Custom Search

October 31, 2009

Red Flag Rules do not include attorneys

As I have reported before, the FTC's Red Flag Rules regarding prevention of identity theft go into effect (allegedly) tomorrow, November 1.  The Red Flag Rules have been supposed to go into effect multiple times before, only to be delayed.  But since tomorrow is almost here, maybe they will indeed go into effect this time.

Another development is that Judge Reggie B. Walton of the United States District Court for the District of Columbia has ruled that the Red Flag Rules do not apply to law firms.  The D.C. Court agreed with the American Bar Association, finding that the Federal Trade Commission's interpretation of the Fair and Accurate Credit Transactions Act (FACTA - the amendment to the FCRA passed a few years ago) was overreaching and its application to lawyers and law firms unreasonable.

The decision turned on FACTA's definition of creditor.  Only creditors, as defined by FACTA, have to comply with the Red Flag Rules' requirements to attempt to prevent identity theft.  The Red Flag Rules require creditors to adopt written identity theft prevention procedures. 

The FTC argued that lawyers and law firms fall under the definition of "creditor" and thus have to comply with the Red Flag Rules.  Unfortunately for the FTC's argument, it was a stretch to call a law firm a creditor and Judge Walton agreed.  As a result, Judge Walton granted the ABA's motion for partial summary judgment.  This also means I don't have to write identity theft prevention procedures by tomorrow.

Where have I been?

Some of you may be wondering why there's been no posting activity for a while on this site.  Or maybe no one's noticed?  For any of who may have taken note of a lawyer that went quiet (that doesn't happen often), its because I had to prepare for another captive audience, namely a federal jury in a non-consumer related trial in the United States District Court for the Northern District of Mississippi.  Preparing for and trying a case always takes precedence over just about everything else, as it is one of the most time consuming, difficult things a lawyer does.  At least that's my take on it.  So that's why I've been so quiet.

Regular posting will begin again Monday.  And, as always, comments and questions are not only welcome but encouraged!

October 20, 2009

Another article about how to protect yourself from identity theft of Cleveland, Ohio has an article about ways consumers can protect themselves from identity theft.  Here's the advice from the article:
Last year, close to 10 million Americans were victims of identity theft. Generally, people who made more than $75,000 were more likely to be fraud victims. The fraud rate was highest among people 35 to 44 years old.
The president of Cleveland's Better Business Bureau, David Weiss, said one in every 23 Americans is a victim of fraud. NewsChannel5's Joy Benedict headed to Target to ask shoppers there if they had ever been a victim of identity theft. The third person she asked, said, "yes." She had her credit card number stolen and some purchases were made online in her name.
The BBB says that's the first step to protecting yourself, pay attention to your bills every month. Don't put your outgoing bills in your curb side mail box, because someone could take them. Either take your payment directly to the company, pay online, over the phone or take it to the post office for delivery.
Get your free credit report every year as well to check your credit history and make sure there is no unusual activity.
And one of the most important steps to take is shredding your financial statements.
As always, I'll add my own advice - if all of the above doesn't work, hire me.  :)

October 19, 2009

Arizon identity theft victim helps police catch identity thief while on vacation in France

An Arizona resident was on vacation in France when he was contacted by his bank about suspicious charges showing up on his account.  The unnamed Arizonan immediately contacted the Scottsdale, Arizona authorities and informed them that there were fraudulent charges being made with credit cards he had left at his Scottsdale apartment.  Additionally, the man told police that several delivery companies had contacted him about purchases that were to be delivered to his apartment that day.

Police checked his apartment at 1:30 a.m. and, while empty, it was clear that someone had been there and, since the identity thief had apparently scheduled deliveries to the apartment of his illegally purchased items for later that day, the police decided that the identity thief would likely return to the apartment.  The police kept the apartment under surveillance until 7:30 a.m., when detectives arrived to wait inside the apartment.

At approximately 8:00 a.m., Neil Freemore, the identity thief suspect, exited an adjacent apartment and walked into the victim's apartment, where the detectives took him into custody.  Sealing the deal, so to speak, Freemore had in his possession the victim's credit card when he arrived at the victim's apartment. 

Police executed a search warrant on the adjacent apartment and found items belonging to the victim, including clothing, electronics, and other personal items, as well as drug paraphernalia.  The drug paraphernalia led to the arrest of Freemore's roommate Jayne Ozlen on drug charges.  Freemore was charged with burglary, theft, fraudulent use of a credit card, identity theft and drug possession.

Retail theft databases - a different kind of consumer reporting agency

What if you are accused of stealing from your employer at a retail store?  Chances are, your alleged theft may hinder your later chances at landing a job.

When thinking of a consumer reporting agency, most people think of the big three credit bureaus - Experian, Equifax and Trans Union - and the credit histories they spit out about consumers.  But there are other types of consumer reports, such as reports regarding employees who allegedly steal. 

