnie and Clyde were famous outlaws notorious for bank robberies and also killing nine policemen and several civilians. They were both killed in Lousiana by law officers at the ages of 23 and 25. Arthur Penn’s 1967 film made their reputation firm within the American pop folklore.

So that was the 1930’s. Today we still have the bank robbers but within our society we have other kinds of thieves. As our society has grown and progressed so have the different ways to steal. Yes there may be a slight risk that we could be held up at gunpoint at a bank, but do you know what our real risk is as an ordinary citizen? Having our identity stolen. I remember when I first heard that term, I imagined someone dressed up and masquerading as me -- perhaps donning a wig and driving my make of car. But it’s not even as sophisticated as that. Let’s look at a current story -- not even a famous one, but more an ordinary story that can happen everyday and to anyone whether you’re in your home, bank or local grocery story. So Bonnie and Clyde were kind of like family. What about mother and son? In Long Island back in March, a mother and son stole more than 60 identities. Their scheme was pretty simple: The mother, Tonia Cheeseman, worked at a doctor’s office where she would gain patient information from files and then Tonia and her son, Michael, would get credit cards in their victims’ names. They’ve been accused of stealing the identities of at least 63 people but these victims stretch far beyond the borders of Long Island, even as far as Florida. They’re both being held on bail for about $140,000 each. The most disturbing fact of our modern-day robbers is that they look like ordinary people -- no different to your neighbor next door. The Cheeseman’s neighbors even assumed they were nice innocent people.

What can we do? How can we know if we’re being duped? As sad as it is, a lot of thieves are well known to their victims. These kinds of thieves know our daily routine, they may have access to our financial information, and they even know such passwords as our mother’s maiden name. There are certain personality types you must be extra vigilant around:

Addicts who are sometimes desperate for money to get their next fix whether it be drugs, gambling or a number of other vices.

High living spenders whose job doesn’t match their lifestyle. They tend to rationalize and have little impulse control. They have to have the materials that go with the lifestyle, and they want it now.

Intrusive friends who are always asking questions that are none of their business -- especially financial questions. Beware if they claim they need your SSN to add you as a beneficiary to a policy etc.

A tarnished past of already stealing identities could be a vibrant red flag.

Watch your back with strangers who have access to your home and personal information. This could be when you have a party or your housekeeper’s son comes for a visit.

There are some signs to identify an identity thief, but as thieves have found different ways to rob us, we’ve found different ways to protect ourselves. We must be aware of the people in our life who have special access and then we must still be vigilant and even educate our children. Don’t ever give anyone else your credit card or PIN, always password protect your computer, and definitely lock up all important financial paperwork. If we do get duped -- and even if we don’t -- one way to protect ourselves is by subscribing to some kind of identity theft protection service. We may get tricked or fooled even when we know the signs and we’ve been extra cautious, but even after that we can protect ourselves by monitoring so we can catch these criminals before they cause years of damage to our lives and credit. Education and then putting into motion active protective measures is our way of catching the modern-day thieves.

Public Trust

noreply@blogger.com (Jaycee Fox) — Thu, 22 Apr 2010 03:37:00 +0000

Trust is fragile and powerful. Trust allows insecurity in life to be tolerable, changing our perspectives to view challenges as opportunities as opposed to threats. Time builds trust but yet trust can be shattered almost instantaneously. Human nature is a dichotomy of sorts, tugging us emotionally and rationally at the same time. Logically, we analyze and scrutinize the pros and cons and then decide whether someone deserves our trust. Emotionally, we feel it in our gut when we trust someone which seems to be the most common method and also the very reason why trust is so delicate.

In an organizational setting, trust is the driving strength. We only tend to acknowledge such a force when this cornerstone is missing. In a trustworthy organization, there is productivity, calmness, loyalty, teamwork, delegation, empowerment, and reciprocity. Compare it to a child. There’s a point in parenthood when we give our children our trust. If it’s used wisely, they grow and more responsibility is entrusted. If not, trust is removed and the quality of relationships may deteriorate. Walking through life, we observe. People can make promises emphatically but until their behavior matches their words, trust can be breached. We learn to listen half-heartedly, watching actions while ignoring images that are portrayed and expressions. We know the ones who keep their promises; those are the people we trust.

There are some professions who have gained a collective trust such as doctors or policemen. What about lawyers and politicians? Some professions have a steeper hill to climb to gain the public’s trust. Listen to me appeals aren’t enough. Trust needs to be rebuilt by professions through actions. Trust in politics, public service jobs, and business management is one of the most important issues today.

Public office is a public trust. Those who manage the government and run the various departments must be candid, accountable and loyal. It’s only then when they are worthy of the public’s trust. Public servants are entrusted to provide services that are efficient, dependable and free from dishonesty and misconduct. What are some of the locales that provide such services?

Those providers that are given a monopoly by the government: Bus and railway companies.

Public regulatory organizations within the financial and real estate sectors.

Organizations that spend and disburse public funds: Universities, hospitals.

Mass media Organizations: Television and broadcasting.

And any other organization that performs public service functions: Land development, charities etc.

Public service and administration needs to be recognized, stemming from the desire to care for others. We can be idealistic about our public servants but still we mustn’t be naïve. When trust is breached, no one wins. We can exercise our trust in those public servants, but yet we can still use preventative measures to protect ourselves. This isn't pessimism but more hope with a safety net.
Take the example of a retired clerk at the Department of Taxation. His breach of privacy earned him time in jail. He stole the identities of taxpayers, deceased family members and children where he wracked up credit card charges of over $200,000 and which ultimately gave him six months in jail and a bill of $220,000. Ultimately, he gained 90 credit cards from 20 banks using the fake ID’s he obtained using the stolen identities (Read the full story here).

We can hope that those organizations or employees that require our social security numbers are trustworthy -- after all in public services we have no choice -- but our safety net here,where we are in control, would be identity theft protection. The government’s safety net could be employee screening, teaching and promoting ethical behavior, and other similar methods. The moral of the story? Let’s be as cautious and trusting as we can be and must be, but let’s trust using wisdom. Life is not foolproof so there will always be outliers among the norm.

Hacking and Ways to Protect Ourselves

noreply@blogger.com (Jaycee Fox) — Tue, 23 Feb 2010 21:38:00 +0000

Hacking information from computers is a broad way of gaining information illegally. Some of us may not be familiar with the term hacker. A hacker is a computer expert who’s main goal is to find ways to break into other computer systems and gain information. They can then steal information and cause problems for the system. In today’s high tech world, these hackers are becoming more of a dangerous nuisance.

