LifeLock » id theft

Don’t Try This at Home!

admin — Fri, 18 Jun 2010 17:23:15 +0000

LifeLock CEO Todd Davis published his own Social Security number to illustrate the dangers consumers face from identity thieves.

It takes a great deal of courage to defy the threat posed by identity thieves – and rely on an identity theft protection service to guard one’s personal and financial data from compromise. A lot of courage – and a great deal of faith that the protection offered by the service is up to the task!

That is exactly what Todd Davis did – in effect daring identity thieves to make the attempt. He decided to give out his Social Security number in order to alert consumers to the rising tide of identity theft.

The result?

Since 2005 there have been hundreds of unsuccessful attempts to use his information, the vast majority of which were stopped by the service provided by LifeLock. To his knowledge, there have been 13 successful uses of his information over the past five years, and none within the past year. Although his critics have made much of the 13 instances of identity theft, LifeLock’s member service performed just as it should – and his credit report and financial reputation remains unblemished as a result. Contrast his experience with that of the millions of identity theft victims each year who have nothing and no one to support them. They spend numerous hours, often lose money and suffer the stresses and frustrations which are the usual result of this crime.

As Todd Davis’ story illustrates, the threat posed by identity theft is real, and the thieves are growing ever-more technologically advanced.

While no identity theft service can possibly protect you 100% of the time from all threats, LifeLock is constantly working to develop new tools to fight against the increasingly sophisticated methods of criminals. LifeLock leads the industry by continuously developing new and innovative proactive solutions.

Identity theft

admin — Sat, 17 Apr 2010 07:08:16 +0000

Spoofing will become an officially illegal activity later this year.

According to the dictionary, spoofing is lighthearted and harmless imitation, but in the parlance of identity thieves, the meaning is more sinister. And, though it may come as a surprise, the activity is legal. This week, however, The U.S. House of Representatives passed legislation that is expected to make spoofing illegal later this year.

For the purposes of identity theft, spoofing is the use of software or services that cloak phone callers’ phone number and name, often substituting the true information for other information that makes the call recipients more trusting and, therefore, more willing to divulge personal or financial information.

In the past couple years, a common spoofing technique was to arrange for the call recipient’s caller ID to show that the incoming call was from the county courthouse. Once the call was answered, the caller asserted that the recipient had failed to appear for jury duty, and would be fined and possibly arrested as a result, unless they paid a sizable fine over the phone immediately. When faced with the possibility of arrest, many recipients were happy to confirm their identities with Social Security number, and to pay the fine by credit card, over the phone.

The new legislation was sponsored by U.S. Representative Eliot Engel (D-NY), who cited an incident in his home state as the impetetus behind bill.

“Last year, the New York City Police Department uncovmered an identity theft rink using Caller ID Spoofing to victimize over 6,000 people out of more than $1,5 million.

The legislation allows for exceptions for law enforcement agencies and domestic violence shelters to protect the call recipients.

Identity theft protection

admin — Mon, 01 Feb 2010 00:01:51 +0000

Prevent identity theft by shredding unnecessary documents

Tax time is the perfect time to clean out old files or set up a new file system. But where do you start? And what do you shred to prevent identity theft?

You should shred any unneeded documents or mail that has your personal information on it, and that doesn’t mean just documents that have your Social Security numbers on it. Even junk mail has your name and address on it, and that’s a good start for identity theft. You don’t have to shred the entire catalog or sales ad, just the page with your information on it.

If you still receive your bank statements by mail, shred them after you’ve reviewed them. For identity theft prevention, though, it’s safer to receive your bank statements via email or by viewing your transactions. There’s no reason at all to receive cancelled checks in the mail, either; they’re available online, too.

The same goes for credit card statements. Review them for errors or suspicious charges that may indicate you are already an identity theft victim. The better way to prevent identity theft, though, is to receive your statements online.

Shred your paycheck stubs after reviewing them with every pay period. Some employers still print pay stubs with employees’ complete information on them, including name, address and Social Security number. Incredibly, once their paychecks are in the bank, many people don’t stop to think about how easily they could become identity theft victims by leaving their pay stubs loose in their cars or desk drawers.

