Thursday, December 19, 2019
Is privacy.com convenient enough to use for everything? It does seem curative for credit card fraud
As I recall, it was David Pakman who mentioned privacy.com
as a practical shield against fraud and maybe identity theft when shopping
online.
Here’s a video
And here’s a writeup on how it’s supposed to work. You create pseudo-cards with each vendor and
pay from a bank account, but you give up rewards.
Thursday, December 05, 2019
Mozila Firefox and Google Chrome have new tools to check your email addresses for breaches, and the results are pretty shocking.
Clifford Colby has an article in
CNET on how to check the dark web for your logon passwords after a data breach,
link.
I tried this with Mozilla Firefox Monitor and found
seven violations. The most glaring was “People
Data Labs” There was a breach of over
600 million accounts (potentially) in October 2019. This seems to be a
generalized data broker company selling to advertisers. Here’s another supporting story.
I’m a little concerned about Verifications.io in March
2019 because that happened when I was trying to get a digital wallet to work. There
is very little value involved, however. Here’s a story from the ITRC. Over 700 million violations. This seems to be a pattern.
I also have them from Ticketfly (2018), MySpace (2016),
Linkedin (2016), and Adobe (2013).
I have very little on Myspace and haven’t looked at it
for years. I look at Linked In occasionally.
The pattern of these breaches suggests mostly Russian,
Chinese or former republic origins (maybe North Korean) for the hacks.
These could
explain some robocalls (which increased in 2018), some spam (that looks very
silly).
You would wonder if data breaches could complicate the enforcement of (and even liability problems for creators) associated with COPPA, and maybe CCPA, as third party plugins or cookies might be feeding these companies.
You would wonder if data breaches could complicate the enforcement of (and even liability problems for creators) associated with COPPA, and maybe CCPA, as third party plugins or cookies might be feeding these companies.
There have also been emails
claiming I purchased Apple products in Indonesia. Kazakhstan and Belarus, and
no bill for them ever showed up. Of course
I haven’t been to these places. Programmers don't have good legitimate jobs in these countries.
Google Chrome offers a similar tool but it appears
your devices need to be synced first.
In 2013, a pickpocket robbery on the DC Metro resulted
in about $27000 attempted smart card fraud before the systems stopped it. Metro had to eat this one. The perp was
arrested later on another crime.
Wednesday, November 27, 2019
Equifax settlement up for approval in federal court, and many oppose it
Charlie Wertzel opines in the New York Times, “One Man can
Bring Equifax to Justice (and Get You your Money)”.
That’s if judge Thomas Thrash in Atlanta rejects the Equifax
settlement and recognizes many more lawsuits from victims. The trail is Thursday, Dec. 19.
This is sounding a bit like Dupont in the movie “Dark Waters”.
Or it reminds me of YouTube and COPPA (and FTA). Because the supposed COPPA violations by
YouTube’s subterranean behavioral advertising might place some minors in danger
of identity theft, although I haven’t heard this connection made very often.
Monday, November 04, 2019
Secret consumer scores approach "social credit" trustworthiness idea being implemented in China
NBC Nightly News reports tonight on “Secret Consumer Scores”
from data miners, where browsing habits, yelp reviews, some social media posts,
and other purchases are tracked by less well known companies, video here.
Kashmir Hill reports for the New York Times here. Even your Airbnb or Uber behavior seems to
be fair game.
We are getting closer to China’s “social credit score” of
trustworthiness all the time.
Friday, November 01, 2019
Media turns attention to "Mylife" and maybe similar sites
I did a major story about online reputation and the site “Mylife.com”
on my main blog today, and I see that this site had been mentioned here July
26, 2017.
The possibility of wrong individuals being mixed up would seem to exist, as would be the possibility of vengeance or “cancel culture” behavior as we have seen from activists trying to punish speakers personally for “privilege”. It certainly can contribute to harassing unpopular persons with "smears".
The possibility of wrong individuals being mixed up would seem to exist, as would be the possibility of vengeance or “cancel culture” behavior as we have seen from activists trying to punish speakers personally for “privilege”. It certainly can contribute to harassing unpopular persons with "smears".
Tuesday, October 08, 2019
Could being mimicked overseas be a problem? Not really that likely, it seems
CNBC has some basic advice on how to protect yourself from
bank account drainings and wire fraud, which may be more likely when you travel
a lot.
I’ve wondered about the idea as I get phishing emails
claiming I have made various purchases in third world countries.
But frequent checking of all your accounts at home (or even
when traveling domestically) would seem to make it impossible for anyone to
copy you abroad.