Recently the Wall Street Journal came out with a new article discussing the detection of a new hacking attack. A computer-security company discovered a breach of information in 2,411 companies and government agencies where large amounts of personal and corporate information were stolen, ranging from credit card transactions to databases and email account access. Apparently it had been a coordinated global hacking attack that had taken place over the past 18 months in both Europe and China. It’s still unclear how far the damage spreads. Sometimes these criminal groups have even stolen information of employees’ criminal involvement and used it for extortion. So how was this done? Spyware was used to control computers remotely. These attacks are not blocked by the standard antivirus software. Obviously, there are some weaknesses in the security of cyberspace (Read the full article here).

What lesson do we need to learn from this? Almost everyone uses a computer whether it’s to write emails or purchase products or store information. We need to understand how our machine or network can be attacked and then educate ourselves on how to best protect ourselves from these hackers. Here’s a little more information on how hackers can control computers remotely. There are scanner programs that ping IP addresses of networked systems to see if the system is running. Firewall software can show these repeated pings when reviewing the log. Weaknesses can be revealed through some of these scanning programs and hackers can spy on the information passing between the machines. These hackers can then use the internet to share lists of exposed IP addresses where there are security breaches. Sometimes the owner has no idea that this is occurring.

How can we protect ourselves?

Firewall. When hackers are probing to see which systems are up, a firewall will mask this so it appears as if your system is not up.

Antivirus Software, including anti Trojan software. A Trojan virus installs other software on your computer system. Run it every week so that you can detect any new viruses.

Anti-Spyware Software. Spyware installs on your computer without your knowledge. These software programs can track your activity and even cause pop-ups on your computer. Sometimes several anti-spyware software programs will have to be used to rid the variety of spyware programs out there.

Caution with Emails and use Passwords. Nowadays I routinely get emails from strangers claiming they’ve inherited a fortune and they really need my help in spending it. Don’t ever give personal information away to strangers in emails and never open email attachments with executable files unless you can trust the sender. There are always new upcoming scams when it comes to emails. But follow these two rules to protect yourself.

Routinely backup Important Material. This will protect you if you ever were to lose sensitive files, documents or photos.

Use Identity Theft Protection Services. This enables us to monitor our personal information -- credit scores, new accounts opened -- so in the worse-case scenario, if our information has been compromised, we will know immediately.

With the advance in technology, there are so many incredible benefits. You can send photos or letters thousands of miles away with the touch of a button. Information about any subject is at our fingertips, no longer requiring you to sift through countless books at the library or pulling the dusty encyclopedias from the shelves. As with any promising progression, there’s always the darker side. And in this computer-savvy modern society, they can come in the form of criminal hackers. Just use caution and the good guys will continue to find ways to protect us from the bad guys.

Important Financial Steps when a Loved One Dies

noreply@blogger.com (Jaycee Fox) — Wed, 27 Jan 2010 21:34:00 +0000

Identity thieves are becoming craftier. No longer do they merely steal from the living, but now they’re targeting even the dead. There’s a familiar saying don’t kick ‘em when they’re down. That’s exactly what these thieves are doing to the family of the deceased.

We’ve all dealt with death and depending on our connection to the deceased, the emotional stress varies. The emotional stress is what these thieves exploit when they take advantage of the delay when family members don’t immediately do the necessary paperwork. There are also bureaucratic delays and this lag is exactly what the thief needs to accomplish his goal. And on a side note, if financial institutions aren’t notified of the death then the accounts of the dead can stay active for up to 10 years.

So what do these thieves then do? They may search the obituaries in the newspapers or steal death certificates or they may even seek out the numerous websites that enable them to check the social security death index. Whatever the case, they could end up with a real social security number and a name that goes with it. Both the obituaries and the social security index will have information on the deceased. At this point they may either sell the information to other crooks or keep the information to apply for loans, access more credit and therefore make more money. There are some guidelines that we can follow as family members of the deceased to protect both ourselves and our loved one’s name.

When writing an obituary, don’t share unneeded information such as the date of birth or the address of the deceased.

Obtain at least 10 copies of the official birth certificate. This will provide the needed proof to the financial institutions, such as credit bureaus and banks and any other establishments, even the motor vehicle department.

Now with the official birth certificate, you can begin to personally notify stock brokers, banks, loan holders, mortgage companies, financial institutions, credit card companies and any other establishment where the deceased had an account. When notifying, include name and SSN of the deceased, last 5 years of addresses, including the last known, and the dates of birth and death. Any outstanding balances will have to be transferred and then close all accounts with a note that the account holder is deceased. This is added protection so that no new accounts will be opened in the deceased’s name. Keep copies of any communication with these businesses.

The death should be reported to all three credit bureaus as soon as possible. Put a deceased alert on the credit file. Request a credit report with any active joint accounts. These may potentially have to be closed. After about 2 months, request a copy of the credit report of the deceased person from all three credit bureaus. This will ensure that the death was reported on the credit file and no other transactions have occurred since then.

Contact the social security management and inform them about the death. Do this as soon as possible.

Contact the motor vehicles department, requesting the cancellation of the driver’s license.

Shred any important documents which hold the deceased person’s name such as utility bills, credit card bills, bank statements and any other similar papers.

Sadly though, these thieves aren’t only strangers but may be other family members. Take the recent case of a Utah County man, David Frank Pflegl. In 1987, David Frank Pfegl II was killed in a car crash in Canada at the age of 19. His father, the elder David Frank Pflegl, then used his son’s name to gain jobs, multiple licenses and even purchase a home. After a Utah investigation, Pflegl was arrested and booked in the Utah County Jail on suspicion of identity theft, communication fraud and forgery (Read the full story here).

When we’re grieving, the last thing we want to do is take care of such seemingly meaningless items of business. As hard as it may be, following these steps may prevent further pain caused by such shameless identity thieves.