For instance, ChoicePoint, who at one time was part of Equifax, manages a collection of information called "Esteem" which is a workplace theft database.  To populate its database with information, ChoicePoint collects reports from over 75,000 retailers regarding employees who allegedly steal from their employers  Companies looking to hire new employees then buy reports regarding potential hires from ChoicePoint's Esteem database. 

ChoicePoint is not the only one in this line of business.  HireRight has compiled an employee-theft database to which 500 member companies contribute evidence of convictions, signed confessions, video surveillance or eyewitness statements regarding employee theft.

Also, the National Retail Mutual Association has collected more than 500,000 incidents of employee theft in its NRMA Retail Theft Database. NRMA obtains its information from client stores who have obtained a signed confession, a signed restitution agreement, a fully paid civil demand, a criminal conviction or other "documentary evidence."

What these companies don't take into account is that, sometimes, people plead guilty to things they did not do, because a conviction, no matter how wrongful, would impose a much worse sentence than the deal the defendant can get by pleading out.  Many innocent defendants plead guilty to get probation where demanding trial also means risking jail time. 

Just like the databases maintained by big three credit bureaus, the retail theft databases put consumers at risk of gross errors that could cost consumers a job and damage their reputations.  Luckily, the retail theft databases are also subject to the requirements of the Fair Credit Reporting Act.

Consumers suspecting that a company may be reporting incorrect information about them to potential employers should request a copy of any and all information about them in the possession of the retail theft database companies named above.  If an error is found, it should be disputed immediately and repeatedly until it is fixed or it becomes obvious that litigation is necessary to correct.  At that point, consumers should contact a consumer attorney such as myself for assistance.

My thoughts on Credit Karma's free credit score

A reader named Marie posted a comment yesterday in response to my post about's free credit scores - see  Marie wanted to know my thoughts on Credit Karma's free credit scores. 

After getting over the initial shock of one of my faithful readers actually asking a question (which is what I initially hoped this blog to receive a lot of), I reviewed Credit Karma's website as I had never heard of Credit Karma before Marie's comment.  I thought, perhaps, Credit Karma is a distant cousin of the mythical Credit Fairy, which I posted about here

As it turns out, Credit Karma is a lot like  It claims to provide free credit scores for those willing to register on its website.  It claims it pays for the costs of obtaining the credit scores by utilizing advertising dollars from selling ad space on its website. 

My initial thought was the same as, i.e. the site provides "a" score but not necessarily "the" score that your creditors receive.  That's because many large creditors utilize their own unique scoring models so there's no way to see that score before you apply (and maybe not even after you apply) to those creditors for credit.  Smaller creditors use standard scoring models, such as FICO.  Its possible that Credit Karma also uses a standard scoring model, but I searched their website up and down and could not find even a hint as to what scoring model they use.  Therefore, Credit Karma, like, is good for finding out generally how your credit score fares but don't count on it to be exact.  But, at least its free to find this out using Credit Karma or, whereas you'd have to pay the credit bureaus to get the same "almost" score.

One thing that did concern me about Credit Karma is how do they get your score without it being a hard inquiry on your credit report.  When you buy your score from one of the three credit bureaus, it does not impact your credit score because it does not count as an inquiry against your credit report.  However, when a third party accesses your credit report (i.e. to get the information needed to generate your credit score), it will show up as a hard inquiry and thus, potentially, negatively impact your credit score. 

Yet, Credit Karma claims the opposite.  Here's what they say on their FAQ page:
Will using Credit Karma lower my credit score?

No. Credit Karma is making the credit score request on your behalf. Inquires made on your behalf will not be shown to creditors and will not affect your credit score.
Maybe Credit Karma is some subsidiary of one of the three credit bureaus and that's how they accomplish getting your score without causing a hard inquiry.  Otherwise, I don't see how they do it and am a bit suspicious. 

Have any of you out there gotten your credit score via Credit Karma and then looked at your full report to see if a hard inquiry showed up?  Or have any of you used Credit Karma at all?  If so, I (and maybe Marie too) would be interested in hearing what you found.

October 17, 2009

Upcoming sentencing for illegal immigrant linked to thousands of fake ids

A Mexican citizen in Witchita, Kansas is scheduled for sentencing regarding one count of identity theft.  The 62 year old Jorge Alvarez Rivera, a.k.a. Daniel Salas, is scheduled for sentencing on January 11, 2010 for making a false claim of U.S. citizenship and identity theft, charges that he pleaded guilty to last month.

However, Rivera is also linked to thousands of U.S. birth certificates produced for illegal immigrants.  In fact, more than a decade ago, Rivera was found with more than 830 Kansas birth certificates hidden in the trunk of his vehicle after he was involved in an auto accident.  However, he was never prosecuted for this crime. 

Fortunately, he is finally being taken off the streets.

October 15, 2009

Skimmer devices show up in Minnesota

Here's an article from the about a rash of skimmer devices showing up that have local authorities worried about an identity theft outbreak.

Beware "the skimmer."

A small, nondescript device that reads and stores credit numbers has popped up in a pair of unrelated theft cases in the metro — one involving a fast-food chain in Eagan, the other involving a TCF Bank machine in Maplewood — giving law enforcement officials and the public yet another reason to concern themselves with identity theft.

"It's not a garden-variety tool, that's for sure," said Jason Korstange, director of corporate communications for TCF Bank. "Not a lot of people would understand how to use it."

The skimmer is so innocuous in its appearance, it can be affixed over the card slot on an ATM machine to make it look like a normal part of the contraption, as was the case recently in Maplewood, or it can be tucked away in a shop's backroom or under a retail counter, where crooked store clerks can use it to scan customers' cards without their knowledge.

"If you're the victim, it may take a while for you to discover, in the first place, that they're charging your card," Maplewood Police Chief David Kvam said. "But your card is not missing — you have it. ... They could be in another town, or even another state, before you become aware."

Police say they've arrested two men who used the boxy little machine to steal credit-card information from unsuspecting customers at a Wendy's hamburger shop in Eagan, where one of the suspects worked behind the drive-through window.
 The whole article can be found here -

Mississippi agencies come together to warn about identity theft

The Mississippi Attorney General's office, the Consumer Credit Counseling Service and Better Business Bureau are joining forces in Mississippi to warn and educate Mississippi consumers about identity theft.  Representatives of these companies will set up shop next week at Wal-Mart stores across Mississippi offering free tips about identity theft as part of the "Be Smart" campaign next week from October 19 through 24. 

Operation "Be Smart" is part of next week's National "Protect Your Identity" week.  The "Be Smart" campaign will focus on five key tips to prevent identity theft:
Shredding sensitive documents
Making wise decisions with personal information
Analyzing your credit report
Reporting identity theft
Taking precautions; knowing what safeguards are in place with your creditors.

October 14, 2009

What are they teaching our kids? Biloxi teacher charged with stealing another teacher's identity

From the Biloxi, Mississippi Sun Herald -
An assistant teacher at Nichols Elementary School has been charged with identity theft against another teacher, Biloxi police said.
Police Sgt. Donnie Dobbs said Kimberly Riley, 41, of D’Iberville was arrested Monday evening at her home on Dianne Drive.
Dobbs said a criminal investigation led to allegations Riley defrauded the victim in two ways.

Riley is accused of using the teacher’s personal information to open different credit cards and make assorted purchases until the accounts were closed.
She also allegedly used one of the victim’s credit card numbers to purchase cell phone services.
“Right now I can show about $2,000 but the money involved is estimated at $4,000,” Dobbs said.
“It started back in February. The victim later noticed some unusual charges on her credit reports and she contacted us.”
D’Iberville Police Department assisted in the investigation.

Riley was held at the Harrison County jail on $25,000 bond set by Justice Court Judge Albert Fountain.

More on social network identity theft

Interesting article about the reasons why identity thieves commit identity theft via social networking sites.  The whole article can be found at
Imagine you’re a small business or an individual and someone creates a Facebook , Twitter or any other social media profile and uses your name, picture or logo. Next they start to post blogs and send out links as you. They may be contacting your clients to get them to join in social media or they simply show up in search. Either way their intention is fraudulent. Having a presence online of someone else allows a scammer unlimited possibilities to do wrong and they may never get caught.

Also, traditional phishing where scammers would send a fake email purportedly coming from a trusted entity aren’t as successful as they used to be. Identity thieves are taking advantage of free use of social media and building a home base on legitimate sites. Once established, they look as legitimate as any other fan page or Twitter account. There are few, if any checks and balances preventing this.

There are so many reasons why this kind of social media identity theft occurs.

They may be seeking steal your clients or potential clients away by posing as you, but gradually revealing themselves and do a quick switcheroo hoping to not get discovered.

They could be squatting on your name or brand hoping to profit off of it by selling it back to you or preventing you from using it.

They could be criminal hackers posting infected links with the intention anyone click on them and download a virus that infects your PC or network giving them back door access.

They may be intentionally posing as you, even blogging as you for the purposes of damaging your name or brand. Anything they say to the world that is libelous, defamatory or just plain wrong makes you look bad or can get you sued and you have to prove otherwise.

They may be posing as you to harass someone you know or your clients to further damage you.

They could be doing it simply to harass you to get back at you, seeking revenge because you slighted them or sold them a defective product or service.

They may pose as a name or brand that has leverage like a celebrity or Fortune 500 that can open doors for them. Get them places where they couldn’t get on their own, a form of social engineering.

Your brand may sell products or services and the identity thieves pose as you and offer deals with links to spoofed websites hoping to extract credit cards numbers.

They may pose as any government entity such as the IRS, Social Security Administration, Medicare or any other agency for the sole purpose of extracting data and committing new account fraud

They may be obsessed or desire you or your brand and simply want to have a piece of you or be recognized as you. They can actually be or act as you when they are responding to messages and queries from those who think the scammer is you. Just like a stalker who hunts down their prey, they can’t get enough of you and by posing as you it gives them a little satisfaction and the attention they crave.

They could be spoofing you, as in a parody of you or your brand. They may have created a “tongue and cheek” site that may be obvious, it might be funny, but more than likely it’s not funny to you.

They could be posing as you to elicit contact from others for the purposes of a relationship, sexual or otherwise either in person or virtually. A young man was recently caught posing as an attractive girl in his school on Facebook. He contacted guys in his class posing as her and requested naked photos of them. When he revealed who he was and what he would do with the photos-or else- he began to extort sex from them.

Social media is just a baby. All of the above stems from real world examples from research over the past few years. Unfortunately this list is going to keep growing. Varieties of fraud that can occur via social media is only up to the imagination of the thief. Submit your own findings. Lets hear what other whacked out other social media identity thieves are doing.

History of the credit bureaus

Here's an interesting post about the history of the credit bureaus -

New FICO scoring model may do more harm than good


New changes to the FICO® credit scoring model, dubbed FICO® 08, were recently made available to all three major credit bureaus (Experian, Equifax and TransUnion). While some are touting these changes as a win for consumers, Lexington Law®, a consumer advocacy law firm, cautions that FICO® 08 may instead cause millions of credit scores to decline.
Used by lenders to assess credit risk, credit scores are derived through statistical analysis of the information in a credit report. The FICO® scoring model translates this data into a single 3-digit number ranging from 300-850. Lenders use this number to determine whether a borrower is likely to repay his or her debts.

This new scoring model has received positive publicity because it excludes minor missed payments from negatively affecting credit scores. The model docks fewer points from credit scores for charged-off accounts of less than $100 and for isolated 30-day late accounts.

Some, however, believe that FICO® 08's scoring model does little for consumers.

"The industry is hyping FICO® 08 as a great thing for consumers because of the way the new scoring model reports some late payments" says John Heath, directing attorney for Lexington Law Firm, "However, no one has blown the whistle about how few consumers will benefit from the new model and how small of a benefit those few will actually receive."

"After all, isolated late payments and small accounts don't represent the bulk of the negative items found in consumer credit reports; a large number of collection accounts are for far more than the $100 threshold FICO® 08 uses. Additionally, those few consumers who have these types of mildly delinquent accounts may not see any scoring increase, because the prior scoring model already considered that a collection account might be isolated and for only a small amount."

A potentially more significant change, that has incidentally already received some negative publicity, is the increased weight placed upon credit utilization: FICO® 08 is more sensitive to the percentage of available credit consumers are currently using. This change will likely affect millions of Americans who carry higher or even maxed-out credit card balances. Those Americans may experience immediate reductions in their credit scores.

Recent economic conditions, during which credit card companies have reduced credit limits or canceled cards outright, has compounded this problem for consumers. FICO® 08's increased emphasis upon credit utilization means that consumers whose credit limits were reduced are more likely to experience greater credit scores reductions than they would have seen under the previous scoring model. Simply put, with the new scoring model, lenders are far more likely to view consumers who have had their credit card limits reduced as greater lending risks.

"Credit utilization ratios have a place in the credit scoring model, but to place more emphasis on this factor in today's economy is problematic," added Heath. "With today's strict lending requirements, even some very creditworthy consumers must pay higher interest rates because of their credit scores, resulting in higher profits for credit card companies and other lenders. With FICO® 08, credit card companies have more power over consumer credit scores. They can lower their customers' credit scores by simply reducing their credit limits."

October 13, 2009

Free credit score at No, not really is getting a lot of buzz lately, particularly after being mentioned by Clark Howard as a place consumers can get their credit score for free.  While consumers can purportedly get a free credit score once every six months, the problem is that its not a credit score that actually used by lenders. 

In other words, is about as useful as say ... I don't know ... me telling you faithful readers what your credit scores are.  You right there, your score is 684.  You over there, your score is 575.  You in the red shirt, yours is 702.  Guess what, my credit scoring model is not used by lenders either, so its just as useless as's score. 

Don't take this to mean that I am suggesting buying your score from one of the credit bureaus like Experian, Equifax or Trans Union.  Oh, much to the contrary, that would be even worse.  Then you would be paying for a score that's also not used by lenders.  That's right, folks, lenders don't use the big three's credit scores either. 

Lenders typically do one of two things - they either set their own criteria for what's important to them, which means that particular lender's scoring model is unique.  Or lenders use one of the pre-made scoring models, such as Fair Isaac's scoring model.  So if you really want to get your credit score that could actually be a credit score that a lender might use, then you should buy your score from Fair Isaac by going to  The basic credit report (from Equifax or Trans Union) and FICO's scoring model costs $15.95.  The myfico website touts this score as one "lenders use".

Fraudulent tax returns a real problem for IRS and identity theft victims

The Government Accountability Office reported that in 2008 the IRS had cataloged over 50,000 incidents of identity theft related refund fraud and employment fraud.  Approximately 90% of those incidents were stopped before refunds were issued, with about 15 millions fraudulent refunds being sent out.

90% sounds good, but that's only including the incidents that the IRS recognized as fraud.  The IRS does not know the amount of tax refund fraud that goes undetected.  In 2008, the IRS implemented new initiatives to protect consumers from fraudulent activity, including utilizing an identity theft indicator that it places on victims' accounts so IRS personnel can more readily recognize the victim if future problems occur.  They have also decentralized the fraud assistance process, making the area of the IRS that discovers the problem responsible for getting it corrected. 

The IRS claims it is hampered in its efforts because of privacy concerns, which limits its ability to coordinate with other agencies. 

The report from the GAO does not include the IRS' role in other instances of identity theft.  For instance, I am currently represnting an identity theft victim whose identity thief obtained student loans using my client's name and SSN.  When the student loan was not paid by the identity thief (or my client who had no idea there even was a student loan in his name), Sallie Mae, the servicer of the loan, assigned it to a collection agency for collection.  My client was contacted and he repeatedly disputed the fraudulent student loan with Sallie Mae, the collection agency and the CRAs.  Despite his disputes, Sallie Mae caused the IRS to seize my client's legitimate tax refund (approximately $3100).  After disputed this some more, the IRS wrote him and told him the hold on future refunds was lifted, but it did not pay him the $3100 it had already seized.  Then, the next year, the IRS again seized my client's tax refund and then, after the seizure, wrote another letter that the hold had been lifted. 

I doubt the GAO's survey includes this particular type of fraud being committed on the IRS, fraud by Sallie Mae and its collection agencies.  But something needs to be done about that to protect future consumers.

Part 2 of explanation of 15 U.S.C. 1681d

Yesterday, I began explaining the provisions of 15 U.S.C. 1681d of the Fair Credit Reporting Act.  This post will complete that explanation, starting with subsection (d) of 15 U.S.C. 1681d.

"(d) Prohibitions

(1) Certification. A consumer reporting agency shall not prepare or furnish investigative consumer report unless the agency has received a certification under subsection (a)(2) from the person who requested the report."

[Or unless the CRA has reasonable procedures, followed or not, to this effect.  See part 1 of 1681d's explanation for the reason why.]

"(2) Inquiries. A consumer reporting agency shall not make an inquiry for the purpose of preparing an investigative consumer report on a consumer for employment purposes if the making of the inquiry by an employer or prospective employer of the consumer would violate any applicable Federal or State equal employment opportunity law or regulation."

[I do not think this is referring to the inquiry section found at the bottom of most credit reports. I believe this section actually refers to "inquiries" that occur as part of the process of gathering the information needed to prepare the investigative report. So any such investigation that would violated Federal or State EEOC laws would is prohibited.]

"(3) Certain public record information. Except as otherwise provided in section 613 [1681k], a consumer reporting agency shall not furnish an investigative consumer report that includes information that is a matter of public record and that relates to an arrest, indictment, conviction, civil judicial action, tax lien, or outstanding judgment, unless the agency has verified the accuracy of the information during the 30-day period ending on the date on which the report is furnished."

[This is an interesting subsection. It requires the CRA to investigate, or have investigated within the last 30 days before the investigative consumer report is furnished to the user, the accuracy of any arrests, indictments, convictions as well as lawsuits, tax liens or outstanding judgments. Apparently, it does not include bankruptcies or satisfied judgments. So if the CRA has maintained an investigative report on a consumer that includes the above types of public record information, the CRA must re-verify that information in the thirty day window before providing the investigative consumer report to the user.]

"(4) Certain adverse information. A consumer reporting agency shall not prepare or furnish an investigative consumer report on a consumer that contains information that is adverse to the interest of the consumer and that is obtained through a personal interview with a neighbor, friend, or associate of the consumer or with another person with whom the consumer is acquainted or who has knowledge of such item of information unless

(A) the agency has followed reasonable procedures to obtain confirmation of the information, from an additional source that has independent and direct knowledge of the information; or

(B) the person interviewed is the best possible source of the information."

[Basically, a provision to keep out unsubstantiated rumor and trash talk. Unless the person providing the rumor or trash talk is the best possible source of such trash talk.]

This concludes 1681d. I will move on to explaining 15 U.S.C. 1681e soon.

October 12, 2009

Psychic identity thief caught anyway

James Scott Carver, an Ohio Fifth Third Bank employee who also offered psychic readings and spiritual counseling via a website, was arrested and charged with stealing the identity of a bank customer.  He even touted himself as being able to psychically solve crimes. You'd think a crime solving psychic would see his own arrest coming?!  Maybe his website customers need to seek a refund.

Even better, while investigating Carver's identity theft charge, police found DVDs containing child pornography, which led to the arrest of Carver's "partner" Roy Frederick Sholtes.  So, thanks to Carver's inability to see the arrest in his own future, the police got a two for one, removing both an identity thief and a child pornographer from the streets of Ohio.

Police and bank officials are asking customers of the Fifth Third branch where Carver worked (located on Declaration Drive in Independence, OH) to check their accounts for fraudulent or suspicious activity.

Son steals deceased father's identity

In the course of my ten year career representing identity theft victims, I have seen as many people victimized by family members as I have by strangers.  So this case is nothing new, except that the victim has been dead for nearly two decades. 

Raymond Erhardt II was a licensed plumbing and heating contractor until his death in 1990.  But for the past 18 years, it has appeared that Erhardt II was still plumbing away, despite being deceased.  For those 18 years, Erhardt's son, Raymond Erhardt III, used Erhardt II's plumbing and heating licenses to operate his own business, Danbury, Connecticut based Air Crafters, LLC.

Erhardt III annually filled out renewal forms for three separate licenses of his father, omitting the II or III from the applications.  This allegedly allowed Erhardt III to use his father's licenses for over 18 years.

Part one of explanation of 15 U.S.C. 1681d

Today I finally get back to disecting and explaining each section of the Fair Credit Reporting Act.  I completed my explanation of 15 U.S.C. 1681c-2 a while back, so I will move on to 15 U.S.C. 1681d, which deals with investigative consumer reports.

"1681d.  Disclosure of investigative consumer reports.

(a)  Disclosure of fact of preparation.  A person may not procure or cause to be prepared an investigative consumer report on any consumer unless

(1)  it is clearly and accurately disclosed to the consumer that an investigative consumer report including information as to his character, general reputation, personal characteristics and mode of living, whichever are applicable, may be made, and such disclosure

(A)  is made in a writing mailed, or otherwise delivered, to the consumer, not later than three days after the date on which the report was first requested, and

(B)  includes a statement informing the consumer of his right to request the additional disclsoures provided for under subsection (b) of this section and the written summary of the rights of the consumer prepared pursuant to section 609(c) [1681g]; and

(2)  the person certifies or has certified to the consumer reporting agency that

(A)  the person has made the disclosures to the consumer required by paragraph (1); and

(B)  the person will comply with subsection (b)."

[First, this section only applies to investigative consumer reports, not regular ol' generic credit reports.  Subsection (a) requires a user of a investigative consumer report (i.e. the person requesting that the investigative consumer report be prepared by the CRA - this could be anyone with a permissible purpose to obtain an investigative consumer report, such as a potential employer) to disclose in writing to the consumer within 3 days of the request for the investigative report the fact that an investigative consumer report may be made about the consumer and also inform the consumer of his rights under 1681d(b), which I will get to in a moment, and provide the written summary of rights required by 1681g, which at my current pace I won't get to in a long while.

Subsection (a)(2) requires to user to certify to the CRA preparing the investigative report that the user has made the (a)(1) disclosures to the consumer and will comply with 1681d(b).  Speaking of (b), here it is.]

"(b)  Disclosure on request of nature and scope of investigation.  Any person who procures or causes to be prepared an investigative consumer report on any consumer shall, upon written request made by the consumer within a reasonable period of time after the receipt by him of the disclosure required by subsection (a)(1) of this section, make a complete and accurate disclosure of the nature and scope of the investigation requested.  This disclosure shall be made in a writing mailed, or otherwise delivered, to the consumer not later than five days after the date on which the request for such disclosure was received from the consumer or such report was first requested, whichever is the later."

[This provision gives the consumer the right to request information about the nature and scope of the investigation being requested by the user.  The consumer must request this information within a reasonable period of time after receiving the 1681d(a)(1) notice that the investigative consumer report has been requested.  The section does not define what a "reasonable period of time" is.  Upon receipt of the request, which must be in writing, the user has until the longer of 5 days from when it first requested the investigative report or 5 days from when it received the request from the consumer requesting the nature and scope of the investigation to provide the "complete and accurate" dislcosure of the nature and scope of the investigation to the consumer.]

"(c)  Limitation on liability upon showing of reasonable procedures for compliance with provisions.  No person may be held liable for any violation of subsection (a) or (b) of this section if he shows by a preponderance of the evidence that at the time of the violation he maintained reasonable procedures to assure compliance with subsection (a) or (b) of this section."

[This is a pretty crappy portion of 1681d.  It should be labeled "what one hand giveth, the other taketh away".  Read literally, a user can completely avoid doing what it is required by 1681d(a) and 1681(b) as long as it "maintains" reasonable procedures to comply with these subsections.  This contrasts with at least one other section of the FCRA, which requires that reasonable procedures be "followed", not just maintained.  So, if a court strictly applies this "limitation on liability", all the user must do to avoid its duties is to "maintain", but not actually follow or use, reasonable procedures to comply with 1681(a) and (b).  Crazy.  Hopefully, no court is that naive.]

I will conclude my explanation of 1681d in the near future.

October 07, 2009

21 Million Hotmail Users at Risk for Fraud

Do you use the Hotmail email service?  If so, you and 21 million others are at risk for fraud and potentially identity theft after a data breach led allowed users' password to be illegally obtained.

Hotmail users should all change their passwords and, after doing such, check their financial accounts and credit reports for any suspicious activity.

North Carolina passes law to help consumers avoid identity theft

In response to nearly 1.7 million North Carolinans having their identities put at risk by 329 reported data breaches since 2005, the North Carolina legislature passed a law that allows consumers to "freeze" their credit report.  This helps protect consumers from identity theft because, while frozen, an identity thief should not be able to use their credit report to open a new account.  When the consumer wants to apply for credit, he or she must only contact the credit bureaus to have the freeze lifted for the time period needed to make the credit application.

The biggest downside to freezing one's credit report is that you can't go out and instantly get credit, like some consumers like to do to obtain, for instance, immediate discounts (i.e. apply for a credit card and you get 10% off your purchase).  In my opinion, this small sacrifice is miniscule if it protects your identity.

The North Carolina law also requires paid credit monitoring services to advise consumers on how to get their credit reports for free from  I hope the North Carolina law also allows for private enforcement of this provision (with statutory damages), or it won't be worth the paper its written on.

Identity thief steals sister's identity

A Chicago Public Schools employee has been charged with stealing her sister's identity.  Lilia Cano allegedly used her sister's identity to obtain a Capital One credit card and made over $14,000 in charges.  Cano is employed by the Chicago Public Schools as a clerk. She is now charged with identity theft and is being held on a $30,000 bond.

October 06, 2009

Potential data breach at National Archives puts 70 million veterans at risk of identity theft

The inspector general of the National Archives and Records Administration is investigating a potential data breach which puts the identities of 70 million veterans at risk.  Apparently, the agency sent a defective hard drive back to its vendor for repair without first destroying the data it contained.  The vendor determined that the drive was faulty and sent it out for recycling, with the records of approximately 70 million veterans still on it. 

The AWOL hard drive, reportedly worth approximately $2,000, is now worth millions, possibly billions, to an identity thief.  The hard drive should have been destroyed and should never have left the hands of the government agency.

I assume the agency will alert the 70 million veterans put at risk that their identities may be compromised but I have not seen that in writing anywhere.  If any of you can confirm that the government is alerting the veterans that they are at risk, please let me know.  If any of you can send me a copy of the letter from the government regarding the breach (with the veteran's name and other personal identifiers redacted, of course), that would be great.  Also, veterans at risk, please read the other posts on my site for what I hope to be helpful advice in discovering and countering any theft of your identity.  And, as always, contact me via, if you need my help or advice.

Suffolk County, NY alerted to identity theft scam

Suffolk County police warned residents of the county to beware an identity theft scam that involves e-mails or text messages indicating that their credit union debit card had been closed and to contact the credit union at a specific phone number to have it reopened.  The customer would need to supply their account number and PIN.  Of course, its a scam designed to get the customers' account numbers, PINs and, ultimately, their cash.

This scam is nothign new.  Be wary of any e-mail, text message or phone call that tries to get your account number, PIN or Social Security number.  If legitimate, the person contacting you should already have this information.

First clues that your identity has been stolen

Article after article after article about identity theft urge consumers to monitor their credit reports to see if they are a victim of identity theft.  But what exactly should you look for first? 

Most people learn their identity is stolen when they get a letter or call from a creditor or collection agency attempting to collect a debt that they have never heard of and certainly never incurred.  But those that check their credit reports typically do not first see an account they do not owe.  Instead, these people first learn of their stolen identities when they see one of two things - either an address appears on their credit report where they never lived or an inquiry appears indicating an application for an account for which the person never applied.

The incorrect address could be an address used by the identity thief when he or she applied for a fraudulent account in the victim's name.  Credit bureaus get the addresses they list on consumers credit reports when information is reported to them from third parties (i.e. the consumers themselves, current creditors of the consumers or potential creditors who the consumer (or the identity thief) have submitted an application to).  Thus, an address on a consumer's credit report that he or she does not recognize is often a first sign of identity theft.

The other first sign is an inquiry that the consumer does not recognize.  However, there are many inquiries on every report that the consumer likely does not recognize.  These are primarily promotional type inquiries, which are done by companies that send you junk mail to see if you meet whatever criteria they are looking for.  Promotional inquiries that a consumer does not recognize is NOT a cause for concern.  What IS a cause for concern is a regular (a.k.a. "hard") inquiry which the consumer does not recognize.  A hard inquiry is only caused by a application for new credit, insurance or employment.  Thus, the consumer should almost always recognize the regular, hard iquiries on his or her credit report.  If they don't, that likely means someone else applied for credit in their name.

So, if and when you follow the advice of countless identity theft "pundits" and check your credit report to see if your identity has been stolen, look first for incorrect addresses in the current and former address section (usually towards the top of the credit report) and next for unrecognized hard inquiries in the inquiry section of the credit report (typically toward the bottom of the report).  And, if you find out you are a victim of identity theft and need help or advice, I am only an e-mail or phone call away at or 662-627-9641.

October 05, 2009

New theme song for this blog?

The following was on I-Newswire:
The Original Cornell Gunter’s Coasters have a new song about identity theft. Cornell Gunter’s Coasters, Inc. consists of Charlie Duncan and Lionel Pope. Charlie Duncan has performed continuously with Cornell Gunter’s Coasters, Inc. since 1961. Both Duncan and Pope have also recorded with Cornell on such songs as "Love In My Heart". After encountering some identity theft of their own they were inspired to write a new song called "ID Theft Ain’t No Game"
Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.
Identity theft is serious. While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record. Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit.
One ongoing problem is with original performing Artists. With the help of the real Jon "Bowzer" Bauman former bass singer for the group Sha, Na, Na, the Truth In Music Bill was created to protect the artists from Identity theft and to protect the Consumer from being mis-lead to believe they are seeing the legendary artists that made the hits songs famous - when in fact they are not.

