Results 1 to 10 of 10
  1. #1
    ABW Ambassador Doc Sawyer's Avatar
    Join Date
    January 18th, 2005
    Location
    Southern California Desert
    Posts
    567
    ID Theft
    According to friends and acquaintances who know my financial habits, I am nearly a fanatic when it comes to guarding my private account numbers. I have almost completely eliminated receiving and sending paper checks in favor of electronic transfers. I couldn't imagine throwing an invoice in the garbage can. No, I carefully shred all paper documents before they go into the recycle bin.

    Even at the doctor's office or the insurance agency, I never surrender my Social Security Number without a fight. I constantly remind annoyed nurses and counter people that they are not supposed to use a Social Security Number as an identification number. When fill out forms, I'll either leave the line blank or fill in an obviously phony number like 123-45-6789.

    So, I have become one of those people who do most of their business on-line. Call me crazy if you want but I think it is far safer to do business over the Internet than it is to hand a credit card to a waiter, for instance, and watch him walk behind a door to 'process the transaction'. Sadly, even the simple act of holding a credit card in open sight has become a security threat with the advent of cell-phone cameras.

    Of course, that means my greatest security vulnerability now centers on the computer in my office. But the first line of defense on today's Internet is a solid measure of skepticism. I don't fall for those stupid alarmist e-mails warning that my 'account is suspended' until I 'confirm my log-in information'. Yah . . . Right. Every day or two, I win yet another Dream Vacation or a Fabulous Grand Prize. Sure. 'Meds', Rolex Watches, Viagra, on and on. Yawn . . . Delete Unopened. I don't download images or html. I don't open attachments. Forget sending me an e-greeting card. Deleted Unopened.

    My wife jokes that exhibit Obsessive-Compulsive behavior about the data on my computer. I use browser and e-mail software that is less prone to attack. At least once a week, I 'scrub' my personal computer: delete all cookies, all history, all auto-complete, any store passwords, all temporary files. That initial wash is followed by scans by three separate anti-spyware programs and two anti-virus scans. Then, I defrag, reboot and change all my passwords. All that at least once a week - sometimes more often.

    And, my caution had served me well for several years . . . until two weeks ago.

    What finally nailed me was a 'snail-mail' letter from an investment agency with which I had no prior dealings. Never heard of them! It turns out, my employer had changed the agent in charge of our employee retirement fund. The new agency wrote a cheerful letter outlining their services and announcing their 'convenient' web site. Everything an identity thief could want was laid out on a single sheet of paper: full name, complete address, Social Security Number and even the PIN number to get the new 'convenient' on-line account started. That letter was stolen from my mailbox. I didn't expect the letter so I never missed it.


    Last week, I received a phone call from a Detective at the Sheriff's Department. He was working on a case of mail theft involving an identity-theft ring. They had caught the mail-snatcher in the act with mail from about 80 households in her car. The Detective wanted me to come down to the station and confirm a letter that he had confiscated was, indeed, mine. 'View the Evidence', he called it.

    Seeing that letter was the first I knew of the changes to my retirement fund. Reading that letter for the first time, with my Social Security Number displayed neatly next to my full name and address, gave me the cold realization that my carefully crafted line of defense had a hole in it. I realized the walls to my fort had finally been breached. I was furious. "Who could be so STUPID to print out my name AND my Social Security Number and toss it in the MAIL ? ".

    I spent yesterday morning placing a "security freeze" on my credit files with each of the three credit bureaus. A security freeze is supposed to block credit file sharing at the credit bureau. When credit files are frozen, even someone using the correct name, address and corresponding Social Security Number should be denied access to the credit report. Most businesses will not open credit accounts without receiving a consumer's credit history first.

    A security freeze also means that my credit files will not be shared with legitimate creditors, insurance companies or potential employers doing background checks. But, if the need arises to apply for credit or insurance or even change jobs, I will have the option to temporary lift the security freeze on my credit files for that reason.

    In many states, placing a security freeze is free of charge to anyone who can cite a police report of a theft of their identity. Otherwise, the fee is $10 per request to place a security freeze. The letters go to the following addresses:

    Experian Security Freeze
    P. O. Box 9554
    Allen, TX 75013

    Trans Union Security Freeze
    P. O. Box 6790
    Fullerton, CA 92834-6790

    Equifax Security Freeze
    P.O. Box 105788
    Atlanta, GA 30348

    Now, here is the part that galls the living daylights out of me. To place a security freeze, I had to write a letter to each of the three credit bureaus and provide identifying information: full name, current and former addresses for the past five years, Social Security number, date of birth. Of course, it was necessary to sign the letter so the credit bureau would have a copy of my valid signature. Then, against all common sense, toss this information in the mail to an un-named addressee at a PO box.

    So, Who would be so STUPID as to print out my name and my Social Security Number and toss it in the MAIL ?

    As it turns out, I would . . .

    Doc

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    744
    Doc,

    I am so sorry to hear that this happened to you. I, too, am obsessive about protecting my private information. It's hard to believe that a company would be so stupid as to send you a snail-mail letter with all of your personal information outlined. Yikes!

    Good luck with the whole thing...

  3. #3
    Ms Dumb Ass ... but, *NOT* Today! westgroup's Avatar
    Join Date
    January 18th, 2005
    Location
    State of Perpetual Confusion
    Posts
    471
    I know that many stses are upping the penalty for id theft, but it's still not harsh enough.
    To me id theft should have the highest penalty as possible. The emotional stress alone, should give the thief at least 5 years, then on top of that more time for the financial distress. They should also get punative charges.