Identity Theft Victims: Guilty until Proven Innocent

noreply@blogger.com (Jaycee Fox) — Tue, 05 Jan 2010 00:16:00 +0000

You'd think as a victim of identity theft, you'd have people bending over backwards to help you in your crisis. Just the opposite it seems, at least when it comes to creditors. The thieves can be idiots, even misspelling your name when signing as you, but you however have to be faultless, proving your innocence via your perfection. Because if not, those creditors will continue to harass, assuming you’re a lazy deadbeat and unwilling to pay your bills. Obviously the best scenario is to prevent such a situation: Take all the steps to protect your identity such as not carrying your social security card in your wallet, having a lock on your mailbox, using caution when using credit cards (ie. Stay with the card when paying at a restaurant), travel with limited credit cards -- even prepaid cards -- and be guarded when giving out personal information. Another crucial precaution is to routinely check your credit score and even better; be enrolled in an identity theft protection program. In this way, you'll be alerted when suspicious purchases are made on your credit card and if your credit score changes drastically and even if you've opened up new accounts. Being enrolled in such a program is the best prevention and also provides current information on identity theft resources. We need to be continually updated on the new scams as identity thieves are getting sneakier and more creative. There's even a recent trend of stealing children's identity, demonstrating that these crooks will stoop to any level.

Just before Christmas, a story came out in Spartanburg, South Carolina where a mother learned that someone was using the social security number of her deceased son. Imagine a Christmas present that consisted of the IRS sending you a letter informing you that someone had filed a tax return under your dead child's name. Ricki Escalante's son died at ten months from SIDS. Now it's up to Ricki to send as much information about her son to the IRS(Read the full story).

Social security numbers of children are valuable resources for thieves. Why? It is assumed parents don't check the credit reports of their children. Once again the best defense is to have your children's credit reports monitored and even place a freeze on their credit files. So with any newfound scam, monitoring is always the best way to secure your name and credit.

Identity Thief at Work

noreply@blogger.com (Jaycee Fox) — Fri, 13 Nov 2009 00:30:00 +0000

Identity theft is a societal problem and can occur in many places and by many means, including in the workplace. At work, it can happen by stealing vital information from employer's records. These records can be payroll and employment information and even customer lists. And those employees that can obtain these records can sometimes be at the very bottom of the totem pole.
Whether we're an individual working for a company or we are the company owner, we need to be aware of this growing trend and what we can do about it.On a large scale, if a big company is affected, it can result in negative publicity which would in turn affect sales, hiring and retention.

What can we, as an individual, do about this growing trend? We probably already know the obvious: shed documents with personal information, don't carry our social security card in our wallets, have locked mailboxes, and even monitor our credit reports. But the problem -- which seems to be beyond our control -- lies in crooks who obtain this information from businesses that have collected personal information for legitimate reasons and then they sell this information to more crooks that use it and steal our identity. And then with this new identity, thieves can open new credit card accounts, apply for loans, write bad checks, rent apartments and the list goes on. Individuals who have been educated on identity theft or who have had this occur in their life will scrutinize those companies that have their personal information. Because of the bad seeds, companies need to raise the bar both for their employees and clients.

So if we're looking at identity fraud from a business owner perspective, what can we do about it? Informed employees and clients know that their personal information is only as safe as the association protecting it. A solution would be to offer identity theft protection as a benefit, much like health insurance. This offer would be unique to the company, whether the company pays for part of it, all of it, or merely provides the information of how to obtain this protection. The key is in the offering so employees/clients are aware of their choices and can then make an educated decision whether to accept or decline. Too much cost, we may think. But actually, it can lower our costs whether the employee has coverage or not. With coverage, there will be less time spent in restoring their identity. Without coverage, our liability has changed. We've done all in our power to protect our employees by informing and offering. Well almost . . . There are still numerous ways where we must be proactive in protecting our employees and clients.

Perform background checks on employees who have access to personal information on other employees/clients, even temporary workers. And limit this access where we can.

Use employee identification numbers that are different to social security numbers to recognize employees on paychecks etc.

Shred confidential documents and have specific guidelines for all employees to adhere to.

Use passwords and encrypted codes when confidential files are stored on the computer.

Be vigilant in educating staff on identity theft.

The Bank of New York and its employees are a perfect example of a workplace where large scale identity fraud has occurred. Adeniyi Adeyemi, a computer technician employed by a contractor who worked for the Bank of New York, has been charged with allegedly stealing the identities of over 150 employees and then with these identities, stealing over a million dollars from non-profit groups and charities and the employees themselves. Adeyemi now faces up to 25 years in prison. He obtained his information from the Technology department, opening additional bank accounts with this information to receive the stolen money. This all occurred over a seven and a half year period. The Bank of New York spokesman says that they are fully cooperating, but I wonder what the long-term ramifications of this will be (Read the Wall Street Journal article here).

It's always best to be insightful. But having insight is useless unless we take action by protecting ourselves, our employees and our company with our eyes wide open.

Red Flag Enforcement Delayed Fourth Time (until June 1, 2010)

noreply@blogger.com (MGM) — Mon, 02 Nov 2009 15:18:00 +0000

The enforcement of the Red Flags rule under the Fair and Accurate Credit Transactions Act (FACTA) has been delayed again for the fourth time. The next implementation date is June 1, 2010. The enforcement was due to take place yesterday November 1st, 2009.

It is clear that many businesses are having difficulty getting ready for Red Flags as evidenced by the fourth delay. Many businesses falsely assume that if they are not a bank nor a credit card company, they are not subject to FACTA or Red Flags. Such is not the case. FACTA and Red Flags apply to most businesses.

The delay is good for businesses as many need additional time to get systems and procedures in order, but not good for consumers (whose identities may still be exposed for fraud for another 6 months).

Credit Card Identity Theft

noreply@blogger.com (Jaycee Fox) — Wed, 23 Sep 2009 20:48:00 +0000

Police of Morgan Hill, California received a call for a potential DUI, but instead three people were arrested for numerous incidents of identity theft. The driver of the Camaro, Charles Allen, didn't have a license and the passenger, Arena Adanandus, had a suspended license and neither one had ownership documentation of the Camaro. Allen was arrested on suspicion of driving with a suspended license. In the meantime, they impounded the Camaro and found merchandise totaling $800+ from Home Depot. The passenger, Adanandus, had used a customer's account number where she had fraudulently added her own name and the grand total of charges is suspected to be around $3,400. Not only that, but the Camaro was rented using a stolen credit card. During this time a third party, Aaron Fields, came to the station to meet with Allen and Adanandus and the kicker -- he drove to the station in a Ford Fusion which he rented using stolen credit card information. All three were arrested and booked (Read the full story here).