Yet I have wondered what would be the consequences if you
for some reason then traveled to one of those countries.
Here is a resource on what to do if your passport number is
breached (from the Identity Theft Resource Center).
Wednesday, September 18, 2019
"Memory Theft": can it lead to "trading point of view"? Not quite identity theft
I’ve talked about identity theft a lot here, but what about
something lower level, memory theft?
That occurs when some tells someone else’s story as if it
were theirs and may actually think it happened to them (particularly with
sexual or intimate events).
Psychology Today had a revealing article by Ira Hyman, Ph.
D., on April 28, 2015. This concept is possibly relevant to my novel
in development, “Angel’s Brother”. And
in my screenplay Ephiphany I propose that people can share accounts telepathically
through special brain reading software controlled by an “outside auditor”
character who decides the permission levels for other characters on the space
ship.
Short film by Ollieread is called “Remember Me #3” based on
a game.
Sunday, September 15, 2019
Payroll processing company gets in trouble, it seems some employees of clients get stiffed, at least temporarily
Employees of various small businesses suddenly found payroll
deposits withdrawn, sometimes mistakenly several times, as a result of an
apparent collapse of a payroll services firm, MyPayrollHR. Patrick Thobodeau
explains for Techtarget here.
An intermediary company Cachet in California seems to be
intervening to restore accounts.
But it is not clear how long it will take to restore payroll
amounts stolen or whether some employees could be stiffed, having to beg on social
media crowdfunding sites.
The FBI is involved.
This is an incredible case.
Thursday, September 12, 2019
Con man gets hired as surgical assistant in California, steals data of patients and employees
NBC Los Angeles (Eric Leonard et al) reports that a surgical assistant played “catch
me if you can” with hospitals and stole data from patients and employees
This seems rather incredible that he got to work in an O.R.
with no adequate check on his identity.
It’s unclear if he has compromised the identities of a
number of patients.
Tuesday, September 10, 2019
Scattered hospitals garnish wages, place liens on homes for medical debt
There are various reports of a few hospitals becoming aggressive
in collecting medical debts, with he New York Times having a major story by
Laura Beil about Carlsbad Hospital in southern New Mexico. Very recently, the hospital has agreed to
back off on lower income patients. But
the hospital has been reported to garnish wages.
A site called Accounts Recovery also discusses the lack of
competition problem for some hospitals.
But Jay Hancock and Elizabeth Lucas of The Washington Post
report similar problems with the University of Virginia Medical Center,
Charlottesville, resulting sometimes in liens on homes.
When I worked for debt collector RMA near MSP airport in 2003, the company had a medical debt operation.
Reporters have discussed the recent book “The Price We Pay”
from Marty Makary, MD, from Bloomsbury Publishing, available today on Amazon.
Friday, September 06, 2019
Experian replaces the company I used to work for in Dallas in the 80s; what has happened in three decades
Basia Hellwig of Investopedia has an informative article “Credit
Karma v. Experian: What’s the Difference?’
The article selects what it calls the best known of the
three large credit reporting companies as providing more information to
consumers than the other two; Credit
Karma, by comparison, is free and scrapes all three.
Experian is an international company with headquarters in
Dublin, Ireland. In the US it has a
large presence in McKinney, Texas, a distance suburb north of Dallas and Plano,
along Highway 175. In the 1980s (from
1981-1988) I worked for Chilton, which would be sold tor TRW in 1989, and then
TRW credit would be spun off to become Experian later. Experian more or less replaces Chilton as a
major tech employer in the Dallas area. But Chilton’s Amdahl data center and
programming support was located in Oak Lawn on Fitzhugh (the location later
became a bank and may be all townhomes now) and had a large LGB presence (in a
conservative company) because of its location near the “crossroads” at Cedar
Springs. When I was there, only one employee that I know of developed HIV (and
died). The executive offices were
located at Northpoint on I-635 and 175, and ADR (which supported Datacomm DB and
DC) was near that location (for training classes), but also near EDS.
This was actually a good time in my life, so
if someone at Experian finds this post, I hope this sits well with them.
However, “Economic Invincibility” does not like Experian’s
version of customer service (although this video is 3 years old).
I really wonder what the three major credit reporting companies think about the concept of "social credit systems" which are developing in China and which tech companies seem to be doing underground to regulate who has a right to be on their platforms.
I spent some of my last summer in Minnesota working for RMA in 2003 as a debt collector, and I recall one person I called, with just a small $60 balance, ask if I would pay for it for him personally because I was “better off”. Wokeness had already started in 2003.