Shred all expired credit cards. If you own a shredded, but it doesn’t work on credit cards and CDs, it’s time for an upgrade.

Just cutting up your expired credit cards isn’t enough; they’re easily reconstructed, and with that card, an identity theft can go on an online shopping spree.

Insurance and medical records have enough information for medical identity theft. Shred them.

Expired college ID cards and report cards. Many universities still use students’ Social Security numbers as student IDs for registration, class grades and tuition records.

LifeLock Review

admin — Wed, 20 Jan 2010 14:38:26 +0000

Consumer review of LifeLock’s Command Center™

I’ve been a LifeLock member for just over two years, and have always been happy with their service. But I recently decided to add LifeLock Command Center™–their new tier of ID theft services—to my membership. I know enough about ID theft to know that no one is ever completely protected, but I felt pretty safe even before the upgrade.

Since upgrading I feel like I’m as well protected from ID theft as it’s possible to be. I’m still covered by LifeLock’s original eRecon™, WalletLock™ and TrueAddress™. And LifeLock submitted the requests so I actually get my annual credit report and I don’t receive pre-approved credit offers in the mail anymore—things I should have been doing for myself but never did.

LifeLock Command Center™ drills a little deeper, though. With the new services, LifeLock proactively mines for my personal and financial information, to make sure all is as it should be, and no one but me is using it.

What I find most assuring about the new Command Center™ services, though, is that I get the reports from all their searches. In fact, I got all the reports within 48 hours of enrolling.

How LifeLock Command Center™ works

Public records databases are scoured for any evidence of criminal ID theft—that is, using another person’s identity when arrested. The continually check my county’s court records and those at the Department of Motor Vehicles, Department of Corrections and administrative courts. As damaging as any type of ID theft can be, when you know some of the firsthand stories about how horrific the aftermath of criminal ID theft can be, this service is a big relief.

They also check all the sex offender registries. First, to make sure none of my information shows up there; apparently it’s common for sex offenders to use bogus addresses when they have to register. Secondly, LifeLock emails me a list of all the sex offenders registered in my zip code. (If you’ve never seen one of these reports, they’re real eye-openers. Even a friend of mine who lives in a very exclusive neighborhood found there are two sex offenders living within blocks of his home.)

Command Center™ monitors P2P networks. These are the links from one computer to another established with file sharing applications like LimeWire that are commonly used for music downloads and shared work

LifeLock’s eRecon™ has always checked more than 10,000 websites for bits of my identity information, e.g. my Social Security number, address, birth date, etc. They also looked for any pieces of my financial information, e.g. bank account or credit card numbers or PINS. With LifeLock Command Center™ I get the reports.

Command Center™ also provided me with a report of every address I’ve lived at for the last 25 years. Fortunately I recognized every address on the report.

Check out LifeLock Command Center™ for yourself. If you decide to enroll, use the promotion code DEFENSE for the best deal.

Data Breach

admin — Wed, 13 Jan 2010 22:06:21 +0000

2009 Identity Theft Resource Center Breach Report

The Identity Theft Resource Center’s numbers on last years’ data breaches are out, but despite some figures that are seemingly good news, the overall picture is muddled if not outright bleak.

Nearly 500 data breaches were reported last year – a 25% decrease from 2008. That’s the first decrease in reported data breaches since the ITRC began tracking data breaches in 2005. However, more than 220 million records were reported as lost or compromised, according to the 2009 ITRC Data Breach Report – a 630% increase from the 35 million reported in 2008.

Further clouding the question of whether data security is improving or worsening is that only two data breaches were responsible for nearly 96% of all reported lost or compromised records last year: Heartland Payment Systems and the National Archive and Records Administration (NARA).

Hackers attacked Heartland, a credit card payment processor, and stole 130 million records. Another 76 million records were compromised when NARA sent a hard drive with the unencrypted personal information of 76 million servicemen out for repair.

Among the bleakest news of all though, is that only six of all the data breaches last year involved encrypted records, only slightly more than 1% of the total.