One of five in Australia victims of identity theft

A report has found that one in five Australians are victims of identity theft.  According to the report, criminals use low tech means such as stealing mail to steal their victims' identities.

The Veda Advantage Identity Crimes Report came to the conclusion that 1.2 million Australians had their bank accounts illegally accessed while 1.5 million had their credit cards illegally copied.  Another 1.2 million had also had their mail stolen.

Stealing a person's mail is an easy way to get the information needed to steal that person's identity.  You can help protect yourself from this means of identity theft by utilizing a locked mailbox that allows your mailman to deliver your mail but requires a key to retrieve the mail.

Another means of identity theft popular in Australia is the use of software that allegedly scans your computer for viruses but instead installs software to steal your personal information, including financial information. 

Georgia Tech Yellow Jackets stung by identity theft

An identity thief employed by Georgia Tech allegedly stole $10,000 from the school.  Meredith Durrah, a program coordinator in Georgia Tech's College of Sciences, is charged with identity theft and stealing more than $10,000 from Georgia Tech. 

Durrah is accused of stealing the identity of an Illinois resident.  She allegedly had payroll checks issued in the Illinois resident's name but then took possession of the fraudulent pay checks.  Durrah's scheme started with a letter she allegedly forged from a Georgia Tech professor offering a job to the Illinois victim.  Durrah used the forged letter to allow her to add the victim to the Georgia Tech payroll, then issue fraudulent payroll checks, which Durrah seized and deposited into her own checking account.  Each check was written for $5,100.

Georgia Tech has fired Durrah, who currently faces charges of theft by forgery and forgery, and could face additional charges. 

October 02, 2009

California Attorney General sues executives of credit repair company

Hats off to California Attorney General Jerry Brown.  Brown has filed litigation against Todd Swick and Michael Sardo who own Executive Financial Credit Services, a credit repair company.  California passed a law in 1984 that requires credit repair companies to register with the California Attorney General's office and post a bond with the California Secretary of State. 

Apparently, Executive Financial Credit Services has failed to do both, despite repeated warnings from the Attorney General's office.  The litigation was filed in San Diego Superior Court on September 30, 2009.  Brown wanted to send "a clear signal to credit repair firms operating in California that they must register .... and follow the law.

Credit repair companies that are paid by consumers to attempt to repair consumers' credit by disputing negative information on the consumers' credit reports.  Many credit repair companies are nothing but scams.

Commercial bankruptcies are up and now exceed consumer bankruptcies

According to Equifax (and we know how accurate they are ... NOT!), the number of commerical bankruptcies grew in the second quarter and now surpass bankruptcies filed by consumers.

Commercial bankruptcies increased by 208 percent from the first quarter of 2008 to the second quarter of 2009 while consumer bankruptcies only increased by 122 percent in the same time frame. 

I don't know about everyone else, but both increases seem pretty darn big.  The full article can be found here -

Reporting glitch likely to adversely affect Lloyd's credit card users

For my readers from overseas, which I actually have a few of, here's a story about a computer glitch at the U.K. bank Lloyd's TSB that is causing major problems for some consumers. 

Apparently, Lloyd's had some type of computer glitch which caused its monthly reporting to the credit bureaus to be delayed.  This means the information on the credit reports of its customers is now stale.  Most credit card companies (at least the ones I sue in the U.S.) report monthly.  Lloyds is at least 3 months behind.

For instance, a consumer who paid off his balance in June still has not had his credit report with Experian and Equifax updated by Lloyds.  This means that his debt to income ratio as well as his credit used to credit available ratio are inaccurate which could potentially keep him from getting new credit or cause problems with his existing creditors.

Allegedly, the computer glitch is being "worked on" but its hard to believe that a national bank could get that far behind.

October 01, 2009

Article about the ease and horror of identity theft

I read an excellent article that is not only an eye opener about how easy it is for a skilled hacker to get access to people's personal identifiers, it also pretty accurately describes the horror that awaits those unlucky enough to have their identity stolen.  Read this, folks, its interesting.  The article can be found here -

Anyone in or near Wake County, N.C.?

One of the best way to protect yourself from identity theft is to keep your personal information (SSN, date of birth, mother's maiden name, account numbers, passwords, etc.) private.  One way to help keep this information private is to properly destroy your financial records, credit card statements, junk mail and anything else that you no longer need but are scared to just toss in the dumpster.

NBC 17 is offering a free service to inform the public about identity theft and to make sure their financial records are properly destroyed by shredding the documents right in front of them.  The event, called "Shred-It", is Saturday, October 3, 2009 from 10 a.m. to 2 p.m.  Click here for a video with more information -