I spent some of my last summer in Minnesota working for RMA in 2003 as a debt collector, and I recall one person I called, with just a small $60 balance, ask if I would pay for it for him personally because I was “better off”. Wokeness had already started in 2003.
Saturday, August 24, 2019
Arrest warrants for people who miss court appearances due to student loan debt?
Arielle Gray reports in the Huffington Post that she
received a letter, in Boston, informing
her of an arrest warrant regarding collection of unpaid student loans.
Well, it was a “civil warrant”. Apparently you can get this kind of notice if
you don’t show up in court for resolving a debtor’s plan.
I can remember, when working for RMA, a collection agency,
in Minnesota in 2003, one debtor (with a small balance of $60) asked if I would
pay his debt personally if I had the nerve to call him (which was my job).
Wednesday, August 21, 2019
RealID notice: You need to "get it done" by Oct 1, 2020
NBC News tonight reminded viewers that people needing to
board even domestic flights or enter federal property will need REAL ID stars
on their driver’s licenses by Oct. 1, 2010.
Legal presence in the US can be established with an
unexpired passport. Residency may be trickier, and require a mailed utility
bill, mortgage statement, or something similar, with postmark (from a recognizable
business), to your residence (not to a mailbox store). You will need your actual
physical social security card, too.
It also leads to a
secondary page.
I see that I last mentioned RealID here back in 2009.
Friday, August 09, 2019
A brief look at identify verification services
I don’t think I’ve mentioned that there are businesses that
offer ID verification, to other businesses.
Tony Raval provides an article for Forbes in December 2018.
The article offers a larger variety of databases that could
be used for cross verification. In the
past (Sept 2006) I suggested that the USPS could provide the basis for such a system.
Facebook has tried to use advertisers to verify identities
of persons who want to have their business pages boosted.
A book "The Fifth Domain" by Richard A. Clarke and Robert K. Knake talks about the system called ReallyU.
Wednesday, August 07, 2019
Are people with unusual names more immune to identity theft? what about wrongful arrest?
Marketwatch has a an article from Dec. 2017 (post Trump)
ratifying the idea that people with common names may be more vulnerable to
identity theft.
However people with foreign names (even mine) may have more
namesakes than they think. (This can
become a problem with domain names and trademarks.)
The article notes the possibility that if you are stopped by
police you could be held if someone had committed a crime in your name. It lists
states that have "identity theft passport programs") and they include Virginia.
Some employers require credit checks before and during
employment and require associated to take ultimate responsibility for
protecting their own identities. This
may be more difficult for people with common names. This was the case with my
last employer in Texas in the 1980s, when ID theft was much less common.
Thursday, July 25, 2019
How to "collect" from Equifax after the FTC settlement
Nick Statt has detailed directions on The Verge (Vox) of how
to get at least $125 from this weeks settlement by Equifax with the government
(FTC).
You need to use the free credit monitoring (which is a pain) to collect the $125.
Your social is scanned first, but there is a very good
chance it will test positive.
You can use outside sources like Credit Karma for the
monitoring.
And you may be able to collect for time spent on your
problems.
Tuesday, July 16, 2019
A questionable copyright bill in the Senate could become a boon to the debt collection industry
I’ve seen more discussion and speculation about a proposed
CASE Act, now in the Senate (S 1273 ); it would allow the Copyright Office to set up a “small claims court” and
hand out “fines” (like $5000) for small violations of copyright law with less
due process.
What would really happen is a bit speculative, but some
observers fear that copyright trolls would get judgments against ordinary users
with little due process, and users would suddenly get calls from collection
agencies, with debts that might even get sold like many others.
When an vested interest gets in bed with the collection
industry, it can become abusive. And Trump has made it easier to go after old
or questionable debts.
Saturday, July 06, 2019
Under Trump administration, debt collection companies are going after very old bills
The weekend Wall Street Journal has a feature story by Yuka Hayashi,
“Debt-Collecting Surges as Regulation Eases”, link.
Under the Trump administration, the Consumer Financial Protection
Board has eased regulation on debt-collection companies going after old debts,
which are often consolidated and sold to companies who specialize in going
after them aggressively.
In 2000, I pulled a credit report on myself (thinking I
would buy a home) and found a credit card debt from the early 80s that had been
lost in a cross country relocation. I wound up paying $650 to settle a dangling
$128 bill from a Best Buy-like store. I found another renewal of a Discover
card that had been missed. I simply paid
the principle off voluntarily to close the account.
