Topics:Internet Security Identity Theft 101 Data Breach News Business Security Tax Identity Theft Medical Identity Theft Scams
This is part one of a two-part cybersecurity series. When you think of a modern-day hacker, you probably think of a hooded figure maliciously working on a computer in a dark room. What probably doesn't come to mind is a completely different type of hacker — the ethical hacker. Ethical hackers, unlike the stereotypical illegal hackers, are the good guys. Typically, they are legally hired to hack into areas like private data systems to determine the system's weak spots. This weak spot knowledge is used to strengthen the system's security so it can't be illegally hacked. Dan Desko, currently a senior manager of IT Risk Advisory Services at Schneider Downs, explained that "ethical hacking is a process of finding organizations' security weaknesses before the bad guys do. It is all about offering up a service that comes as close to the tactics of a malicious hacker in order to offer a realistic threat scenario and then learn from it. My team invests heavily in training and stays very in touch with the latest in the industry to make sure we deliver this." How did a professional like Desko get into ethical hacking in the first place? Desko explained that each step in his career combined with his personal interests was what led him to his current profession as an ethical hacker: "I started my career working in computer operations in a data center for a large steel manufacturer. That job allowed me to enhance my technical skills at a young age and I really got to understand networking and systems management. It turns out that the skills I learned there translated well into the consulting industry. I have spent a lot of time consulting on IT risk and also IT audit, and during that time I noticed a very large gap in the information security space for value-added hands-on services. In information security, there is often a lot of talk, but not enough action. This led to the building of our ethical hacking team within our organization, which we have had for over two years now." Although ethical hackers are the good guys, some people may see them in a somewhat negative light due to the hacker stereotype. Desko observed that many people don't know that there are ethical hackers in the world: "I often tell people about what we do and they often seem surprised that a career like that exists. After explaining what we do a bit more, they always seem to understand. I think the general public should know that there are people out there that do care about the privacy and security of their personal data and work very hard every day in order to protect it." With the advancement of technology, comes the advancement of a variety of cybercrime like identity theft. Although people should be aware of cybercrimes, Desko added that people should "focus on phishing, ransomware, and poor passwords; or a combination of all those!" In regards to his team, he said: "we typically incorporate phishing into our ethical hacking exercises and we are usually successful at breaching an organization's defenses with a simple phishing exercise." Desko explained that since "people are so vulnerable to social engineering because it is in our nature to trust and to want to help, phishing often plays on these tendencies and we let up our guard." He added that "it is important to not put blind trust into email and be wary of every single message you receive." Even though being aware of potential phishing situations is important, Desko said that "good password creation and password management is also very important. We often use tactics that will simply guess passwords on our client's websites. I can recall an organization where we used this tactic and were able to compromise close to 10 percent of their user's authentication credentials just because they had simple passwords in place. This led to a full-scale compromise of their network and many applications with sensitive customer data." In addition to general phishing and password creation/management, Desko said that people should know more about ransomware threats. He claimed that "ransomware is at epidemic proportions right now. This threat, which is usually delivered via a phish, will encrypt or lock your data until you pay a ransom. So many organizations are highly vulnerable to ransomware and are also unable to react or recover from it. Having some simple strategies in place as well as practicing these types of scenarios is key to recovering." The sheer amount of cybercrime is enough to make anyone worry and feel extremely vulnerable. However, you can take action to reduce your risk of becoming a victim of identity theft, a mass data breach, or other cybercrime. Desko advised that you "limit the amount of information you share about yourself online or on forms, to the extent possible. The less data you put out there, the less likely it is to be breached. Also, if you use a password for one website, don't use it elsewhere. We call this password reuse. Password reuse is an easy way to lead to more compromises of other data because if one site gets hacked, they can all be hacked." Keep in mind that there isn't a way to completely avoid cybercrime, even if you are a professional, ethical hacker. Desko explained that he has been a victim of a major data breach and that he continues to learn from it. "Like most of America, my personal data was exposed as part of the Equifax data breach. I often do breakdowns of Equifax's breach response and lay out a timeline in presentations. It is an interesting case topic to study as there are many learning opportunities that we can glean from that example. From patching vulnerable systems timely, how and when to communicate with customers, there were many interesting facts in that breakdown." Not only can ethical hackers like Desko learn from major data breaches like the Equifax breach, but the general public can as well. Whether it's a wide-spread breach that affects millions of people or an individual hacking situation, you can learn to take precautions to avoid becoming a cybercrime victim again. Although ethical hacking isn't the ultimate solution to preventing cybercrime, it has reduced organizational and individual cyber risks. If you are interested in ethical hacking, Desko advises to explore the ins and outs of ethical hacking as soon as you can. Desko advised, " the information security community, in general, is very much unlike other professional communities. There is a big emphasis on sharing data, tools, and resources for the greater good. If someone is an aspiring infosec superstar, all the tools and guidance necessary to do that is freely available for the most part. So, my recommendation is to dig in and get your hands dirty and it will pay off." Overall, white hat hacking or ethical hacking is what allows you to input your personal information on a company website without much worry. Even if you aren't pursuing an ethical hacking profession, you should focus on keeping your sensitive data secure by following Desko's advice above and doing security research of your own in order to fight against current cybercrimes.
