UND-Pilsa Blog

Identity theft occurs when someone illegally obtains your personal information (social security number, credit card numbers or some other personal information) and uses that information to apply for loans or credit cards under your name or to make unauthorized purchases or gain access to your financial accounts. It is extremely prevalent these days, but there are steps you can take which will reduce the chances of you becoming a victim of identity theft.

1. NEVER give out personal information (date of birth, social security number, credit card numbers) over the phone, by email or on the internet unless you initiated the contact and know whom you’re dealing with. If your social security number is requested, ask if another form of ID could be substituted in its place.

2. ALWAYS shred papers that have your personal information on them before throwing them away. Papers that should be shredded include credit card receipts, checks, bank statements, credit card statements, expired credit cards and pre-approved credit card offers. Cross-cut shredders are great for this purpose.

3. Keep accurate and current records of all your credit cards and who you should contact in case they are lost or stolen. You may want to take copies of your credit cards and write the customer service number on the copy. If you are not currently using some of your credit cards, you should keep them securely locked away. Other things to keep in a secure location include: unused checks, your social security card, bank statements and credit card statements.

4. ALWAYS make sure you get your copy of a credit card receipt when making a purchase. Check to make sure your credit card was returned to you as well.

5. Check your credit reports annually. There are three credit reporting agencies; Equifax, Experian and TransUnion. Every year, you are allowed one free credit report from each of these credit reporting agencies. Go to www.annualcreditreport.com to order your free credit reports, ordering one from a different agency every 4 months.

6. ALWAYS make sure there are no “shoulder surfers” around when you are keying in your PIN number at an ATM or store. Be careful that no one overhears you when giving out your credit card number or personal information over the phone.

7. When purchasing on the internet, always make sure the site you’re using is secure. You know you’re on a secure site if the web address changes from http:// to https:// when you click on “buy” or “add to cart.” You will also note a lock or key symbol in the lower corner of the web page.

8. On your own computer, use a firewall and virus protection. Use passwords that include letters, numbers and symbols to make them more difficult to break. Never use PIN numbers that are obvious, such as your birth date, street number, phone number, the last four digits of your social security number or any consecutive numbers. Memorize your PIN number-do not write it down. If your mother’s maiden name is requested for security purposes, use a password instead-one you will remember.

9. NEVER respond to emailed requests from banks or creditors to update your information. You should always call the institution directly or go to their website (do NOT use the website the email directs you to) to update your information. Rarely do banks or other institutions request such information by email, and it is a simple task for someone to create a website that looks just like your bank’s or creditor’s.

10. If you receive lots of pre-approved credit card offers in the mail, call (888) 5OPT OUT to have your name removed from the marketing lists sold by the major credit bureaus.

11. Drop off outgoing mail at your post office or collection box rather than leaving it in your mailbox for pick up.

12. Have new checks mailed to your bank and pick them up there.

13. Place passwords on your bank accounts, brokerage accounts and credit card accounts for protection. Once again, use a mix of letters, numbers and symbols.

14. Consider an ID theft insurance policy.

15. Register with Equifax Credit Watch. Equifax Credit Watch makes monitoring your report easy by automatically alerting you within 24 hours of key changes in your Equifax Credit Report - like when someone tries to get credit in your name or there are sudden changes in your credit card balances. - so you can act before serious damage is done.

For a list of signs that you may be a victim of identity theft, go to http://understandingidentitytheft.com/articles/article-67.html
For further information on identity theft, visit http://understandingidentitytheft.com.

For information on how to check and/or correct your credit report, go to http://yourcreditscoreranking.com.

Debbie Pettitt teaches you all about identity theft: what it is, how it occurs and what to do if you are a victim at http://understandingidentitytheft.com.

If you need help straightening out your credit report, learn all about it at http://yourcreditscoreranking.com.

Comments Off

RSS is growing at a lightening speed. What was once only known as a “techie tool”, RSS is becoming a tool that is continuously being used by the general population. Along with the good comes, the not so good. And while some have mentioned the emergence of RSS spam, where content publishers dynamically generate nonsensical feeds stuffed with keywords, the real concern relates to security. While an annoyance to the search engines, spam in RSS feeds pales in comparison to the possible security concerns that could be in RSS’ future.

Security Implications Related to RSS.

As RSS gains momentum security fears loom large. As publishers are quickly finding innovative uses for RSS feeds, hackers are taking notice. The power and extendibility of RSS in its simplest form is also its achilles heel. The expansion capabilities of the RSS specification, specifically the “enclosure” field which has launched the podcasting phenomenon, is where the vulnerabilities lie. The enclosure field in itself is not the problem, in fact the majority of RSS feeds do not even use the enclosure tag. The enclosure tag is essentially used to link to file types, things like images, word documents, mp3 files, power point presentations, and executables and can be thought of in similar terms to email attachments.