I worked for RMA, a debt collection agency, in the summer of
2003. Many people said they had been
affected by 9/11.
Wednesday, June 26, 2019
Do "hard" credit inquiries affect your credit score? Marginally
Experian has a useful article on how “hard credit inquiries”,
often generated to get the best rate for an auto loan, can affect the credit
score.
Generally, Experian says, all inquiries are bundled together
as one inquiry for credit scoring, so the effect is rather minimal, and it goes
away with time.
No major credit reporting company has talked about “social
credit systems” yet but it seems like the tech companies want them.
Friday, June 07, 2019
A scare when I try to create my IRS online account
I just signed on and created an IRS online account and got a
scare.
But it looks like it was because of namesake relatives in
the Midwest. I created an account by adding
a 0 to my last name.
But I’ve had a problem with not getting credit for two
payments I made to the IRS.
If you call them you get a 15-30 minute hold.
Monday, May 13, 2019
Phishing scam grabs attention claiming your credit score has changed on all three major US companies suddenly
I wanted to warn others about still another phishing scam. This one purports to tell you that your credit
score has changed on Experian, Equifax and Trans Union.
The sender is your logon name for your email provider, and
Amazon’s URL is spoofed as the sender.
This seems like a particularly deceptive and dangerous phish.
Imagine if this was done in China with a social credit
score! Or if a social credit score were
hacked?
Tuesday, May 07, 2019
Could a recent phishing scam about package missed deliveries involved identity theft? Watch and see
Yesterday I got a bizarre email claiming a package sent by
me had been returned to a UPS store, turning out to be in South Carolina, that
I had never been to.
This appears to be a variation of the better known Fed-Ex phony
delivery notice phishing attack. I covered
the details on my Internet Safety blog Monday.
Nevertheless, the possibility of an identity theft scenario could exist.
Someone could create a fake duplicate
identity and send illegal materials to frame someone. But it sounds improbable it could work.
I’ll check my credit reports soon again, but this much more
likely a variation of a wellknown scam already.
Friday, April 19, 2019
Can automated bill payments improve your credit score?
Experian, in a corporate article by Stefan Lembo Stolba, posted
an important article on its consumer site “Can automatic bill payments help my
credit score?”
Generally, yes. One
problem I have is that many credit card company sites (Target and Chase) are
hard to log on to – passwords expire quickly.
The tendency is for them to be forgotten then if logon is difficult.
The Bank of America Bill Pay page has some issues, of not
refreshing information between pages, and keeping expired cards. The end result
is that sometimes payments go to wrong accounts and aren’t properly credited.
Tuesday, April 09, 2019
Arlington Public Schools (VA) offers adult class in identity theft self-protection
I don’t think I’ve shared an announcement of a class before,
but Arlington Public Schools (VA) offers a course for adults in how to prevent
identity theft and other scams, Wed. May 15 at 10 AM, with an announcement
here.
There will be particular attention to scams targeting
seniors and to smartphone security.
The event takes place in an office complex near the intersection
of Washington Blvd and Route 50.
Monday, March 25, 2019
Can Dodd-Frank endanger ordinary bank depositors and investors? It's a risk a little bit parallel to ID theft?
I’m not sure which blog to post this on. It’s not really about identity theft, but it
concerns a risk to consumers that is fundamentally parallel to identity theft.
That is, the “bail-in” process of the Dodd-Frank
Reform Act of 2010, which Trump has said little about, well, except according
to The Atlantic.
Assets, other than savings and deposits insured under
the FDIC up to $250000, can be “confiscated” by creditors in some circumstances
with a failing bank, even by derivative creditors. Ivestopedia explains here.
The irony is that this risk seems to comport with
moral criticisms of “predatory capitalism” from the far Left, as placing the
blame on “the system” rather than individuals – except individuals with
unearned capital.
Kitco has a similar explanation.
A few companies have been sending emails (possible
spam) trying to sell protection to consumers.
Via:NerdWallet
Nerdwallet has a tamer discussion (shown).
Tuesday, March 19, 2019
"Suprise medical bills" not covered by insurance can lead to granishments, liens
Tonight, NBC News reported the problem of “surprise medical bills”, resulting in liens and even garnishments in New Hampshire, Vermont, Colorado, Oklahoma, Nevada and Ohio.
Lindsey Bomnin and Stephanie Gosk provided the story.
In one case, a woman had a normal appendectomy, only to get an extra bill for over $4000 from a surgeon, who might have been out-of-network, even though she repeatedly checked in her insurance during the hospitalization.
With my acetabular hip fracture in Minnesota in 1998, I ran into problems with some of the after care, in the rehab, but eventually “won” the argument. Ironically the surgical device at the University of Minnesota was “free” because it was brand new and experimental (it worked perfectly).
I worked for a debt collection agency, RMA, in St. Paul in the summer of 2003 and might have wound up working in medical collections had I stayed, because I knew a lot about health care.
The arguments posed by debt collectors were “you used to service ….” – personal responsibility carrued to an extreme degree.
Sunday, March 03, 2019
North Korea seems to be creating fake identity accounts on LinkedIn and other social media, and running phishing campaigns with them
North Korea still continues hacking, which persisted during the summit his past week.
Most if the targets seem to be infrastructure, oil companies, and banks. There seem to have been some attempts at airgaps at electric utilities.
A common technique is to pose as a recruiter (essentially impostering a real person) on Linked in.
This is the first time I’ve heard of Linked-In as a target for identity theft connected to spam.
Nicole Perlroth has a story in the New York Times and MSN.
Social media impersonation may be a technique particularly coming into use now. But there have been numerous cases of fake accounts for real people in the past on Facebook and Twitter. It happened to me once, and a friend caught it and the fake account was deleted before I knew about it.
Loose personal information might enable the creation of fake social media accounts. It’s conceivable a foreign enemy could write posts that resemble what the real person would write, but that would take a lot of effort. Still, a proof-of-concept attack like that would be very disturbing.
Sunday, February 03, 2019
Google's interest in "replacing" the URL system recalls the DNS crisis of 2008, any connection?
There are recent reports that Google is working on other
ways of identifying website addresses as well as conventional domain-oriented
URL’s.
Since domains are mapped to IP addresses, often on hosted
servers, and propagated worldwide, it isn’t clear if this refers to that
concept, or the tendency of many sites to add unnecessary qualifiers when
offering popup links to sites, as from emails. This practice facilitates phishing.
The story reminds me of the controversy in the summer of
2008, when a Finnish researcher found a security flaw in the DNS mapping system,
resulting in a big emergency conference at Microsoft near Seattle.
Microsoft offers enterprises a service called Azure,
cloud-hosted, that also seems to break away from URL dependency.
And more and more sites encourage smart phone users to load their
apps rather than use URL’s in browsers.
Sunday, January 20, 2019
Experian notes an id-theft risk in a popular game; Can credit-scoring companies develop a way to allow for the federal shutdown?
Experian has a detailed article by Matt Tatham on some consumer
gamer vulnerabilities with Fortnite, apparently leading to some compromises of
PII and even identity theft.
This reminds me of the idea of identity theft on a platform
like Second Life.
Experian, by the way, is the successor to Chilton (through
TRW) which I worked for in the 1980s.
Maybe somebody there remembers me (in Dallas).
I wanted to note also that for several months I got emails claiming
to be from Apple about numerous (perhaps dozens) games I had supposedly
purchased in Indonesia and Belarus (a particularly vulnerable country). No, obvious spam, I think (although it simulated
an Apple address, but no statement ever showed up on my cards). It sounds possible that there is a digital
copy of me overseas, maybe created by the Russians. Could this be a problem if I travel overseas? They’ve
never shown up on my credit reports.
I also want to note that, although I didn't work on the Fair Isaacs credit scoring (then called "Risk Predictor") interface, some coworkers did and I am somewhat familiar with it. It strikes me that credit reporting companies should develop a way to account for missed payments from federal workers "taken hostage" by the president and Congress. Technically, I know it can be done. So do it.Picture: where I lived in 1979, near Dallas North Tollway at Cedar Springs; new apartment complex replaced the old Embarcadero on Lucas St.
Saturday, January 12, 2019
Darkening of FTC during shutdown increases risk of identity theft
Apparently the Federal Trade Commission is dark during the
shutdown, increasing the risk of identity theft from hackers or even pickpockets. NBC News reports.
Major incidents are already reported.
Furthermore, a complaint to the FTC about possible payment
processor collusion against some content creators using patronage systems online
won’t get started right now.
Thursday, January 03, 2019
Experian analyzes the risk to average consumers from data breaches
For the New Year, Experian (aka TRW aka Chilton) has some embeddable charts on “where
your personal information is most at risk” from 2018. From data breaches.
Or this one, data records lost by industry
Most of these breaches are so massive that the practical
risk for any person is very low. And
more of them seem to come from foreign states.
Subscribe to:
Posts (Atom)