Identity theft is a recognized problem and credit card identity theft is one of the forms it may take. As in the prior case, the thief can use details of another person's credit card and wrack up debts which the unsuspecting customer ends up with. They may also use the person's name and information to open up new credit cards where they charge to the victim's name. So how can they even get this information? Through stealing mail from your mailbox or trash, credit card skimming, or stealing information from records where your details are kept (such as a crooked employee or a thief breaking into hospital records etc).

Some simple tips to prevent identity theft are:

Shred any documents with personal information before putting in the trash.
Opt out of mailing lists where credit card offers are sent through the mail.
Keep your eyes on your credit card at all times especially at stores and restaurants. It's not just on the internet where you need to be careful.
Identity theft insurance services.

Identity theft is a growing problem but gradually people are becoming more aware of it and are protecting and educating themselves against these types of crimes. As in the case cited, some of these losers do get caught and we're all happy when they bring their 'friends' along for the ride.

The Identity Theft Victim & Their Rights

noreply@blogger.com (Jaycee Fox) — Fri, 04 Sep 2009 15:37:00 +0000

So here's an ironic story for you about identity theft. The last blog I wrote on identity theft was on a Friday. I wrote about what steps you can take to protect yourself from identity theft -- especially mail identity theft. I then went to a nice barbeque party and watched my kids swim with their friends. Didn't really enjoy my turkey dog -- an attempt to be healthier -- but have decided since then that I'll stick to all-beef franks. On the way home, I grabbed my mail, tucked the kids in bed, and then read my mail. And to my horror, received a letter from my credit card company who was putting me on alert as one of their former employees had stolen personal information from some accounts and mine happened to be one of them. I looked at my husband, thinking perhaps this theory of Law of Attraction might actually be valid, and then began a scenario of what-ifs with this villain using my very name to open up accounts, buy a home etc. After wallowing for seconds, I called the fraud alert hotline. So they've caught the thief but the investigation is ongoing and who knows if he's sold the information already. What I realized is that it's one thing to discuss identity theft and the steps to take, and it certainly is another to feel yourself vulnerable and at risk -- and of no fault of your own. My husband saw the rainbow of it all -- well, now you'll have another article to write -- so here I am.

There are certainly many steps you can take to protect yourself from not carrying your social security card in your wallet to having a secure mailbox. But what about if you give trusted information to a company -- like a credit card company -- and one of their employees steals it. There's nothing you can do after that point. You hope that the company has done background checks, employment screenings, behavioral assessments, but there are always risks -- which is what I discovered. What is immediate action you can do once you've realized someone has stolen your information? Of course if it's a stolen wallet, you notify banks, credit card companies, social security etc. But what else should you do? What are your rights?

Immediately call the nationwide consumer reporting companies and place a fraud alert in your file. Everyone has the right to do this and this lets potential creditors know that you may be a victim of identity theft. Therefore, this makes it much more difficult for someone to get credit in your name. There are three nationwide consumer reporting agencies and if you contact one and place a fraud alert -- they'll contact the other two. They are Equifax: 1-800-525-6285; www.equifax.com, Experian: 1-888-397-3742; www.experian.com, and TransUnion: 1-800-680-7289; www.transunion.com. These fraud alerts will be in your file for 90 days. Extended alerts are also possible, but an identity theft report is required. For more information, go to www.consumer.gov/idtheft.
You have a right to obtain a free copy of your file disclosure. What is a file disclosure? This is the information in your file at each of the 3 nationwide agencies and will help you detect if fraudulent accounts have been opened in your name. Go to www.ftc.gov/credit.
If fraudulent accounts were opened using your information, you have the right to get hold of those documents. Go to www.consumer.gov/idtheft.
You have a debt collector harassing you? And if you believe these debts were racked up by an identity thief, the debt collector has an obligation to tell you the amount of debt and the name of the creditor. You also have the right to have the consumer reporting agency to block file information which is a direct result of identity theft. Of course you must prove this with your identity and a copy of your identity theft report. Once this is done, a person or business with notice of the block can't sell, transfer or place the debt for collection. But even before this, you have the right to prevent businesses reporting information about you to consumer reporting agencies. You must then provide information to the businesses -- via a specified address given by the business that reports information to the consumer reporting agency -- by providing an identity theft report. So whatever step you are on -- via the business, the consumer reporting agency and even the debt collector -- you always have rights.

Clearly, no one wants to be a victim of identity theft, but if you have tools in hand and are aware of what actions need to be taken and what rights you have -- you can reverse the scenario and stop the thief in his tracks. An even simpler way is to set up with a company who provides identity theft services. There they will help prevent and also monitor your accounts if any significant changes occur. A word of caution, I'd do your research first -- before and if you become a victim. There are companies out there who provide the same service but for a much better cost. When we're desperate, we'll take the first monitoring bidder whatever the cost. So the message here? Prepare, prevent and monitor.

Even in Death Your Identity Is Not Safe

noreply@blogger.com (MGM) — Mon, 24 Aug 2009 15:50:00 +0000

Gregory Victor Revson, 49, of Islamorada, FL received his sentence for convictions of identity theft and passport fraud. In 2006 and 2008 Revson had fraudulently applied for and received passports for deceased persons. At the time of his arrest, Revson had a thumb drive in his possession containing the names, addresses, SSN's of hundreds of deceased. Apparently he thought that his scheme was working well.

Revson received a sentence of 75 month with an additional 14 months added to his sentence for violating the terms of supervised release related to a previous 2002 conviction for identity theft and wire fraud.

Just because you've died doesn't mean that you can't become a victim of identity theft. That is just one more thing for your loved ones to have to worry about after you're gone is the risk of identity theft.

Identity Thieves Stealing Your Mail

noreply@blogger.com (Jaycee Fox) — Mon, 17 Aug 2009 15:53:00 +0000

Identity theft is an increasing concern as we hear of nightmarish ordeals that some people must endure when their identity is stolen. In some cases, these crooks are getting smarter and more sophisticated with their scams, but in other situations -- which is good for us -- these types aren't playing too wisely.

Take the example of this theft: On August 8th, 2009 in Manteca, California, two young adults -- a male and female -- broke into an apartment complex and then proceeded to steal from the tenants' mailboxes. But the big kicker -- there was a warning that they were being videotaped. The authorities are confident they'll catch these criminals. Not too bright I'd say. You can read the report and view the videotape here: Manteca Mail Theft Caught on Camera
What can we do personally to protect ourselves from mail theft?