“Why are organizations that have these massive amounts of our data still not encrypting it?” asks Linda Foley, ITRC director and co-founder. “When we know we have these super breaches going on, why are they resisting a technology that could prevent them?

But, in the end all the numbers are nearly meaningless in the overall picture because what can’t be measured are the number of unreported data breaches, and the numbers of affected records that are reported simply as “unknown.”

Other highlights:

Data breaches of paper records account for 26% of all reported breaches in 2009 (up 41% from 2008).
The business sector was responsible for 41% of all reported breaches last year (compared to 21% in 2008).

Family ID theft protection

admin — Mon, 21 Dec 2009 21:43:21 +0000

The holiday season brings families and friends together. It’s a blessing for some, but for others … not so much. These are the families whose relatives and friends include at least one drug addict, alcoholic, convict, compulsive shopper or gambler or a get-rich-quick scammer. In other words, these are the families who need to worry about ID theft.

Few ID theft victims can identify the culprit, but among those who can, 50% point to a friend, family member or in-home employee, according to a study by Javelin Strategy and Research.

So, can you predict with any likelihood whether any of your friends or family members would take advantage of a holiday gathering to steal your identity? Yes. Those who’ve already suffered the pain of ID theft and family betrayal identified these attributes of their imposters in a survey by the Identity Theft Resource Center:

42% said the imposter was an alcoholic or addict
54% said the imposter had a criminal history
32% said the imposter had previously stolen identities of other family members

So, how can you protect yourself when a suspect family member will be part of a holiday family gathering?

Keep only cash in your wallet. Lock credit cards away in a safe or locked file drawer. If you must carry a driver’s license, put it in your pocket.
Keep mail, financial statement and checkbooks out of sight. The best place for them is in a safe or locked drawer.
Make sure your computers are password protected and/or encrypted.

Notre Dame data breach; ID theft risk for 24,000 employees

admin — Fri, 11 Dec 2009 20:04:42 +0000

A data breach is never a good thing, but when the data breach isn’t discovered for three years, and then those responsible wait two months before notifying those affected and at risk of ID theft … Well, 24,000 University of Notre Dame employees are confronting that situation.

Files containing the employees’ names, Social Security numbers, birth dates and zip codes were posted on the Internet on a publicly accessible university website from August 2006 until October of this year when they were discovered. Social Security numbers are the most valuable piece of personal information for ID theft, and when combined with names and birthdates, ID theft is easily perpetrated.

The files were removed after their discovery in October, but university officials waited until November 20 to notify employees affected by the data breach, including student workers and a “large number” of temporary and on-call employees.

Consumers whose information is compromised in a data breach have a one in five chance of becoming ID theft victims within the next 12 months, according to analysis by Javelin Strategy and Research, an independent financial services research firm. The study results were released on November 20, the same day Notre Dame mailed the data breach notification letters.

There isn’t any information pertaining to the data breach on the university website’s home page or the news and information department’s page. Nor are there any links for employees who would like additional information.

None of the information appears to have been used to commit ID theft, according to Dennis Brown, Notre Dame’s assistant vice president for news and information. After mailing the notification letter, the university decided to offer credit-monitoring services to the affected employees, according to Gordon Wishon, the university’s chief information officer and associate vice president of information technology.

He advised employees to order and review their credit reports for evidence of ID theft. “That’s something the university cannot do.”

ID theft risk for BlueCross BlueShield members after data breach

admin — Fri, 04 Dec 2009 22:38:03 +0000

Members will be receiving mail from BlueCross BlueShield any day now, but it won’t be Christmas cards. Instead, they’ll be getting letters warning them that they are at a heightened risk from ID theft because their personal, financial and even medical information may be among the millions of records missing after 57 computer hard drives were stolen from a Chattanooga storage.

Members who called BlueCross BlueShield to discuss eligibility or coordination of care were likely recorded on the stolen hard drives. All members would have had names and benefits ID numbers on the recordings, and some would also have Social Security numbers, birth dates and possibly diagnoses or diagnostic codes.

The information was not encrypted, according to BlueCross BlueShield officials. Those whose Social Security numbers and birth dates were recorded are at the greatest risk of ID theft. BlueCross BlueShield has said they’ll offer free credit monitoring services to those members.