    The criminal and the company that allowed the criminal to get your info should be charged. Once they start holding companies liable things may change a bit.

  4. #4
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Sorry someone so careful fell victim to that piece of corporate stupidity. Sure hope your freeze works and the perps get real jailtime.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  5. #5
    Member
    Join Date
    June 17th, 2005
    Posts
    64
    Sorry to hear about your issues, but as someone that works in healthcare, your SSN is REQUIRED. It is not used in anyway to identify you as a patient like you think. Insurance companies will not pay a claim without the ssn.

    You could end up stuck with that bill. Also, with the new HIPAA legislation, you can feel safe that your information is being protected. (relatively)

  6. #6
    Full Member Travelin Man's Avatar
    Join Date
    January 18th, 2005
    Posts
    409
    Doc, That really sucks! I hope things work out for you.

    Speaking about mail and how safe it is...did you know that the US government uses the US mail to send classified "secret" material? Things that make you go Hmmmm. They use registered mail of course.
    Travelin' Man

    "If you don't know where you are going, any road will lead you there." -- unknown

  7. #7
    ABW Ambassador ShoreMark's Avatar
    Join Date
    January 18th, 2005
    Location
    NJ, USA
    Posts
    912
    Quote Originally Posted by westgroup
    To me id theft should have the highest penalty as possible. The emotional stress alone, should give the thief at least 5 years, then on top of that more time for the financial distress. They should also get punative charges.
    While the points you make are certainly compelling, they pale in comparison to people being arrested mistakenly for crimes commited by the theives. Imagine a knock on the door, handcuffs, and a week or two to straighten out the theft, and from behind bars as an innocent victim.

    Those convicted of ID theft deserve no less than 50 years, with no parole.

  8. #8
    Chick with Brains Tracy's Avatar
    Join Date
    January 18th, 2005
    Location
    Polk County, Florida
    Posts
    1,878
    Have you contacted the investment agency about their lax practices? I sure would have been raising hell with them.

    Why would they send all that information to you in the mail? All they had to say was, to login to your account "use your social security number." Doesn't seem like it was necessary to actually put your social security number and the PIN number in the letter. Even banks mail pin numbers in a separate envelope from credit cards for security reasons.

  9. #9
    ABW Ambassador DesignerWiz's Avatar
    Join Date
    January 18th, 2005
    Location
    U.S.A
    Posts
    2,777
    Hello Doc, sorry to hear about your dilemma. Thanks for reminding us "no matter how tight you think your security is, your only 1 corporate action away from instant disaster."

    I hope all works out well for you, and that the lady who stole your mail gets a little time in prison to think about her actions.
    Ray Thomas
    Webmaster Resources: http://DesignerWiz.com
    ABW Board Category: Programming / Coding
    http://forum.abestweb.com/forumdisplay.php?f=190

  10. #10
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Thumbs down
    Just a typo like Googkle or MSMN can lead to online identity theft, funded by those who are believers in BHO contextual advertising. No affiliate anywhere should be allowed to receive a penny to place any Adware on web surfers systems...period. No network rules requiring double-opt-in BHO installs will lead to more of this ...

    http://news.zdnet.com/2100-1009_22-5686764.html

    mistype 'Google.com'By Matt Hines, CNET News.com
    Published on ZDNet News: April 27, 2005, 8:51 AM PT

    Forward in EMAIL Format for PRINT Search Security Google
    Security researchers have discovered an attack aimed at would-be visitors to Google.com, one that attempts to download malicious programs onto the computers of people who simply mistype the search giant's Web address.

    According to security specialist F-Secure, unsuspecting Web surfers may be bombarded with various types of Trojan horse threats, spyware and backdoors when they go to "Googkle.com." The scheme is meant to take advantage of sloppy or hurried typists, given that on most keyboards the letter "k" key sits next to the "l" needed to type "Google."

    Google representatives said the company had no comment on the matter for the time being. In the past, the company appears to have made moves to protect its users against mistyping errors. If a person puts an extra "o" in Google's URL, they are simply redirected to the company's homepage. On the other hand, if someone mistakenly adds a fourth "o" to Google, they are directed to USseek.com, a Web portal that offers pop-up advertising for an online casino.

    In an advisory, F-Secure strongly advises people not to go to Googkle.com. People who do so will see two pop-ups linked to Web sites that install the Trojan programs. One of the programs is a phishing-style Trojan that attempts to garner individuals' online banking information, while another drops phony antivirus alerts on the victim's desktop that attempt to lure people to other infected Web sites.

    While relatively low-tech in terms of its social engineering, the URL mistype attack is an approach that has long been incorporated by many different kinds of Internet opportunists, from legitimate companies trying to steal traffic from their rivals or simply piggyback on the success of larger companies, to criminals looking to misrepresent themselves and trick consumers into handing over personal data.

    In one of the most famous instances of URL deception, the site hosted at Whitehouse.com for several years was an advertisement for pornography, not a link to the office of the president, whose official site is Whitehouse.gov.

    more ... http://www.google.com/search?sourcei...C:en&q=googkle
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  11. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Replies: 0
    Last Post: May 30th, 2013, 11:50 PM
  2. Commission theft
    By Tweerym in forum Suspicious Activity!
    Replies: 9
    Last Post: June 12th, 2011, 01:45 AM
  3. Identity theft
    By Rexanne in forum Virtual Family and Off-Topic
    Replies: 26
    Last Post: September 18th, 2006, 10:30 AM
  4. Image Theft!
    By frankodelic in forum Midnight Cafe'
    Replies: 28
    Last Post: April 23rd, 2003, 10:22 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •