Custom Search

January 26, 2010

17 years in the making - Feds to unveil auto database

And I thought it was taking a long time to get the "Red Flag Rules" up and running.  17 years after Congress first passed legislation requiring it, the Feds are unveiling an auto database to deter theft and fraud regarding vehicles titled in the United States.  Read all about it here -  Good read and about time!

See, I was right!

This article supports what I've been saying about the so called "free" credit reports.  Good read. 

So many people are worried about identity theft and the status of their credit report these days. But with so many companies claiming to offer you a free report, it is no wonder consumers are confused and overwhelmed about how to get the information they need. The truth is many companies are not entirely interested in giving you a free credit report, as they are in making money off of you with their other products and services. How does a consumer know where to turn for the information they need?

The Federal Trade Commission is Your Friend

The Federal Trade Commission, a Federal agency set up to protect consumers, is the only place online that offers a truly free credit report through Experian, Equifax, and TransUnion. You can receive reports on your credit every 12 months with no strings attached. Consumers often times are not even aware that they are entitled to review reports on their credit at least once a year, much less get it from a government agency.

Pitfalls to Getting Your Credit Report

Other companies will entice you to their website by stating you will receive a free credit report. Once at the website, you will often times find that you have to buy other products or services before your report will be issued to you. That’s great, if you are interested in the other products and services, but most times consumers just want to see their credit records only.

You may see ads on television or the Internet, or hear ads on the radio from companies offering free credit reports. Be alert to the fact that when you visit the website you might be obligated to buy additional products or services before receiving a report on your credit status. The FTC receives many complaints from consumers who have fallen into this credit report trap. In fact, they encourage you to report any spam websites that you come across.

How to Get Your Free Credit Report

The FTC advises consumers that you cannot get your free credit report directly through Equifax, TransUnion, and Experian. You must contact these companies directly through the FTC website. Simply type in “annual credit report” and look for the official website in your search engine. There are many websites that will have a similar name to this one, so be sure you are on the correct website by typing your search carefully. The site will guide you through the appropriate steps to receive a free report on your credit status.

Consumers typically type in search phrases such as “free credit score,” “free credit history,” and other similar phrases only to land in a website that wants to sell you something you don’t need. Avoid using these searches in the future to avoid spam websites.

You can get your annual report on your credit status for free. You can keep a watchful eye on your credit history in these days of high identity theft rates. You just have to know where to go to get the information you need.

January 25, 2010

Interesting article

Here's an interesting article about how to rebuild (and presumably build) your credit without using those risky things called credit cards.  Interesting read.

I need to start keeping a list ...

of all the types of employments I have seen used to steal identities.  I can recall car dealers, radio hosts, bankers, custodians, mortgage brokers, pickpockets.  It seems like rich and poor can all be greedy enough to try identity theft.  Well, thanks to the AP article below, I can now add waiter to the list:

KANSAS CITY, Mo.—A former Kansas City man has admitted stealing credit card information from customers while he was a waiter at a Country Club Plaza restaurant.

John David Woody of Los Angeles pleaded guilty to identity theft and credit card fraud on Friday in federal court in Kansas City. The 35-year-old admitted that he stole information from 20 customers at the Brio Tuscan Grille in July and August 2008.

Prosecutors say Woody used an electronic device to skim the magnetic strip on the back of credit cards to obtain the information. He then used the credit card numbers to purchase goods online, including thousands of dollars worth of DVDs.

Woody is facing up to 35 years in prison without parole and a fine of up to $750,000.

Bernanke identity thief gets 17 years in the pokey

Remember a few months ago when Federal Reserve Chairman's Ben Bernanke's wife had her identity stolen.  Well, if you don't, read my prior posts on the subject here -

Lernando Zanders, a ringleader of the $1.5 million identity-theft ring that victimized Ms. Bernanke (among many others) was sentenced last week to 17 years in prison and ordered to pay back $1.4 million.  I guess his accomplices will only have to reimburse $100,000. 

According to authorities, Zanders paid professional office employees and pickpockets to steal the personal identifying information of his victims, which he and his accomplices then used to steal cash from the victims' bank accounts.

One of those pickpockets snatched Bernanke's wife's purse at a D.C. Starbucks.  The criminal ring then used her driver's license and checkbook to cash $900 in checks from the Bernanke's bank account.

The conspiracy was brought down, in part, by a receptionist at a Washington doctor's office who had sold patients' information to the ringleaders, court documents said. When authorities traced the stolen identities back to the receptionist, she recorded phone calls with co-conspirators and provided other information that led to their arrests and successful prosecution.

January 19, 2010

Experian's profits rise at expense of Latin American's credit history accuracy

Experian has reported a 1 percent increase in its third quarter revenues over last year, thanks primarily to a 16 percent jump in its Latin American revenues.  Experian did not report profit figures, so we do not know how much revenue Experian is actually making off us inventory ... I mean consumers. 

"Looking ahead across our major businesses, we see further stabilization in parts of North America, we are still cautious on the U.K., while the outlook for Latin America is robust," said CEO Don Robert.  "For the fourth quarter, we expect modest improvement in organic revenue growth."

