Tuesday, December 22, 2009

Three big tips for identity security


Smart Money has a three-way tip sheet on “how to thwart identity thieves” today, Dec. 22, which MSN/Dell shared with its users today. The link is here.

The first tip is to stay with big names when shopping, because “they have the most to lose” if security fails. Amazon got good marks. But I still find that some “really indie” film DVD’s are not available in Amazon and need to be bought from the self-distributor.

Another tip is to watch out for “shoulder surfing”, a physical security problem at ATM’s and even with cell phones and Blackberries (which can be harder to type on). But the biggest danger could be mugging or robbery off hours at ATM’s that are not in locked spaces (requiring card access).

Another tip is to watch debit cards use very carefully for bogus charges. Security purists say, don't use debit cards at all.

I think there are some others. Use strong passwords, and develop a secure system for keeping them straight, especially when traveling. Think through your security plans before traveling, which can force you to build good habits for when you return home. (Maybe that movie “Up in the Air” has some pointers for frequent fliers.)

Saturday, December 19, 2009

Homeland Security delays RealID requirementsm


States will have until 2011 to comply with federal RealID requirements, according to a Washington Post story Saturday Dec. 19 by Spencer Hsu. Now states will have until May 11, 2011 to comply with RealID requirements in issuing drivers’ licenses and public safety ID cards (instead of Dec 31, 2009). The link for the story is here.

RealID is touted as a major enhancement of travel security (airports and probably trains and even transit systems in the future). However, the concept is similar to a proposal advanced here to build an NCOA database as a repository for due diligence checks to make impersonation of people much more difficult. It would be possible to combine the two plans.

Moderately well known people (even bloggers or self-published writers), especially with unusual names in less common languages or uncommon spellings, are probably harder to impersonate even as things are now.

Wednesday, December 16, 2009

New Visa/MC scam reported in Canada



Toronto police are warning North American users of a new scam in which a caller claims to be from Master Card or Visa and to have detected unusual activity on your card, very likely a lot of it overseas. The scammer already has your card numbers, but needs one more piece of information (usually a social security number in the US or similar government number in Canada or the UK) in order to start impersonation. They might ask for a PIN number.

The scam is apparently common in Canada now and spreading.

Sunday, December 06, 2009

Note: "Western Union" phishing scam


In recent days, I’ve gotten repeated emails about payments from “Western Union”. Of course, this is a variant of the “Nigerian scam” or phishing attack. I’ve gotten about five of these a day for the past week.

But what’s really curious, to me at least, is that when I worked for a debt collection agency in 2003, we often urged debtors to pay through Western Union (rather than send a check in the mail – some debtors are “unbanked” – as discussed today in a CNN report). That was mainly out of a need to convey a sense of “urgency.” Western Union was also a major customer of Sperry Univac when I worked for Univac in the early 1970s.

Wednesday, December 02, 2009

So, "Free Credit Report dot com" actually works!


Well, “Free Credit Report”, with all the minstrel singing by attractive pseudo-deadbeats, actually worked. Recently, I misplaced a new Suntrust card, which I noticed when I pulled out the card at a gas station and saw it was the old one.

The Suntrust telephone script will close out the old account immediately, create a new one, and mail the card. But the interesting thing is, yes, I did get the email from “Free Credit Report” in 24 hours, as well as an email from Experian showing it as “potentially negative information.”

So, something here actually works.