Friday, July 31, 2009

Equifax advisers job seekers on identity protection


Equifax, one of the three major credit reporting companies, has an important story in its July 2009 newsletter, “How Identity Thieves Target Job Seekers: How to Stay Safe”. The link is here.

The Atlanta credit reporting company recommends separate email accounts for job hunting (I didn’t do that), and being very wary of jobs like “payment representative.” Also many scams have poor grammar and spelling, due to overseas origin and boiler room operation.

Of course, one should not include social security numbers on resumes (like they once were expected thirty years ago) and not give out bank account or other personal information.

Sunday, July 26, 2009

"Identity Protection": should all juries be anonymous?


The Washington Times Sunday Read on July 26, on p 4, has an interesting proposal about “identity”, reported by Kristi Jourdan: “Identity Protection: Maryland, Virginia mull proposals for juries to be anonymous in all trials.” Here is the link.

The issue comes about because of fears of jury tampering and of threats against jurors in certain kinds of cases, such as those involving gangs, drug cartels or the “Mob.” It’s the stuff of John Grisham novels (like “Runaway Jury”, which became an important Fox film). But the constitutional theory is that selective anonymity undermines the presumption of innocence.

In the age of the Internet, it would sound like enforcing anonymity would be difficult.

Problems of identity exist with witness protection programs anyway, such as in the 2006 Lifetime film “Family in Hiding.”

I was called to jury duty four times while living in Dallas in the 1980s (the one day, one trial system). I was the foreman on a weapon's trial, resulting in conviction. My presence in a cvil malpractice case helped force a settlement because after the voir dire my background in work with HIV and the clinical issues came to the attention of the plaintiff's lawyers.

Saturday, July 25, 2009

Network Solutions experiences major breach; question on credit card recepits


Brian Krebs of The Brian Krebs of The Washington Post reported on p A13 Saturday July 25, that Network Solutions, one of the nation’s biggest ISP and domain name providers, was hacked between March and June of 2009, and about 4300 e-commerce domains processing credit card transactions for over 570000 consumers could have been compromised.
The link for the story (p A13 in print) is here.

I have one small domain hosted by NS, but it does not process credit cards; in fact, I do not process any credit card transactions myself; all transactions for my books are processed by Amazon, Barnes and Noble, or iUniverse, or a few other retailers. So no visitors to any of my materials could have been affected by this.

On Friday July 24, Liz Crenshaw of NBC Washington briefly discussed FACTA, the Fair and Accurate Credit Transactions Act of 2003. The Privacy Rights Clearinghouse a critical discussion of FACTA here. A viewer had asked Liz whether credit card receipts can compromise identity security. Part of the answer has to do with truncation of credit card numbers to the last 4 or 5 digits on receipts (link).

Friday, July 24, 2009

Media reports that Romanian ATM scheme has led to massive consumer losses worldwide


Major media sources have reported an astronomical amount of money being scammed from bank accounts by devices planted around ATM machines, and supposedly a “Romanian” gang is implicated.

Back in 2008, there were numerous reports about this problem, such as this one from Ireland on Blogger, incorporating an original story on The Irish Examiner (site) by Seán McCárthaigh (original not available). There is an independent story from Ireland about the Romanian Connection here. The blogger had previously made a supplementary post about illegal immigration in Europe as contributing to the problem that has now surfaced in the US.

An Australian site reported (story by Arjun Ramachandran) the “Romanian racket” as global in April 2009, link here.

The news reports yesterday indicated that the scams had included many credit and debit card readers at gasoline stations around the US, Canada and Europe, where customers are not as careful as at bank ATM machines about the possibility of physical spy cameras.

Thursday, July 23, 2009

Real world simple traps on privacy protection


Here’s another minor tip in identity protection. When using a Blackberry and finishing a phone call, remember to press the red icon, to disconnect. Otherwise, if you carry on a conversation and mention sensitive matters, the other party may be able to “listen in”. This is something I’ve noticed since getting an “Obama-like” Blackberry myself. This sounds like the “overhearing” problem that occurs in soap operas where no one has privacy.

Anderson Cooper on AC360 reported the “Erin” photos, and speculated that someone could have used a minwebcam through a peephole in a hotel door, or in a hole in a wall, or a lamp. Trojan horses can give attackers control of your webcam with some laptops, especially on the road.

Monday, July 20, 2009

PBRC helps consumers by adding normal recurring payments to credit histories


A Maryland company called PRBC, or “Payment Reporting Builds Credit” may help consumers improve their FICO scores by adding recurring payment items like rent, cable, utilities, insurance, even daycare. The basic link is here.

PRBC was explained as point 5 in another “several ways” article on Walletpop on AOL today, with link here. This list emphasized diversifying credit, and having one or two items actually paid off on time, especially for renters. I just broke that rule when I charged my new Vista laptop on Visa at BestBuy rather than bothering to use their financing, just because it would take so much time

Sunday, July 19, 2009

Small town newspapers report on id theft problem


Smaller city newspapers are getting into reporting the identity theft problem. Today, Brandon Bietz, on p B4 “Money” of the Hagerstown MD “Herald Mail” reports “Credit card theft is biggest form of identity theft in the U.S., story link here. His story starts with the concept of reputation and what “makes you unique”. Later he reports 20% of id theft scams involve credit card fraud, specifically getting new accounts without a person’s knowledge.

The victim finds out perhaps with a call from a debt collector: then you wonder why the lender didn’t cross check the preferred address and sends bills to a fraudulent address. There seems to be no due diligence requiring the lender to do so.

We can solve this problem. Yes we can.

Thursday, July 16, 2009

Bank ATM's are still vulnerable to webcam spies


Station WJLA (ABC) in Washington today reported on more problems with bank ATM’s, with incidents of hidden cameras below the devices able to read both the debit card numbers and also able to read PINs. It recommended that bank customers cover up their keypads and cards physically when using them.

The miniaturization of cameras may be part of the issue. Consider how small the webcam camera is in a modern laptop, which Windows Vista uses to authenticate users with facial recognition software. The character Jan on "Days of our Lives" introduced us to webcam mischief about four years ago; it hasn't let up.

People ought to be in the habit of checking their accounts online daily, although this is more difficult for people who must travel overseas or into remote areas.

Tuesday, July 07, 2009

Social security numbers may be too easy to guess, especially for seniors


Brian Krebs has a story in The Washington Post, July 6, “Researchers: Social Security Numbers Can Be Guessed”, with link here.

The social security numbering system was never intended to be used for authentication, and older people may find that social security numbers are derived from other demographic data, or may have been given in sequence to family members. Identity thieves could make up algorithms to keep trying and guess the numbers.

The Social Security Administration has long cautioned private companies against using social security numbers as a prime identifier. Banks and financial institutions used to use them, but have tended to shift toward randomly generated user ids as well as passwords.

AOL also has a major story on "guessing social security numbers" with URL here. The article refers to a Carnegie Mellon report, which breaks down how the social security number has often been parsed. The first three digits of a Social Security number were called the area number and correlated to ZIP code. The middle two numbers were called the group number and were assigned within a "region", often consistently for years. Lists of assigned area and group numbers are available through Web sites associated with the Social Security Administration, the report said. In 1988, the government mounted an effort to assign social security numbers right after birth. The number system is rather like that of a library that changes its catalogue locations a few times over a long period.

Carnegie Mellon has a "SSN watch" website here.

Thursday, July 02, 2009

Insurance Scores: less well known than FICO: learn about them!


Besides your credit score (such as FICO), another “measure” that can affect “your” life could be your Insurance Score, when you go to purchase homeowner’s or auto insurance. It’s not clear that it makes as much difference with renter’s insurance. I’m not sure if it is used for mortgage or title insurance, but it could make sense to use it.

Insurance companies use proprietary “top secret” formulas for the scores, and there seems to be less information about the score and less direct ways to address it than there are for FICO scores. One major purpose of assessing people with the Insurance Score as part of the application process is to assess a premium relative to risk, and to prevent anti-selection, both of which insurance companies say are essential to their business models.

However, all the literature around suggests that insurance scores are computed mainly from your credit report (the same items that contribute to a FICO score), and from the loss history for the property. A company called ChoicePoint maintains a database called C.L.U.E. (like the board game - actually the acronym means "Comprehensive Loss Underwriting Exchange") (FAQ) that relates to the claims experience for properties. Other items could enter into the calculation, such as the claims experience in a general neighborhood, and the risk of flood, earthquake, wind, or wildfire in an area, relative to the coverages offered (flood usually has to be purchased separately). For auto insurance, your driving record (moving violations – not certain about photo enforced items) would become the most obvious item, as well as some profile items like age and gender and marital status (which may be becoming less important than they used to be; wouldn’t a 21 year old trained to drive a military vehicle or operate an jet be a better risk than the average 21 year old behind the wheel?)

To some extent the subject is disturbing because identity theft could compromise an insurance score, and it may be harder to resolve. Yet many property companies offer identity theft insurance endorsement, even to the point of coverage wrongful conviction for a crime committed by another.

All of this sounds related to still other services, like Tenant Checks, which screen perspective renters and look at items such as prior evictions.

Social activists are properly concerned about the potential for redlining certain neighborhoods. Many metropolitan areas experience unusually aggressive crimes in some neighborhoods, associated sometimes with illegal immigration, drug cartels and gangs – to the point that the problem is a genuine Homeland Security issue and should not be just the responsibility of local law enforcement and the insurance business.

The literature, however, does seem reassuring that insurance scores do not directly concern themselves with personal issues (sexual orientation, for example), or religious or political beliefs, or other social diversity factors.

The major starting point for this subject is the Insurance Scores website.

Look also at About.com’s FAQ reference, and at Choice’s own reference (which offers a preview score for a small charge). These references indicate that one cannot easily get CLUE data on a property without legitimate purposes.

Wednesday, July 01, 2009

Where you shop affects your credit score -- really?


AOL Walletpop offers an article on how what you buy could affect your credit score. Companies are treating purchases made at second-hand stores or at pawn shops as indicative of poor credit risk, even though there are supposed to be regulations prohibiting the practice.

I think that the title of the article “What you buy affects your credit” and the picture of a generic dishwasher fluid on the strike page from AOL as misleading. It’s where you shop that may be a problem. The New York Times had reported on this problem in late 2008.

The story link is here.