The fact that RSS can be used to distribute these file types has opened a myriad of doors to users of the syndication standard, but also has created cause for concern. Most people do not feel that the risk is significant because people “choose” the content that they receive, and while it might make the distribution of malware, viruses and spy applications via RSS less prevalent, their is still the inherent risk of a infected file being distributed.

The problem is one of both technology and lack of education.

The danger lies in the fact that many RSS readers, news aggregators, or pod-catchers automatically download the information contained in the enclosure field regardless of its file type or source.

Most RSS developers acknowledge the risks associated with the enclosure field, but few have had the forethought to include filtering, screening or authentication capabilities and many automatically download enclosures.

Nick Bradbury of Bradsoft/NewsGator seems to be proactive, designing FeedDemon with security in mind. FeedDemon uses an editable safelist of file types as well as allowing users to monitor what files are automatically downloaded. FeedDemon also contains hard-coded warnings related to specific file types.

Developers of ByteScout took a different approach to the handling of enclosure files, ByteScout does not automatically download anything without user intervention for each download.

Unfortunately, not all RSS readers, aggregators and podcatchers consider the possible security implications associated with RSS feeds and podcasts, some will automatically download enclosures without warning or any thoughts of security. Be sure to examine how your RSS reader handles files contained in the enclosure field of an RSS feed.

With the increased use of RSS and podcasting, the security risks increase with it. Their is cause for concern, however proactive users and conscientious developers can easily subvert the risk by taking precautions seriously. Computer viruses and malware are cause for legitimate concern, there is ample time and action that can avert potential problems.

Comments Off

You know it’s time to start worrying about holiday shopping when the trees and giant Santas come out in all of the stores. One store I shop at is already playing holiday music!

The stores are gearing up for the holiday shopping season already. And so are identity thieves. It’s the happiest time of the year for them, too.

The stores and malls are filled with rushed, often agitated, shoppers. The holiday crunch is distracting, and many shoppers forget to keep their personal information safe.

Identity theft is the gift that gives all year long. And chances are that you’ll never know you are a victim until you are turned over to a collection agency or turned down for credit. By that time, a criminal could purchase a car, a boat and a lot of bling-bling in your name.

One of the easiest ways to detect fraudulent usage of your identity is by checking your credit report. You are allowed one free report each year from each of the three major credit reporting agencies: Equifax, Experian and Trans Union. That’s three reports a year. I stagger mine so that I watch my credit year round. I look at one in January, one in April and one in August.

If you suspect that your identity has been stolen, you should immediately put a 90-day fraud alert on your credit file. All you have to do is call one of the three agencies. The credit agency will then contact the other two agencies for you. They are required to do so by law.

The law also requires creditors to accept the fraud alert and take reasonable steps to verify your identity before opening a new account in your name.

If the problem isn’t cleared up within 90 days, you can request an extended fraud alert that last up to seven years. To do this, you must provide proof that you have been a victim of credit fraud, for example, a police report. You can then remove the fraud alert at any time.

Lenders must notify you if they are reporting unpaid bills or negative information about you to a credit bureau.

You can help protect yourself from holiday identity theft by taking some defensive actions.

Remember, you will likely be in a crowd, often shoulder-to-shoulder with someone. This is an ideal setup for a pickpocket. Take only the credit or debit cards that you need for your shopping trip. You should probably keep them in the front pocket of your pants or the interior pocket of a jacket. If you carry a wallet, make sure that you do not have any personal information or your Social Security card in the wallet.

Pay close attention to your mail. If you don’t receive your monthly credit card statement, it isn’t a gift from Santa. Identity thieves love to raid mailboxes for your personal information. They can even change the address on your billing so that you won’t catch on so fast.

If you shop online, check the sites’ security policies before you click buy. All reputable sites make their policies easily available.

Some credit card companies are starting to employ added protection for your online shopping. You can download a randomly selected “disposable” number good for one purchase. You don’t have to use your real credit card number. Check to see if your credit card company offers this feature.

Be alert. Make sure that you don’t leave a store without your credit card receipt. Don’t forget to stop your mail if going on vacation. Take precautions that will make this a bright season for you and your family.

Martin Lukac, represents, #1 Loans USA (http://www.1LoansUSA.com), a finance web-company specializing in real estate/mortgage market. We specialize in daily mortgage news updates, rate predictions, mortgage rates and more: info@1LoansUSA.com

Comments Off