The insurance giant has back up data from the stolen hard drives, and is combing through that information, identifying which members have been affected and their level of ID theft risk. As the research proceeds, current and former members will be sent the letters with contact information call centers where they can gather more information and report any instances of ID theft.

The data breach was discovered October 5, and is thought to have taken place at rough 6 PM the previous Friday. Blue Cross has notified the Secretary of the Department of Health and Human Services and the State of Tennessee.

276 ID theft, forgery, burglary and drug charges for California OB/GYN

admin — Tue, 24 Nov 2009 18:34:10 +0000

When you hear about a drug addict being arrested on 276 counts of ID theft, forgery, possession of controlled substances and burglary, the smiling face of the OB/GYN who delivered your children doesn’t immediately come to mind.

Even more shocking: you may be among her 15 patients/ID theft victims. Dr. Lisa Barden admits she’s a drug addict and that she stole identities so she could fill 131 Vicodin and hydrocodone prescriptions at 43 different pharmacies in Southern California. The prescriptions were forged and signed with the names of five colleagues whose prescription pads she also stole.

The pharmacies’ video cameras captured images of Barden as she committed ID theft when presenting the prescriptions.

Barden admits she was addicted to the pain pills and that most days she took more than a dozen of them. A mother of three, she also says the drugs took a serious toll on her relationships with her kids.

Now, though, Barden says she’s been clean for eight months since her February arrest and would like to practice medicine again. But first she might have to trade in her white smock for a prison uniform if she’s convicted on the ID theft, forgery, burglary and drug possession charges.

“It’s fraud. She’s lied. She’s cheated,” said Riverside County Deputy District Attorney Jeanne Roy.

Barden agreed to enter a guilty plea on the drug charges. Roy is prosecuting Barden’s case and doesn’t plan to go easy on her just because she’s a doctor and expresses regret that her drug addiction led her to ID theft and other criminal action.

“I don’t excuse criminal behavior for that,” Roy said.

At least patient says she believes Barden was high when she performed her Cesarean section and left a cut more than two inches long on the right side of her newborn’s head.

Whether or not Barden practiced medicine while under the influence remains to be determined, but it seems unlikely she took more than 12 Vicodins but only after hours.

Bank of New York Mellon computer tech indicted on 149 counts of ID theft

admin — Thu, 05 Nov 2009 20:05:35 +0000

A computer technician at the Bank of New York Mellon was indicted on 149 counts of grand larceny, ID theft, money laundering, scheme to defraud, computer tampering and unlawful possession of personal identification information.

The Manhattan district attorney’s office accused 27-year-old Adeniyi Adeyemi of committing ID theft against more than 150 of his coworkers at the bank and using their identities to steal more than $1.1 million from charities and non-profit organizations over a period of more than seven years.

The ID theft took place from November 2001 to April 2009. Adeyemi allegedly opened more than 30 accounts with banks and brokerage firms in the names of his co-workers, and deposited stolen funds, according to the DA’s office. He also hijacked their online banking profiles and wired money stolen from their bank accounts into other fraudulently opened bank accounts.

He did the same with the charities’ and non-profit organizations’ accounts, including those of Goodwill Industries, Iris Ministries, the Kalgidhar Trust, the Sudanese American Community Development Organization, Ravi Zacharia International Ministries, AFK Foundation, the American Community School at Beirut, the Jacksonville Humane Society, American Friends of Birdlife International, the International Association of Women Judges, the Space Generation Advisory Council, and the American Association for Clinical Chemistry.

The defendant came under suspicion by the New York/New Jersey Electronic Crimes Task Force of the United State Secret Service when Internet activity was tracked back to his Brooklyn apartment building. Mail related to the ID theft and the fraudulent accounts was delivered to several mailboxes in the building.

The DA said credit reports for dozens of the ID theft victims and other personally identifying information were found in the defendant’s apartment, along with $30,000 cash.

Law enforcement also found a storage locker Adeyemi rented, which contained notebooks with hundreds of names, Social Security numbers, account number and credit cards in the bank employees’ names.