Imagine your grandmother calling you and saying she thinks your grandfather who passed away two months ago is still alive. She explains that she keeps getting credit card bills in his name and wants to know if he somehow escaped his fate. You know the idea of your grandfather coming back to life isn't very realistic, especially since you attended his funeral. You have to explain to your grandmother that someone most likely stole her deceased husband's identity and is using it to commit credit card fraud and possibly other illegal activity. Sadly, this type of fraud is more common than you might think. Identity thieves steal around 2.5 million deceased American identities each year. Clearly, modern-day identity thieves won't hesitate to steal the identities of the deceased. And there's a reason why this type of crime is becoming popular. Ghosting, identity theft that occurs when someone steals the identity of a deceased person, can be a fairly easy crime to commit. Identity thieves take advantage of the time between when a person dies and when their personal affairs and legal aspects are put in order. According to the Identity Theft Resource Center, "it can take up to 60 days for a name to make it onto the list". In other words, it can take that long for the Social Security Administration, credit bureaus, and financial institutions to act on the information that the person is deceased. report_problem Attention: An official death notice is required for SSNs to be marked as inactive. The Social Security Administration usually won't mark the deceased person's social security number as "inactive" until it receives an official death notice. The time before the deceased person's social security number and financial affairs are settled is when ghosting identity thieves thrive. It's easier for identity thieves to steal the identity of a deceased person than the identity of someone still living; it's also easier for them to use that stolen identity. When people die, there usually isn't someone who is constantly and closely monitoring their private information (like their financial accounts), so an identity thief might have a better chance using the stolen identity without getting noticed or caught. Unfortunately, this type of identity theft seems to be a simpler, lower risk crime than other identity theft tactics. Here are a few steps you can take to protect a loved one's identity after death: Place your trust in the right people Sadly, the identity thief is often a family member of the deceased. Keep your guard up and make sure you trust the right people, even family members. Be cautious and protect as many of the physical and digital documents of the deceased as you can, including any financial records. Report the death correctly as soon as possible You should consider directly contacting the Social Security Administration, your local government, all three major credit bureaus, and all financial institutions and organizations that the deceased was associated with. Notify each contact of the person's death and make sure proper action is taken. If you act promptly, you can narrow the window of time that identity thieves try to exploit. Get copies of the deceased's death certificate Once you are able to get a few copies of the deceased person's official death certificate, send a copy to the IRS, the major credit bureaus, etc. By mailing out copies of the death certificate, you can have a "deceased alert" placed on the deceased's credit reports to help avoid identity theft. In general, keeping a few copies of the death certificate may come in handy in certain situations and can be especially useful if identity theft does occur. Avoid putting too much information in the obituary If you aren't careful, an identity thief can use the information in an obituary as a way to steal the deceased's identity. Avoid adding the person's birth date, birthplace, full name, home address, relatives' names, and other personal information. Although it may be tempting to include this information in the obituary, just remember that it's more important that you keep the deceased's identity secure. Collect physical documents and passwords Collect all of the deceased's personal documents and financial pieces like credit cards, debit cards, passport, driver's license, social security card, birth certificate, tax forms, etc. Anyone could easily steal these documents and commit identity theft. You should also collect all of the deceased's important passwords for bank accounts, computers, phones, websites, etc. Overall, the more documents and passwords you can secure, the better. Keeping these things secure will not only help protect the deceased's identity, but can also give you a peace of mind. Being the one who is responsible for keeping a loved one's identity secure after death on can be a heavy burden to carry. However, if you follow the preventative steps above and do your own research, you should be able to keep the deceased's identity out of the hands of identity theft criminals. Don't underestimate modern identity theft tactics and exercise caution when handling the deceased's documents and other personal information.
Maybe you recently broke up with someone or you were dumped. You're feeling emotionally vulnerable: After a while, you and your best friend decide that it’s time for you to get back into the dating game. So, you sign up for an online dating app: In the beginning, you start feeling super fly because of all the attention and matches you are getting: Finally, you decide to meet the special one that you’ve been messaging back and forth. Unfortunately, this person seems to be "in between jobs" right now, so funds are too tight to travel to meet you. Being the understanding person you are, you decide to send some money to help out: Once the money is received, your mystery crush is thrilled and you both bask in digital happiness. "So, when can we meet up?" you ask. Unfortunately, this time there's been a family emergency and the date is postponed. On the bright side, you have more time to get to know each other, so you spend the next two weeks talking all about your apartment, your family members and friends, your past birthday celebrations and age, your job, where you were born and where you grew up. You love feeling so close with such a good listener: Eventually, you feel so connected and comfortable that you decide to take the ultimate step of trust: you share your embarrassing driver’s license photo. It feels so amazing to finally have someone in your life who you feel safe with: Your birthday is coming up and your digital date wants to come see you and bring a gift. And what better way for this person to know just the right thing than by borrowing your Amazon account to see what's on your wish list. Of course you'll share your user name and password! You spend the next week in awe of your new love's thoughtfulness: Unfortunately, your online dreamboat texts to let you know that something's come up and it won't be possible to make it to your party. Ever the thoughtful one, your mystery love asks for your address. You just know you're going to be getting an extra special delivery to make up for all the missed dates. You know that when the two of you finally meet, it will be the beginning of a great love story: Unfortunately, your present seemed to have gotten lost in the mail. Shortly after your birthday, you get a message saying it would be a good idea to cool things down and see other people. Heartbreak Hotel? I need a room for one, please: Not long after your online love dumped you, you get several outrageous credit card bills in the mail. Confused, you decide to call your credit card company saying that you never made these purchases with your card. They tell you that you have also opened two other credit card accounts and have maxed out each account. You explain that you were not responsible for the charges, and you still have your credit card in your possession. Then you realize that you had connected your credit card to your Amazon account. The only other person who had access to your account was your online dating partner. You now realize why you never met in person, why there were so many questions about your life, etc. Once the realization hits, you feel like a fool: After the grief and anger pass, you decide to learn more about identity theft and its many forms. You hire a professional identity protection service, obtain protective software, and try to take as many preventative steps as you can to avoid this from ever happening again:
Public, free Wi-Fi is a convenience that most of us appreciate, but you shouldn't be blinded by its too-good-to-be-true appeal. Using public Wi-Fi networks might just be one of the riskiest, tech-related mistakes you make on a regular basis. Scott N. Schober, the President and CEO of Berkley Varitronics Systems (BVS), author, and well-informed cybersecurity expert, believes that public Wi-Fi networks are, in fact, dangerous to access. Schober explains, "when you access most public Wi-Fi, you enter into a temporary relationship with that provider whereby you trade your privacy for convenience. Open Wi-Fi access points are sometimes subsidized by collecting and selling metadata relating to all consumer activity including purchasing habits, dwell time in the store and even the specific devices used to connect to that open Wi-Fi. You might not care about sharing this metadata but advertisers certainly do." Recurring risks According to Schober, the shared metadata can be used to a criminal's advantage. He says that "this data is extremely valuable because it provides vital information that acts as pieces in a larger puzzle profile that targets you. When properly sorted, this profile can reveal daily patterns including our daily routines, habits, contacts, social posts, and of course, our purchases. Now imagine that when you approach each store, someone is shadowing you and taking notes on everything you did with your smartphone while near that store. It is enough to freak out most consumers, but that is essentially what we are doing." Schober explains that "by allowing one Wi-Fi to collect and sell this metadata, we are unwittingly opting into targeting and tracking programs similar to Google or Facebook’s advertising programs. Citizens have the right to protect their own privacy, but cannot truly protect themselves if they are not even aware they are being targeted." Frequency of theft Many people may think that public Wi-Fi network risks are rare, most likely because they haven't noticed any negative consequences from connecting to public Wi-Fi. To Schober, the risks are "like fishing in a barrel" as in "high traffic areas are prime targets for hackers and very likely to include fake hotspots that can compromise our devices. These are called Man-in-the-Middle attacks because the hacker’s access point pretends to be a known public hotspot. And there is nothing to stop hackers from naming these deceptive hotspots by the same or similar names to trusted ones such as ‘Free Wi-Fi Starbucks’. So when customers scan the list of possible Wi-Fi connections, they might simply just choose the first one they recognize in a long list. That means they have now just connected to the hacker’s hotspot revealing commonly used login credentials, their email, and perhaps all the data on their phone." Schober adds that the one connection made to the hotspot may not be your last. He says, "to make matters worse, as a convenience feature, most phones automatically reconnect to known hotspots by default every time you are back in the area so hackers can get repeat business from their victims." The bigger problem Regarding the degree of theft that can come from using public Wi-Fi networks, Schober shares that "public Wi-Fi is a stepping stone to much greater data theft." He explains that "while only a few items such as frequently used passwords and emails can be easily gleaned from a casual public Wi-Fi connection, the real payoff usually results from the introduction of malware onto the device. Once a hacker has a direct connection to your mobile device via malware, they have access to most anything on that device. But their reach can extend far beyond that device as well. Depending on how they compromise your phone, a hacker can then gain entry into your PC at home and eventually all data including financial, personal, healthcare, and even friends’ and family’s data too." All of which makes public Wi-Fi a worrisome threat. What to do if you are a victim If you have reasonable evidence to believe that you have been victimized because of your public Wi-Fi network connections, Schober instructs that "you should first delete all Wi-Fi networks listed on your mobile device so you do not automatically re-connect to them when you are nearby. If you know the name of suspicious hotspot, alert the nearest retailer also offering public Wi-Fi since most of their customers would potentially be affected by this same hotspot as well. If any legitimate retailer believes their customers could be in jeopardy, they will take action." He recommends that you "use your own 4G LTE hot spot or host one from your secure 4G smartphone. If you suspect your devices have already been compromised, be sure to erase and re-install your phone OS completely and do not use a recent backup that might contain cookies, browser history, or any code that might contain the malware such as key loggers. Effective anti-keyloggers such as StrikeForces’ MobileTrust can be purchased from Amazon or directly from their website https://www.strikeforcecpg.com. I use these products and have found them to be simple and effective defenses against keyloggers." How to avoid becoming a victim Although there are many legitimate Wi-FI networks, avoiding connection to a public Wi-Fi network is a good way to protect yourself and your data. Schober recommends "that people consider a 4G LTE hotspot to avoid the privacy pitfalls associated with open Wi-Fi. A modulated LTE signal is unlikely to be hacked or spoofed and much safer than using any open Wi-Fi. Modern smartphone OS includes integrated Wi-Fi tethering plans so you can host your own Wi-Fi hotspot. Just make sure you use a long and strong password so you can connect any of your devices securely to your smartphone." If protecting your privacy is important to you, prevention is the key. Although avoiding public Wi-Fi networks altogether is a solid preventative step, there are many other ways a thief could steal your private information and even your identity. Hiring a professional identity theft protection service might also prove to be a good move on your end. After all, your data, information, and identity are worth protecting, especially as cybercrimes are becoming more frequent.
In the market for antivirus software? The good news is, you'll have many more choices than you would've had ten years ago. The bad news: you'll need to take a lot more features into consideration than you would've ten or even five years ago. In the current crop of antivirus software, every product has its strengths and weaknesses. Some of these strengths and weaknesses are going to be important to you and some won't. However, to make sure you get the product that matches your priorities and needs, it's important that you ask the right questions. These nine questions are absolutely essential to finding the right antivirus software package for you: [Click here to see a comparison of the top antivirus packages, as rated by bestcompany.com and consumers like you.] 1. What does the antivirus software cover? Although they are often classified as 'antivirus' software, these products have expanded to do so much more than just protect against computer viruses-although they still do that. These days, antivirus software has to protect your computer from a multitude of threats, such as: Malware Phishing attacks Malicious URLs Mobile hacks Firewall protection Parental controls Document disposal Wi-fi monitoring Online backup Social media hacks With so many threats, the antivirus software packages you look at are going to throw some very long feature lists at you. This can be somewhat overwhelming. Fortunately, you can make this process less intimidating by weeding out that stuff that is lower on your priority list. Some of features are going to be important to most consumers, while others exist solely to satisfy only the most vigilant users. Before purchasing, make a list of the threats you want to be protected against and then look for features that address those threats. 2. How will the antivirus software affect your computer's speed? Since the beginning, one of the biggest complaints from antivirus customers has been the tendency these programs have of bogging down computers, sometimes bringing them to a complete standstill. On his review of McAfee antivirus on bestcompany.com, Brad, a McAfee customer, loved the software but had this one complaint: "It can really bog memory down when it is doing updates or scanning." PCMag reviewer Neil RubenKing tested Panda Security's effect on how long it took his computer to boot up, with the following results: "I found that adding Panda to the mix made the boot process take 19 percent longer. That's precisely the average of current products." So, despite the software-makers' best efforts to minimize the slowdown on users' computers, it's common and even expected that, because they are constantly scanning and sorting files as your computer runs, any antivirus software is going to slow down the operation of your computer. That being said, some antivirus softwares make special versions that have impact on computer speed far below that of normal packages. One example of this is Webroot, which offers a package especially for PC gamers. This package runs in the background while they play their games and is guaranteed not to interrupt or cause their games to slow down or crash. Few things are as annoying as having your antivirus software turn your once-speedy computer into a dinosaur. So before you buy, do your research and read plenty of reviews to gauge which antivirus software packages cause the least computer slowdown. 3. Does the antivirus software's tuneup tools help or hinder? Many, if not most, antivirus packages also have features designed to optimize the workings of your computer with regular scans. For example, in reviewing AVG antivirus, Neil Rubenking found that: "This simple scan wipes useless data from the Registry, defragments the Registry, and eliminates broken program shortcuts. It also cleans up traces of your Internet and computer use, optimizes startup and shutdown, and, if necessary, defragments the hard drive." All of these steps can work wonders for the speed and responsiveness of your computer, often giving a second life to a computer you thought to be on death's doorstep. But these scans can also be so frequent and take so long that they seem like they are always running and getting in your way. Kay Richardson, a McAfee customer, described this best when she reported on bestcompany.com: "It took 2 days for it to complete a scheduled scan on my laptop. This has been happening frequently." Again, reading through some honest reviews will tell you which antivirus packages will take over your computer with tuneup scans and which ones won't. 4. How current is the antivirus software? When it comes to stopping viruses, worms, and malware, antivirus software is only as good as its updates. Software updates tell the software about any new threats that have emerged and how to deal with them. If its software updates are out of date by even a couple days, your computer could be at risk from the newest threats. The downside of all these updates is that they can occur daily and they can really slow down you computer. Thankfully, many antivirus packages have started running on the cloud, meaning updates don't have to be uploaded onto your computer. Instead, updated information is posted to a web-based tool that then scans your computer for threats. So you don't have to worry about your computer having to download those lengthy, annoying, bandwidth-sucking updates. 5. How does the antivirus score on independent tests? Just as companies like JD Power and Associates offer ratings for automobiles, there are independent companies that are dedicated to testing the different antivirus software packages and assigning performance scores. One example of this is Dennis Technology Labs, which runs uniform malware tests on all antivirus software and assigns scores (AAA, AA, A, B, C) based on how many simulated malware attacks they successfully detected and blocked. If you were to look at their test results, for instance, you would find that McAfee scored an AA, which is decent but not as impressive as Kaspersky, which earned a solid AAA. 6. Will the antivirus software run on my operating system? Does your computer run on Windows, Mac, or maybe Linux? Although most of the top antivirus software will run on all three of these major operating systems, a few don't, and it's important that you check before purchasing your software. Webroot, for example, supports Mac and Windows but not Linux. 6. Will the antivirus software protect your mobile device? That's right. As mobile devices have transformed from simple phones into hand-sized computers, they have also become another potential target for viruses, hackers, and other threats. This means that you might want to consider if your antivirus software will protect your phone or tablet as well as it does your home computer. This is real point of differentiation among antivirus packages. Some don't provide any protection for your mobile devices, and others might require that you purchase extra products to extend coverage to your mobile devices. Be aware that some products will cover all kinds of mobile devices, but some won't. For example, Kaspersky works on Android devices but not on Apple devices. If you don't go with antivirus software that protects both your phone and your mobile devices, you might consider purchasing apps on your device that will protect it. Norton, McAfee, and many other antivirus companies provide downloadable apps on iTunes and Google Play. 7. Does this antivirus software come with reliable technical support? Occasionally, software installations don't go as planned. Antivirus software can sometimes be hard to figure out. In these moments, you want to know that you can call the company that made the software and that they will be available to help you fix the problem. Most importantly, you want that company to be available whenever things go wrong, not only during certain hours of the day. Fortunately, most of the top antivirus software companies provide 24/7 technical support to the customers with a paid subscription. However, a few, like Webroot, offer technical support only during business hours. Before you buy antivirus software, check quickly to make sure they offer 24/7 technical support. 8. Have you checked the antivirus software's subscription policy? Although every top antivirus package offers free trials of their software for anywhere from a couple weeks to 30 days, they all charge a subscription fee to continue their services. Depending on which features you buy with each software, these subscriptions will be anywhere from $20 to $150 and will typically be good for a year. Once that year is up, however, your subscription will usually automatically renew for another and take the same amount from your credit card or bank account again. This is true for all of the top antivirus companies, and it can sometimes be a huge pain in the neck for customers who weren't expecting it or don't want to continue. So what should you do if you don't want your antivirus subscription to automatically renew? Most software packages allow you to disable the auto-renewal feature anytime during your subscription period. In the event that your subscription is automatically renewed and you don't want to continue, some companies, like McAfee, will let you cancel any time within 60 days of the renewal and give you a full refund. At any rate, before buying antivirus software, take the time to read the packaging to find out what their policy is regarding auto-renewal and refunds. The Best Security is Doing Your Homework The truth about any antivirus package is that no software is 100-percent guaranteed to protect your computer or mobile devices. Fortunately, there are a lot of really good options out there that can help you protect your computer, your identity, your documents, and your family members. To make sure you get the right one for you, do your homework and make sure you ask the right questions before you buy.
It's Valentine's Day and you and your spouse are enjoying a candlelit dinner at your favorite restaurant. Everything feels picture perfect as you end your evening sharing a heart-shaped chocolate dessert. When you try to pay your check, your waiter whispers "I'm so sorry. It seems your card has been denied." Your confusion later turns to shock when you call your card issuer and discover that your spouse has opened various credit card accounts in your name and has exceeded the credit limit on more than one of those accounts. This Valentine's Day is more sour than sweet when you realize you're the victim of spousal identity theft. Spousal identity theft Surprisingly enough, scenarios like this aren't that uncommon. Spousal identity theft is actually more feasible than other forms of identity theft because the thief doesn't have to try very hard to obtain a spouse's private personal information and data. Spousal identity theft occurs when your spouse uses your identity for opening and using multiple credit card accounts, creating other fraudulent accounts, misusing social security numbers, signing documents, and more; all without your consent. The tragic experience Although spousal identity theft may seem like a distant worry for some, it became a hard reality for victim Jonathan Farley. Farley met his wife in March 2013. By 2016, Farley and his wife were separated after she had stolen "several thousand dollars' worth of items" and defrauded Farley "out of tens of thousands of dollars". Farley's wife had previously used his credit card and "may have photographed the numbers on the back" which Farley thought "was odd, but innocuous." In September 2016, Farley realized his wife was trouble after she had stolen all of his new furniture and told him that she was connected to the Russian mafia. Farley contacted law enforcement and tried to charge his wife with theft, but was told by a state attorney that his wife's actions were valid because she was his wife who shared his property. According to Farley, the state did not take any action of justice against his wife for her fraud and theft. Farley tried to enhance his bank account security by adding more security questions to his bank account access, but was told he was not allowed to do so by his bank. His bank account is still connected to the original security questions; all of which his wife knows. Farley's wife left the country shortly after she stole from him, requiring Farley to stay married to her for a year after they had separated by law. Farley intends to use professional identity theft protection services to help keep his identity secure once his divorce goes through and he can rebuild his savings. Unfortunately, Farley's experience, like many victim of identity theft situations, did not have a happy ending. According to the Identity Theft Resource Center (ITRC), spouses are legally seen "financially as one person" in most states. This means that a spouse is legally allowed to access any financial accounts that another spouse opens or uses and also has the ability to open new credit lines with a spouse's information. The ITRC states that "the only general exception to this rule is if they've forged your signature without your consent" which would be regarded as forgery and/or fraud. Post-identity theft options Victims of spousal identity theft have a few options to remedy their situations. One option is to keep the situation in the family. For instance, a couple could try to work things out on their own time between themselves instead of taking legal action. In this case, the couple would have to treat the financial infidelity as a debt they will have to pay off together since the debt will not go away via court case. Another option is a legal separation, which gives the victim an opportunity to separate both physically and financially. Spouses that continue to open accounts under their spouse's name and information will be considered identity thieves and can be subjected to identity theft charges. Additionally, victims of spousal identity theft can file for divorce if amends cannot be made. If the identity theft continues, then victims can notify the police and file identity theft criminal claims. Preventative steps Preparing for spousal identity theft can be difficult. More likely than not, couples will share their personal and private information like social security numbers, birth dates, full names, tax return information, bank account number information, and credit card numbers. Communication may help prevent spousal identity theft, but it may not always reflect a spouse's true intentions. One preventative step you can take is to make sure that you monitor your credit. Credit is often one of the first indicators of spousal identity theft. Another step is to make sure you keep your important documents like your tax return documents and birth certificate separate from your spouse if they are acting suspiciously. If you have doubts or concerns, put a new, secure password on your phone and make sure you keep your phone close to you at all times. Many phones contain sensitive personal information and data that could be used in an identity theft scenario. Lastly, one of the best things to do would be to hire professional identity theft protection services that will monitor your credit reports from all three major credit bureaus around the clock and will notify you of suspicious or fraudulent activity. Stay aware Overall, spousal identity theft is a real problem that affects many people on a regular basis. Staying aware of the dangers of spousal identity theft can help you prepare for stolen identity situations that may arise between you and your spouse. If your marriage is founded on trust and honest communication, your chances of spousal identity theft will be lower than most. However, it's still good to keep in mind that there is no way to completely avoid all forms of identity theft.
Many a Craigslist scam goes as follows: You post an ad selling a big-ticket item. An eager buyer responds and says they'll send you a cashier's check-not just for the cost of the item, but also shipping fees, to make things easier for you. And depending on what you're selling, the shipping fees can be close to $2,000. You deposit the check, so now, the payment for the item, plus shipping fees, are in your checking account. You then wire the shipping fees to the "shipper" so that the buyer gets the item fast. A few weeks, maybe a month later, your bank pulls all the money that was deposited into your account, out. This means you are out whatever the shipping fees were. That's because the check was phony. You now realize, "I've been scammed!" Even if you wait to see if the check clears, this doesn't guarantee the money won't be pulled out of your account, because even the bank can be fooled, thanks to the Federal Reserve Board's Expedited Funds Availability Act. This makes it possible for deposits to be available pronto. How can you spot a scam? The buyer's e-mail address is strange. The buyer says they'll send you a cashier's check that covers more than the sale item-usually the extra money is to pay for shipping. Be especially suspicious if the buyer says they'll throw in a little extra to show their appreciation. You're instructed to send the shipping money via instant electronic transfer. And you're told to hurry this process up; the buyer pressures you to wire the money ASAP. The extra money in the check doesn't always pertain to shipping. But the big red flag is that the check (or money order) coming to you is for more than the cost of the sale item. A lot more. And for whatever reason, the "buyer" wants you to send that difference back to him (or the "shipper"). The buyer, their check's bank, and the shipper are from different states. The buyer doesn't show much interest in the sale item or its associated paperwork. They're happy with your price rather than wanting to bargain it down. How to Avoid Getting Scammed Require cash transactions. Try to work with only local buyers. Sometimes you have to take a buyer who's long distance, and sometimes you just have to accept a check or money order. In that case, call the bank that the check/money order came from for confirmation that it's legitimate. Warning: Sometimes a scammer will print phone numbers on the fraudulent check/money order and arrange for a co-scammer to answer and confirm the money's legitimacy. So don't dial any numbers on the money document. Instead get the bank's number from its website. See what happens when you require that the buyer, who wants to use a cashier's check, use a local bank. If there's resistance, you're probably looking at a scam.
What Is Identity Theft Protection? What Is Identity Theft Restoration? Identity theft protection is a proactive measure designed to either prevent occurrences of identity theft, or limiting these events in number and severity. While no company can guarantee complete prevention of an identity theft, the best identity theft protection companies are skilled at detecting and resolving ID theft events quickly. Companies will offer any of the following services to protect your identity from further harm: Credit Monitoring Identity Monitoring Security Freezes Fraud Alerts Also known as "identity recovery," identity theft restoration is a reactive measure designed to help you regain full control of your good name and finances after an identity theft takes place. Most identity restoration companies will assign you a case worker who will walk you through the process of regaining your identity. The best identity theft protection companies will offer any of the following to help you restore your identity: Lost Wallet Protection Limited Power of Attorney Identity Theft Insurance Pre-Existing Theft Credit Monitoring Many identity protection companies offer credit monitoring as their standalone protection solution. Credit monitoring is the process of periodically checking your credit reports for accuracy as well as potential incidents of fraudulent activity. Credit reports are obtained from up to three major credit reporting bureaus: TransUnion, Experian, and Equifax. Identity theft protection companies offering credit monitoring will notify you should any of the following take place: A company examines your credit history Loan or credit card applications are filed under your name. A bankruptcy appears in your public records. A legal judgment is filed against you. Your credit limit changes. Your personal information changes. Back to Top Identity Monitoring As opposed to credit monitoring, which applies to factors that affect your credit report directly, identity monitoring deals with factors that do not show up on your credit report. While many protection companies will monitor instances of misuse or abuse of your identity, very few can do it in realtime. These companies employ what's called an analytical system, which provides live updates of your personal information, where it is being used, and whether the use is unauthorized. These events include the following: Change of address request New court or arrest records Payday loan applications Orders on services (cable, utility, wireless, etc.) Check cashing requests Social media Black market websites (illegal databases that trade ID theft victims' personal information) Back to Top Security Freezes When a new and fraudulent account is opened in your name, it can be very difficult to stop the ID thief from ruining your credit, draining your bank account, and destroying your good name. A security freeze stops creditors from seeing your credit reports or credit score, which in turn prevents reputable credit grantors from issuing new lines of credit in your name. When the fraudulent accounts have been resolved, you may then unfreeze your credit using a PIN provided by the reporting agency. A security freeze does not halt fraudulent activity on your existing accounts; it is designed to stop subsequent attempts to use your information on credit applications. Back to Top Fraud Alerts Like security freezes, fraud alerts can be done either manually or through an identity theft protection company. If you suspect you may be the victim of identity theft, you can issue a fraud alert on your credit reports, which notifies creditors and lenders of the breach and allows them to protect your account from further fraudulent activity. Depending on your circumstances, you could use one of several different fraud alerts: Initial Fraud Alert Extended Fraud Alert Active Duty Military Alert Lasts at least 90 days Used if you suspect a fraud Requires proof of identity Entitles you to one free credit report Only needs to be placed with one credit agency Lasts seven years Used if you are a victim Requires identity theft report Entitles you to two free credit reports Only needs to be placed with one credit agency Lasts one year Used to reduce risk of ID theft while deployed Only needs to be placed with one credit agency Back to Top Lost Wallet Protection In the event the contents of your wallet or purse have been lost or stolen, the identity restoration service will help you to replace these important documents and cancel the lost items. In order for the lost wallet protection to have significant effect, it is important to keep a list of what documents you carry in your wallet or purse. This will help the restoration company know which documents to replace, and where to look for potential incidents of fraud. Lost wallet protection usually includes, but is not limited to the following: Credit and debit/ATM cards Driver's license Social Security Cards Insurance cards Other certifications of licenses Back to Top Limited Power of Attorney While you always have the choice to act on your own behalf while restoring your identity, in some instances (particularly when the law is involved), you may benefit from agreeing to an ID theft company's Limited Power of Attorney policy, which gives the company restricted authority to act on your behalf. Through the Limited Power of Attorney, a company can legally represent you to creditors, credit reporting agencies, and even debt collectors. The company can also represent you in court, to insurance agencies, and other authorities to help halt, mitigate, or remediate/repair your credit or identity. Back to Top Identity Theft Insurance Many identity theft services will provide you with some type of insurance to help cover the out-of-pocket expenses associated with your identity theft. Identity insurance policies can range from as little as a few thousand dollars, all the way up to $5 million, and will pay for the various costs directly related to recovering your identity: Notary and Certified Mailing Costs: Costs incurred when sending letters to creditors, reporting agencies, and debt collectors Lost Wages: Some policies will reimburse lost wages should your identity theft affects your employment or your ability to receive your paycheck. Applications: The cost of reapplying for loans, grants, etc. that you were denied as a result of the identity theft Travel Expenses: In the event you need to travel in order to amend incorrect information on your credit reports or in public databases Child/Elderly Care: Costs incurred when you must pay to have your family looked after while you travel to amend your identity Attorney Fees: Lawyers fees for preparing and reviewing documents, or representing you in court Back to Top Pre-Existing Thefts A pre-existing theft is an identity theft event that has not been resolved prior to signing up for identity restoration services. Very few companies will provide restoration services for pre-existing theft; they will only cover events that take place while you are a paying customer. However, some companies do provide restoration on pre-existing thefts. Back to Top
Craigslist is one of my favorite sites on the Internet, though I admittedly have a love/hate relationship with it. One reason I love it is because of the deals and variety of items and services available, but I hate it because some of the people who use it are scammers and the site has some major security issues. Once, I listed a property on on Craigslist for rent. Scammers relisted the property for a third of the asking price. People came to my home and would knock on my door to see the property, even after the listing had expired. Here's how scammers work on Craigslist: The scammer will copy and paste the ad and then pose as the homeowner who is overseas on business. To generate traffic, the scammer will list the ad for less than it is being asked. When a person responds to the ad, the scammer then tells them they can rent the property out, they simply need to forward the first month's rent overseas. More people fall for this than you would believe. How did I thwart this crime? I continuously scanned Craigslist for my ad to see if it was being posted. When I found any similar ads, I would email the information to [email protected], and the company would take the post down. However, the scammer also was on top of it, and kept posting the ad again. So how can you protect yourself from these scams? Use common sense, pay attention and be smart. Be careful about who you are contacting and who contacts you. Try to deal locally when possible and always meet in person in a safe location. Do not engage in any online monetary transaction that requires you to send money to a stranger after they send money to you. This is a scam. Do not disclose financial information, Social Security numbers or any account information. Personal Security Tips: Always Use Craigslist With Caution - People have been robbed, scammed, burglarized and even killed by using Craigslist. You must be careful about who you contact as you don't know what everyone's true motivation is. Work With a Friend - If possible, meet the person with a friend or family member. There is strength in numbers. Get ID Info Before Meeting - You also want to make sure that you get the person's name and phone number before meeting them. Call them to verify the number, and tell them that your brother, who is a cop, will have his cruiser there when you meet, so they should not be alarmed. Stay As Aware As Possible - There is always risk when meeting a stranger, but staying aware can help to keep you from getting into a bad situation. Trust Your Instincts - Do not discount any negative feelings you may have about the meeting, and cancel it if necessary. Wear the Right Things - Do not wear anything provocative or expensive, nor should you wear loose fitting clothing or scarves, as attackers can grab onto them easily. Wear good shoes that you can run in. Stay in Communication - Make sure someone you know, such as a spouse or family member, knows where you are and when you will be back. Try to have them on the phone during the meeting.