Use a Mailbox with a Lock. That's a significant start. It's not a sure guarantee but will definitely deter some. And of course, keep your mailbox locked at all times and have a limited number of keys. Remember, you can have valuable data for the thief on bank and credit card statements and even personal letters may give away some detailed information about you.
Collect Mail after Delivery, within reason. If you are going on vacation, put a hold on your mail. It's a simple process and in most places can de done online. Or even have a neighbor pick it up for you.
Use Ink that's Check-Safe. Cleaning products can erase some inks and then the thief has one of your blank checks in his hands with your signature. Use pens -- such as gel, rollerball and fountain -- that clearly state they are check-safe. Fill in all the empty spaces on your check such as the date and memo line. And finally, go to the post office with your checks. Locked mailboxes are pretty secure but the hands of a postal worker is even a safer bet.
Keep Good Records. This will enable you to identity any unauthorized activity in your accounts. You may not be able to avoid mail being stolen and information taken, but with good records the damage can be minimized. Identity Theft recovery programs can also be set up that will serve this same purpose.

If we're informed we can play with the wisest of the thieves and beat them at their own game. As far as those more dense ones, we'll let the videorecordings take the credit.

The Stupid Things That Thieves Do -- Other Than Steal

noreply@blogger.com (J. Crismon) — Thu, 30 Jul 2009 15:12:00 +0000

We've all seen the video programs that show thieves doing stupid things and being caught on surveillance cameras. Things like smacking an unbreakable window with a crowbar and then getting whacked in the face, or accidentally setting themselves on fire while trying to burn down a building. Seeing stuff like that always make me feel better. I tend to feel that justice is being served, somewhat. The criminals themselves are doing what we so often want to do, but don't have the opportunity to: beat the tar out of themselves!

Unfortunately, not every stupid thing criminals do are caught on tape, and I'm sure that must include thousands of funny things every day. For example, we know that you can't talk your way out of prison. But who knew you could actually talk your way into prison?

An article I came across today at Philly.com stated that in Chester, Delaware, a woman called police to claim that a large, high-dollar barbecue grill and other items were stolen from her backyard. As part of the investigation, the police determined that the items in question were purchased with a credit card reportedly stolen from a woman in Kentucky. This led to her quick arrest and further investigation, whereupon her two accomplices were also arrested. The leader of this band of thieves had his home raided and he was found hiding, naked, in his attic. Now I hope they got that on film!

It seems pretty funny, and ironic of course, that a thief felt she had been wronged and wanted to report it, when she herself had obtained the items that were stolen by using a stolen credit card. As the District Attorney in the article mentions, "If you steal something, don't report that somebody else stole it from you." Well put Mr. Green. Just another example of how stupid some criminals really are.

Now that the shoe is on the other foot, well except for the guy they found naked, I hope that these bozos learn their lessons. However, as is often the case, these sort of people tend to suffer from short-term memory loss. I tend to believe that they'll be back at it again as soon as they're released from prison. Luckily, the newer identity theft laws now carry a minimum two year sentence, with the possibility of five years. Don't worry though. I'm sure we'll have the chance to laugh at another stupid criminal before too long.

Have an example of a stupid criminal? Comment and let me know.

To Protect and Serve. Not!

noreply@blogger.com (J. Crismon) — Fri, 17 Jul 2009 15:16:00 +0000

If you're like me, you really hate reading articles where someone in a trusted position, such as a police officer or a politician, abuses their position, their authority, or betrays their constituents' trust by putting others in compromising, legal, and often financial jeopardy. Unfortunately, that's just what I came across this morning.

A police sergeant for the University of Central Missouri and his wife have been arrested, accused of identity theft. The couple, James and Amanda Drake, allegedly obtained the stolen names, addresses, and Social Security numbers of 7,000 students and alumni at the university that he was employed to protect and serve. What is not apparent is how they retrieved this information since according to the article I read, there have been no signs of a data breach. The information they had was on printouts that are used for legitimate office reasons. Sounds to me like there may have been someone else on the inside who let a document slip into the wrong hands. I hope they nail that person or group of people as well.

Luckily, so far it appears that there have only been a dozen victims in this crime. Let's hope that number doesn't grow. The university is offering ID theft protection for those affected. I hope they have a background screening process in place as well. If they didn't already have one, it would behoove them to get one now. If they did have one, it might be worth re-evaluating the process and see where the breakdown occurred.

Meanwhile, James Drake has been charged with fraud, use of a credit device and filing a false police report. Amanda Drake has been charged with forgery only. Neither has been charged with stealing the computer printouts that contained the names they both used to commit fraud. I hope they tack that on later as they clearly should not have been in possession of said documents.

I've always thought it's good to know your job from all angles, including inside out, and this is no exception. Let's see how this campus cop and his wife like the view from the other side of the cell.

Employee ID Theft at AT&T, an Inside Job

noreply@blogger.com (J. Crismon) — Tue, 14 Jul 2009 19:49:00 +0000

If you've ever thought that your personal information was safe at work, this might make you change your mind.

This week a federal grand jury has indicted a Chicago area temporary employee for identity theft of over 2,100 employees. The employee, who was working for AT&T, had two accomplices. The trio of women apparently used the stolen information to fill out "payday" loan applications, then used random photos of individuals and faxed in the account information. After that, they would wire the money into their accounts. Before being apprehended, the trio stole more than $70,000.

It's pretty despicable when an employee steals trusted customer data. But stealing employee data is even worse, because if you can't trust your own employees or co-workers, who can you trust? They're supposed to be on your side.

On the brighter side of things, at least the number of affected people is lower than your typical data breach. If they had stolen customer data, the number of people affected could have easily been in the millions and that would have been a tremendous blow to AT&T.

These criminals will face 20 years in prison and $250,000 each for the fraud charges and 2 years for each count of identity theft, to be served consecutively, after the other 20 years for the fraud. These girls aren't going anywhere, anytime soon. Score one for the Feds.

Read the article from the SC Magazine here.

Socializing Yourself Into Trouble

noreply@blogger.com (J. Crismon) — Thu, 18 Jun 2009 21:41:00 +0000

Nearly everyone has heard the term "social engineering" before. The term refers to a clever technique that can be used to get information from individuals without having to steal it or hack into a system. The technique is very effective. People like to talk, and if you ask enough questions, people will tell you quite a bit through the course of a normal conversation. Some people talk so freely in fact, that one senior citizen in Louisville, Kentucky apparently gave enough information for a nursing home employee to open up an American Express card with the patient as the co-signer and rack up $100,000 before the patient realized it. In fact, had the patient not received a call from American Express thanking her for opening the account, it may have taken much longer to figure out what was going on.