Experian has its corporate headquarters in Dublin, Ireland, and operational bases in Nottingham, England, Costa Mesa, California, Plano, Texas and Sao Paulo, Brazil.

Its amazing how much profit a company can make when they don't have to pay for the inventory they sell, namely our credit information.

10 things for the small business owner to worry about in the new year

Robert Sciliano has identified ten things for the small business owner to stress over in the new year.  The full article can be found here -

Back up your back up. Numerous reports of cyber-war, thousands of new viruses weekly, and even Mother Nature reeking havoc on the internet, have caused concern among industry professionals. Doing business in the cloud is fantastic; however make sure you have redundant local back-ups of your data.

Anti-virus will not fully protect you. The sheer volume of attacks and new viruses created will keep the anti-virus vendors busy. But there is no way they can keep up the pace 100% of the time. There are numerous technologies that will immunize your PC and make whatever virus or spyware impotent, and any data on your machine typed in a browser useless to the thief.

Social media identity theft is the act of creating a blog or social media site that models your day to day operations. At any time someone can register domains or social media sites with your brand as the face. They then sell product that they never ship and/or do things to damage your brand. Scoop up your social media identities with

Social network nitwits. One of the easiest ways into your companies’ networks is via social media. The explosion of “I just made a tuna” communications has brought out the dumb in many people. The simple act of setting up a group on Facebook and getting your employees to join can open up a treasure trove of data that can facilitate social engineering attacks. Create policies and procedures that involve appropriate use.

Social engineering, the ruse of a confidence man, is back in full force. It never really went away, but with the amount of security in place, sometimes the path of least resistance is simply asking your cleaning crew for the keys to the building. By gaining the trust of employees over the phone, via email or in person, a con-man can get almost anything he needs to get whatever he wants. The best defense is effective policies coupled with ongoing awareness training.

Insider identity theft can ruin your business. Most companies have done their due-diligence to keep the bad guy from hacking from the outside. But many organizations have neglected the risks associated with employees gone bad and the internal damage that can be done. Numerous technologies monitor and control access to sensitive information. But preventing bad employees from doing bad things starts with not hiring bad people.

Phishing scams still work. Despite consumer and employee awareness, a carefully crafted and well designed email that looks like its coming from another employee is probably the most effective spear phish. Going after the CEO or high level executive or “whaling” can often be even more successful. The bigger they are the harder they fall as they say. From my experience it’s often the smartest ones in the room that lack all common sense. Test your employees; see what they will fall for. Then test them again.

Tighten up employee remote access. Allowing Suzy Admin to access the companies VPN from a home PC that Suzy’s son Steve uses to play games on servers hosted in North Korea will end up bad. Malware on a home computer can compromise usernames and passwords resulting in spyware on the network. Set up Suzy with her own laptop that’s fully locked down and prevents Steve from doing anything fun.

Peer to Peer (P2P) file sharing is a fantastic way to leak company and client data to the world. Obama's helicopter plans, security details and notes on congress members being deposed were all leaked on government controlled computers via P2P. Setting admin privileges and installing numerous technologies that will prevent P2P is essential.

Identity theft will get worse before it gets better. And whether it’s your identity, your families or your employee’s identity that is stolen, it can be a huge time suck and a costly event. The best defense involves a 3 legged stool. First, awareness training of all the scams that lure people in, and how to appropriately respond to numerous communications. Second involves a little time and investment in a “credit freeze” or “security freeze”. Learn how to do it HERE. Third is an annual investment in identity theft protection. In today’s cyber crime climate, and with the recession making people desperate to make money any way they can, NOT investing in identity theft protection is, in my opinion, irresponsible. The worst thing you can do is nothing.

January 18, 2010

Experian increasing its presence in the tenant screening market

Experian announced Friday a new website designed specifically for the tenant screening industry.  The website will provide instant rental decisions to property managers and tenant screeners.  Experian's new website will provide tenant payment history, residence history including length of residence, and fraudulent application information.  Of course, given Experian's lackluster history at accuracy regarding financial credit reports, tenants need to beware.  Fortunately, the protections of the Fair Credit Reporting Act also apply to tenant consumer reports.

Much like Experian's credit reports, the tenant history reports will provide a score which can be used to determine the risk of renting to the potential tenant.  Just like credit reports, Experian will be required to provide copies of its reports regarding tenants upon request for a small fee.

Chicago Cub Tyler Colvin possible identity theft victim

Tyler Colvin, a touted up and coming outfield prospect for my favorite baseball team, the Chicago Cubs, is at least an attempted identity theft victim.  Colvin has never been to Utah.  Yet, someone used his name and apparent emerging baseball fame to purchase a $50,000 Dodge pickup truck at a West Valley City, Utah car dealership last week.

Authorities caught up to Matthew T. Van Meter, a 24 year old resident of Nevada, after he presented documents identifying himself as Colvin and signed Colvin's name to a contract to purchase the truck, with a promise to return the next day to pay for the vehicle.

Van Meter, who is being held in a Salt Lake jail, allegedly also has a theft warrant out for him in Tacoma, Washington.

