Be wary of check processing job scams!

MSN/Dell is warning the public about “payment processing” job scams where the “home worker” deposits a fraudulent check to the bank, takes a commission, and then wires money to the “employer”. For a short period of time, the bank is required to honor the amount, so this scheme has become an attractive scam, attracting people looking for work. The link is here.

Kathryn Reynolds Lewis (MSN Money) has the story “Cash a check, maybe go to jail: Did you get conned into joining a check-cashing scam? Even if authorities decide you're an innocent victim, you could find yourself owing a bank thousands of dollars.”

In a few cases, check processors have been threatened with prosecution, which would be possible if they knew that it was a fraud or should reasonably have known. They will wind up with liability for the money and could have their accounts frozen.

Some of these jobs have been offered on Craigslist.

Reviewing the Identity Theft and Assumption Deterrence Act of 1998

I don’t think that I’ve explicitly covered the legal basis for prosecutions for “identity theft” in federal law, but one of the most important tools is the Identity Theft and Assumption Deterrence Act of 1998, Public Law 105-318, 112 Stat. 3007 (Oct. 30, 1998), Public Law 105-318, 112 Stat. 3007 (Oct. 30, 1998), HR 4151.

The FTC maintains a copy of the text of the statute at this link.

The site wikia.com has a better description than Wikipedia, with the (web URL) link here.

The law is criticized as not offering individual victims the right to collect civil damages for their time and inconvenience and disruption; instead institutions are compensated, and individuals must depend on law enforcement to bring about prosecutions.

The articles refer to a controversial Federal Victim and Witness Protection Act of 1982, which was supposed to assist victims and witnesses to crimes, but more often in criminal investigation and testimony situations, familiar in the movies. A link that summarizes many of these laws is at DOJ here.

A simpler reference is here.

Internet Privacy Day: an occasion to "celebrate"!

Today, Jan. 28, 2010, is Internet Privacy Day, and AOL Walletpop has a good summary story, “Internet Data Privacy Day 2010: How to protect your kids (and yourself) online,”, by Lita Epstein, link here.

The story gives many links from different organizations, such as the Girl Scouts, but emphasizes that even with privacy settings, nothing is completely private anymore. The story gives links to other stories that discuss the harm of Internet rumor.

The article mentions an AOL blog “Safety Clicks” (link here) with many entries, including an entry that Social Networking Profiles could become a new target for hackers in 2010.

TSA no-fly list could be tied to an NCOA-based identity protection system

Justin Florence has an article in the Jan. 4 Washington Post , “A Better No-Fly List”, that does link to the problem of identity protection. The link is here.

The article suggests a way for people mistakenly singled out by the list to appeal, with an in-person procedure where TSA employees could check identities more carefully on a system not connected to the Internet (and probably an old-fashioned mainframe system with mainframe security, starting with RACF). There also could be an appeals procedure, but who should pay the cost of attorneys is a good question when an innocent person is wrongly singled out. Similar names will be a reason for mis-identifications.

Of course, so could identity theft. It makes sense that such a system could tie in to NCOA verifications that I suggested on Sept. 25, 2006 on this blog.

Three big tips for identity security

Smart Money has a three-way tip sheet on “how to thwart identity thieves” today, Dec. 22, which MSN/Dell shared with its users today. The link is here.

The first tip is to stay with big names when shopping, because “they have the most to lose” if security fails. Amazon got good marks. But I still find that some “really indie” film DVD’s are not available in Amazon and need to be bought from the self-distributor.

Another tip is to watch out for “shoulder surfing”, a physical security problem at ATM’s and even with cell phones and Blackberries (which can be harder to type on). But the biggest danger could be mugging or robbery off hours at ATM’s that are not in locked spaces (requiring card access).

Another tip is to watch debit cards use very carefully for bogus charges. Security purists say, don't use debit cards at all.

I think there are some others. Use strong passwords, and develop a secure system for keeping them straight, especially when traveling. Think through your security plans before traveling, which can force you to build good habits for when you return home. (Maybe that movie “Up in the Air” has some pointers for frequent fliers.)

Homeland Security delays RealID requirementsm

States will have until 2011 to comply with federal RealID requirements, according to a Washington Post story Saturday Dec. 19 by Spencer Hsu. Now states will have until May 11, 2011 to comply with RealID requirements in issuing drivers’ licenses and public safety ID cards (instead of Dec 31, 2009). The link for the story is here.

RealID is touted as a major enhancement of travel security (airports and probably trains and even transit systems in the future). However, the concept is similar to a proposal advanced here to build an NCOA database as a repository for due diligence checks to make impersonation of people much more difficult. It would be possible to combine the two plans.

Moderately well known people (even bloggers or self-published writers), especially with unusual names in less common languages or uncommon spellings, are probably harder to impersonate even as things are now.

New Visa/MC scam reported in Canada

Toronto police are warning North American users of a new scam in which a caller claims to be from Master Card or Visa and to have detected unusual activity on your card, very likely a lot of it overseas. The scammer already has your card numbers, but needs one more piece of information (usually a social security number in the US or similar government number in Canada or the UK) in order to start impersonation. They might ask for a PIN number.

The scam is apparently common in Canada now and spreading.