According to an article on WLKY.com, the suspect, Danielle McClain, actually had a criminal record for criminal possession of a forged instrument and spent 6 years in prison. Apparently, that's not enough of a red flag for some people. She was hired at the nursing home in Louisville anyway. Rest assured, a new policy is in place that will screen all employees and vendors' employees in the future.

It seems natural that someone recovering form surgery in a nursing home would make friends with the staff and get into lengthy conversations. That's part of our frail human nature. It's okay to be friendly, but as the phrase goes, "don't give away the farm" while you talk. As this example points out, we should be careful with the information we disclose. Without realizing it, you may be giving away valuable information, like your mother's maiden name, spouse's birth date, etc. This is information sometimes used to open new accounts.

The lesson here: be careful what you say. You never know how it can be used against you.

Paper Trails: Crumbs for the Identity Thief

noreply@blogger.com (Jaycee Fox) — Sun, 14 Jun 2009 15:32:00 +0000

When I think of someone stealing my identity, I often imagine a pick pocket or a burglar lurking in the shadows, waiting to grab my personal information along with my money. But often that’s not how it works. Sometimes our identity is stolen when we have a new baby, get a home loan or apply for a credit card -- sometimes our identity is stolen by employees of such institutions who steal our personal information. An identity theft is a crime where someone gains crucial pieces of identifiable information -- your driver's license number or social security number -- all in the hopes of then getting a credit card in your name, or renting an apartment in your name, getting a phone account etc., all for their own personal gain.

Take the example of Shenequa Brown, a child support collector charged with ID theft. Just this last month, this child support collector obtained the check number, routing number and bank number of her victim/client and used that money to pay for her utilities and cable.

Sometimes, however, it's not so blatant, but instead we leave a paper trail for not-so-honest employees to steal our information. We leave a paper trail in the form of birth certificates, church files, school records, diplomas, marriage and divorce certificates, voting registrations, doctor files, credit cards, land deeds and the list goes on. Certain milestones in our lives such as becoming financially independent and applying for a credit card, or having a baby, or even purchasing our own home puts our personal information on paper.

One way to prevent identity theft is not to leave a paper trail. Of course in some instances, we're putting our trust in certain institutions to keep our information confidential and we have no choice but to leave a paper trail. Sometimes the only recourse here is to closely monitor bank and credit card statements to catch the criminal quickly and also to have an identity theft service set up to help us monitor and regain our identity back quickly. But let's go over some things we can do to prevent identity theft via a paper trail.

Don't have financial documents sent via snailmail and don't send paper checks out through the mail. Why? A thief can steal your personal information right out of your own mailbox or home. Rather, view them online. They're typically safer when stored online. Even pay your bills online through your bank's website. However that doesn't mean that we send people our personal info via email either.
Invest in a shredder. Some crooks are attracted to the sport of dumpster diving.
Where possible, don't use your social security number as a form of identification.

There's a lot to be improved upon here such as credit card companies not so loosely giving out our information to third party companies. But maybe we should even follow the example of our European neighbors and only use our social security number as a means of gaining our retirement benefits rather than a form of identification that is needed for loans and credit card applications that can then cause problems for many years if that information gets into the wrong hands. We can't control everything but we can be aware and cautious when we give out our personal information.

Phishing: An Online Identity Theft Scam

noreply@blogger.com (Jaycee Fox) — Fri, 29 May 2009 16:19:00 +0000

When I hear the word phishing, I imagine early dawn, a still morning and a smooth lake with not a single ripple. But outside the nature world -- and inside the world of computer security -- phishing is online identity theft. This process was described in 1987 and defined and recorded as 'phishing' in 1996 with one sole purpose: to bait innocent victims and catch their passwords, usernames, credit card information and any other financial details.

Con artists have been around since the beginning of time. We've all heard the stories of strangers stepping into the shoes of long lost relatives and making claim for crowns or large sums of money, but now we're in the internet age and the story -- with a similar theme -- has unsuspecting online consumers as its main characters. One of the more recent phishing scams involves the social networking sites. Facebook users beware because if you're one of those users that re-use passwords, then Facebook may be your downfall. Many of us use the same password for every website, meaning if were lured to phishing sites from our facebook account, hackers can also potentially gain access to our Amazon, PayPal and eBay accounts. Read the full story here: Facebook Attacks Threaten All Web Sites

According to the APWG (Anti-Phishing Working Group), these types of crimes are on the rise with crimeware-spreading sites infecting PC's with password-stealing crimeware increasing 827% from January 2008 to December. Phishing schemes are gaining sophistication and sometimes for the everyday online consumer it can be overwhelming. The Anti-Phishing Working Group web site gives up-to-date reports on the latest phishing schemes authorities have uncovered.

There are some steps we can take to protect ourselves from these types of scams.

Never give out personal information, including financial, via an email request. Remember the purpose of this is to gain your name, username, address, phone number, password, bank account number, credit card number, CVC code or social security number. Regular e-mail messages aren't encrypted so it's similar to sending a postcard. Be suspicious of email messages requesting this kind of information or even those messages asking to update or confirm such details. And don't call numbers listed on email messages, but rather get the phone numbers from statements. Never click links on suspicious emails or copy and paste links from messages into your browser, but instead you type the URL into your browser or use your Favorite Links.
Use secure websites. Ones that you know and trust to submit personal information -- established companies with good reputations and privacy statements where they state that they won't pass on your personal information to others. And make sure these web sites use encryption.
Continually monitor online transactions. Review bank and credit card statements and report anything suspicious by calling the number on your account statements. Use credit cards for online purchases, even those with a small credit limit. Debit cards are connected to your bank account and credit cards with high limits only give the thief more money.
Use strong passwords, changing them often. Don't use real words, but rather combinations of numbers, uppercase and lowercase letters, and symbols so it's difficult for hackers to guess.
Protect your PC. Make sure all your security patches are installed and your browser is up to date. Use a firewall, antivirus software, anti-spyware, and even anti-phishing software.

So if this information does get into the wrong hands, what will the thieves do with it? Identity theft is common and the hacker can now apply for credit in your name, empty out your accounts, max out cards, transfer money from your investments into your checking account and then use a copy of your debit card to take it all.

These identity theft scams are continually growing in sophistication on the internet, so be aware, protect yourself as best as you can, and be prepared with identity theft services for recovery and even prevention.

Identity Theft & Traveling: What You Need To Know

noreply@blogger.com (Jaycee Fox) — Fri, 15 May 2009 16:24:00 +0000

The summer is fast approaching and it may be time to start thinking travel plans. Whether we go near or far, we must be aware of identity theft. In 2007, over eight million people in the United States were victims of identity theft which resulted in almost fifty billion dollars of fraudulent financial charges as quoted by the Javelin Strategy and Research Survey. That number has most likely increased over the last year. Of those victims, a significant portion was business and holiday travelers.

When I travel it's a time to relax, get away from my routine and responsibilities, and enjoy some fun with my family. So, like most people, I let my guard down. Travelers are walking targets to the thief. So perhaps we're not donning the binoculars, loud hats and colorful shirts, but we are travelers nonetheless and to crooks we're quite obvious. These pickpockets lurk in crowded airports, hotel lobbies, bus and train stations, special events -- anywhere a victim is relaxed and seemingly unaware. Our wallet in a back pocket is an invite to these kinds. Besides the obvious stolen wallet, there are other ways our identity can be stolen when traveling. Crooks are becoming smarter -- more technically savvy -- so it's critical we stay one step ahead. We need to be cautious with our laptops and our usage of internet cafes. Rather than finding ourselves in such a situation, prevention is really the key and then leisure or business can follow. So what are some things we can do?

Before you even travel, hold mail and newspaper delivery. A pile of newspapers is an open invitation and bills and credit card offers contain all of your information.
Go through you wallet. What do you really need? Take out all personal information items that aren't crucial, such as social security cards, memberships, receipts, check books, bills etc. Lock these up in your home -- identity theft can occur at home also by a house sitter or burglar.
Carry a fanny pack. Traveling through a crowded airport, trying to get from one point to another can be an arduous task. Carry your credit cards and other personal information with you in your fanny pack. It's much harder to nab someone's fanny pack strapped firmly to their body than a wallet peeking from a pocket. Don't leave these items in checked luggage either. Lost luggage seems more common than in the past, even if it's just for a day.
Pay your bills before you leave. Bills lying around in hotel rooms are easy targets for identity crooks.
Even open a separate account before traveling and only put in it as much money as you'll need for your holiday. Bring that one debit card with you -- not one linking to all your savings back home.
Bring a couple of credit cards with you. These are protected by Federal law and so fraudulent charges are generally covered. Make sure they haven't expired and you can even purchase prepaid cash cards from Visa, American Express or Mastercard. Have a list of the credit cards you brought with you easily available so that you can report the information stolen and set up fraud alerts with the credit bureaus. You can even sign up for identity theft services which can provide continual credit monitoring among other preventative measures and recovery programs.
Use the ATM machines available in banks. There is a threat of fake ATM machines in popular tourist areas so be safe and go to the bank.
Leave passports, major cards, and any other personal information that's not necessary on a day to day basis in your hotel room safe.
Bring a copy of important documents and also store these in a secure and separate place. You'll definitely want a copy of your passport.
Keep an eye on your laptop at airports, hotel lobbies and restaurants. Thieves can access personal information when laptops are unattended -- they don't even have to steal it and then the traveler is clueless. Back up your laptop before you leave and put this disc in a safe place at home or in a safety deposit box. Write your name, destination address and any other relevant contact information on a piece of paper that’s taped to your laptop in case it's inadvertently left behind. Use caution here though and use your work address and phone number.
Be on guard when using public computers. Key stroke loggers could be installed but generally business centers located on cruise ships and hotels are safer than other public computers.

Stealing someone's identity is not just about having your credit card stolen while the thief enjoys a shopping spree. No, this criminal can then open new credit cards, new accounts, get new loans and then not pay them, leaving 'guess who's name' on the credit report? The worse case scenario is getting arrested for crimes you've never committed. Rather than becoming paranoid, apply the steps listed and be prepared. Preparation and prevention are the two crucial keys in protecting your identity. If a worse case scenario does occur, identity theft services can help with the recovery process along with preventative steps. Travel with confidence this summer season, knowing you've done all that you can do.

Your Identity Getting a Workout

noreply@blogger.com (J. Crismon) — Fri, 03 Apr 2009 20:03:00 +0000

There is one surefire method to ensure that nobody can get your personal information and steal your identity while you're out and about: leave your personally identifiable information and belongings at home. However, is this a realistic approach? For most people, probably not. Continue reading and decide for yourself.

Today in Sacramento, a husband and wife were arrested on charges of identity theft, forgery, burglary, possession of stolen property and vehicle theft according to an article at KCRA.com. The thefts occurred at local 24 Hour Fitness centers in the Sacramento area. While working out at various locations, the wife would go into the locker room and break into lockers and steal purses, cell phones, car keys, credit cards, etc. Such tactics are not uncommon. This is not the first time this type of crime has been committed, and unfortunately it won't be the last.

So how do we avoid this type of crime? Should we just leave all of our belongings at home? That doesn't sound like a practical idea. If all you're doing is going to the gym, okay, I suppose it's easier to leave a lot of things at home. But what if you're going to the gym on the way home from work? Leaving your items in your car is probably no better a solution. After all, you have to still take your car keys in the business and leave them in your locker.

It seems the answer to my original question is best left to the reader. It's your stuff. You decide how to best keep it safe. If you don't need to take it with you, you probably shouldn't. But when it comes to your identity, you can at least get recovery protection on your side in case you have the misfortune of having your personal information stolen.

A good identity theft plan should provide a fully managed recovery solution. That means a recovery advocate will work on your behalf, through a limited power of attorney, and make all the phone calls and clear up any problems that arise as a result of your identity being compromised. The advocate will also work until your good name is restored to its pre-theft status. In addition, there should be some sort of insurance reimbursement to help cover the out of pocket expenses.

A good identity theft recovery solution can save a lot of headache. So, if your identity winds up getting more of a workout than you do, you don't have to run around trying to catch up with it.

ACLU Supports Identity Thieves -- Sues County Sheriff

noreply@blogger.com (MGM) — Tue, 10 Mar 2009 18:34:00 +0000

The ACLU has filed a suit against the County Sheriff and District Attorney of Weld County, Colorado in a strange twist of logic supporting the position of identity thieves. These stories (Operation Number Games and Fight with ACLU suits Buck to a ‘T’) from Weld County, Colorado are illustrate some of the contention between protecting fourth amendment rights and prosecuting criminals.

The back story ---
It begins with former mayor of El Paso, Texas and tax accountant Ray Salazar. In 1988, Salazar listed among his clients a Mr. Jose Lopez. Lopez is a citizen of Mexico and a resident alient in the US (he has a green card permitting him to work in the US). Three weeks of the month, Lopez works at a ranch near El Paso and returns home to his family just across the border in adjacent city, Ciudad Juarez for the fourth week (El Paso and Ciudad Juarez both part of the same metro area but are separated by the US/Mexico border).
All was well until one evening when Lopez was returning home he was mugged and his wallet stolen. He reported the theft to, among others, the Social Security Administration which issued another green card with the same ID number as the original card.

Fast forward to 1995 when Servando Trejo, a citizen of Mexico paid $1,500 to a human smuggler to take him across the border into Arizona. Once there, Trejo purchased a fraudulent birth certificate and social security card in the name of Jose Lopez. Trejo, an illegal immigrant, then assumed the identity of Lopez. With the Lopez identity, Trejo worked at several different jobs and eventually moved to Greeley, Colorado where he opened a bank account and gained a Colorado drivers license.

The fraud seemed to be going well for Trejo. Especially well, since Trejo chose not to pay income tax on his earnings during the years and by 1999 had accumulated a bill for $11,000 in taxes owed. That (1999) was when the IRS decided that the tax bill needed to be paid and contacted the real Lopez in El Paso and presented him a bill for $12,000. The real Jose Lopez, the part-time ranch hand in El Paso only made $10,000 per year and not only did not truly owe that much. Moreover, he lacked the means to pay the bill.

That is when he turned to his CPA, Ray Salazar. Salazar worked with the IRS to resolve the problem but the IRS was skeptical of Lopez' claim. It wasn't until 2003 that Salazar was able to have an IRS agent take a close look at the circumstances and realize that Lopez had been the victim of identity theft. The IRS promptly removed the claim for back taxes and the situation appeared to be fully resolved. Jose Lopez never did find out who had been using his identity and could not be sure that it would not happen again.

In 2005, Trejo (still masquerading as Lopez) living and working in Greeley, filed an income tax return. Trejo had less than $2,000 withheld from his check to cover taxes but when he filed the return, he was given a refund of more than $4,000. This event apparently triggered something in the IRS system and again the real Lopez in El Paso was presented with a bill for $11,000 in taxes. Once more, Jose Lopez turned to Salazar the CPA for assistance in working with the IRS. Through another source, Lopez discovered that someone in northern Colorado was using his social security number. Lopez contacted the Loveland, Colorado police department who referred him to the Weld County Sheriff's office.

The Weld County Sheriff's deputies begin an investigation. On August 13, the deputies located the "Jose Lopez" they sought and arrested Servando Trejo at a feedlot where he worked. Trejo was arrested on charges of identity theft and forgery. Trejo later pleaded guilty to the lesser charge of criminal impersonation and was sentenced to probation for two years. Trejo was subsequently transferred from the Weld County jail to the custody of Immigration and Customs Enforcement (ICE). ICE subsequently deported Trejo to Mexico.

While still in the custody of the Weld County Sheriff's office, Trejo told the deputies how he was able to get large income tax refunds through a local business, Amalia's Translation and Tax Service. With this information the deputies investigated further to found that, not only Trejo but, a great many other illegal aliens were using Amalia's Translation and Tax Service to obtain income tax refunds under assumed identities ($2.7 million). Deputies sought and obtained a search warrant and seized the Amalia records. The seized tax records revealed approximately 1,300 cases of identity theft.
--- end back story

Information in a court case is normally considered public record. The evidence in the case was the tax records of Amalia's clients who had an interest in their tax records not being disclosed as a part of the public record of the case. Consequently, the Weld County District Attorney had the tax records put under seal and reviewed by grand juries (whose sessions are secret).

The ACLU, curiously, rather than supporting the Sheriff and District Attorney in their efforts to bring the identity thieves to justice chose to oppose their efforts and demand that the evidence either be returned to Amalia or destroyed and abandon attempts to prosecute the fraudsters.

Today the court heard opening arguments in the case. It is not certain how this will end or if there can be found an elegant compromise that both protects the rights of citizens from unreasonable search/seizure while still giving law enforcement the ability to effectively perform their duties and keep us safe from criminal activity.

Thieves Take More Than Towels

noreply@blogger.com (J. Crismon) — Tue, 24 Feb 2009 21:44:00 +0000

Wyndham Hotels in Florida notified the state Attorney General about a data breach in which the credit and debit card information as well as personal data of 21,000 hotel guests was compromised in December 2008. Wyndham notified the affected guests by letter.

So far there has been no evidence that foul play has occurred, but Wyndham is urging those affected to be vigilant and obtain fraud alerts from the major credit bureaus.

Another solid piece of advice would be to watch for suspicious credit card activity. Any suspicious charge can be challenged and taken care of fairly easily with your credit card company. This is yet another reason to use credit cards rather than debit cards. If your debit card information is compromised, thieves can easily drain your bank account before you even notice a problem.

Read the original story by clicking here.

Non-fat, Low-foam Laptop Please!

noreply@blogger.com (J. Crismon) — Tue, 24 Feb 2009 21:12:00 +0000

Starbucks has once again lost a laptop containing employee data. In October 2008 the company lost a laptop that contained 97,000 employee's personal data, including Social Security numbers and addresses. I guess that fits in the extra-extra-large cup. Notice I said "once again?" In November of 2006 a laptop containing personal data of over 60,000 current and previous employees was also stolen. The difference is, this time the employees decided to file a lawsuit.

Some employees are saying that Starbucks took too long to notify them about the breach and provide them adequate time protect themselves against identity fraud. Starbucks has offered the employees one year of identity theft protection and credit monitoring, but some employees are asking for up to five years. Some of the plaintiff's have seen evidence of fraud due to the data breach, and are therefore seeking monetary damages.

This is bad news for you coffee drinkers. If this lawsuit is successful, I would expect to see the price of a Starbucks coffee increase. It's going to take a lot of beans to pay for the double blunder.

You can read the full story here.