Tyler, if you read this, first let me say I am a huge Cubs fan.  And, second, if you need legal representation, please e-mail me at and I'll be happy to help a Cubbie out!

January 13, 2010

Data breach thwarted by Suffolk Bancorp

Suffolk Bancorp (NASDAQ - SUBK) announced today that on December 24, 2009, its banking subsidiary, the Suffolk County National Bank ("SCNB") discovered through an internal security review that an unauthorized intruder accessed certain customers' Log In information via the computer server hosting SCNB's Online Banking system.

Based on SCNB's investigation, which is ongoing, the unauthorized access occurred during a finite, six-day-period between November 18 and November 23, 2009. 8,378 Online Banking customers were affected, amounting to less than 10 percent of SCNB's total customers. Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server. To date, SCNB has found no evidence of any unauthorized access to Online Banking accounts, nor received any reports of unusual activity or reports of financial loss to its customers.
SCNB has taken a number of additional steps to minimize any possible effect of this incident on its customers.

Watch out India, here comes Equifax!

Maybe I should get licensed to practice law in India.  Equifax, the credit bureau who I have sued many many times in the past, has announced the formation of a new credit bureau in India, named Equifax Credit Information Services Pvt Ltd.  The new credit bureau is a joint venture between Equifax and six leading financial institutions in India, including Bank of Baroda, Bank of India, Kotak Mahindra Prime Ltd, Religare Finvest Ltd, Sundaram Finance Ltd and Union Bank of India.

India granted Equifax a certificate of registration to establish the new credit bureau in April of last year, four years after the application was originally submitted.

I know nothing about Indian law, but it would behoove the Indian government to look into passing strict consumer protection laws.  And, given Equifax's lackluster history of inaccuracy in its credit reports, they need to pass some laws quick!

January 12, 2010

Nice article with some good questions and answers, particularly for younger consumers.  The whole article is on the Chicago Tribune's website at,0,4925763.story

So here are five common questions about credit scores, specifically FICO scores, the most widely used rating.

FICO scores range from 300 (the worst) to 850 (the best).
Q.  How do you establish a credit history and a FICO score?

A.  You need one credit account -- a student loan, auto loan, mortgage or credit card, for example -- open at least six months and reported to one of the three main credit bureaus: Equifax, Experian and TransUnion, says Barry Paperno, consumer operations manager for Fair Isaac Corp., the FICO providers.

Other bills, such as your rent or utilities, generally are not reported to the bureaus.

By law, you're entitled to one free credit report every 12 months from each of the three credit bureaus at, the only site where you can access a free report.

You have to pay to get your credit score, however. If, for example, you request an Equifax report at, you can buy the FICO score it's showing lenders for $7.95. Otherwise, you can buy scores for $15.95 each at (The Experian FICO score is available only to lenders as will the Equifax score after Feb. 14.)

Q.  Does carrying a credit card balance improve my rating?

A.  There is no advantage to carrying a balance, but the lower the better.

Nearly a third of your FICO score is based on your credit utilization, or the percentage of your credit limit that you use. Ideally, you want to charge no more than 30 percent of your available credit.

And even if you pay off your balance each month, it's unwise to charge the full amount of your credit limit. While lenders report to the bureaus every 30 days, the data may not reflect a payment, said Steven Katz, a spokesman for TransUnion. So it could look like you are using all of your credit.

Q.  Does it help my score if I close an old credit card?

A.  Generally, no. And it may hurt by raising your utilization ratio because you have less credit available.

In addition, 15 percent of your FICO score is based on your credit history (the longer the better). Closing an account you've had several years would shorten your history -- and lower your score.

Charge a small sum to the card every few months to keep it active and pay off the balance right away.

Q.  Will my score drop if I check my credit report?

A.  No. Applying for credit, however, does hurt your score so open new accounts sparingly.

One exception: If you are shopping for a mortgage or auto loan, FICO generally counts any applications made within a 45-day period as one. FICO recognizes you have to submit multiple applications as you shop for loan terms. [this is also true regarding car loan applications - those made within a short time of each other are considered one application].

Q.  How do late payments affect my score?

A.  Once you are 30 days overdue on a bill, your score could drop 60 to 110 points, depending on your credit file, according to FICO.

Your payment history makes up the largest portion of your FICO score, so don't pay late. If it's overdue, get back on track as quickly as possible. The more recently you've been late, the worse for your score.

"The key is to make sure you are paying at least the minimum due on time every month," said Katz of TransUnion.

On that last question, its important to note that a late payment alone does not affect your score, but a late payment over thirty days late does.  But its still a good idea to pay on time, since even one day late will cost you a $39 or so late fee. 

January 11, 2010

Springfield, Missouri man may get 50 years in prison for identity theft

Brian Ray, a 32 year old Springfield, Missouri man, could spend 50 years in federal prison for passing bogus bills and identity theft.
The U.S. Attorney's Office says Ray plead guilty to charges in two separate federal indictments.
Ray admits that, between April and November 2009, he stole checking account and personal information from several victims totaling more than $108,000, produced several fake ID's and passed $13,000 in fake money.
Ray could face up to 50 years in prison and $750,000 in fines.

Experian invades Japan's cyberspace

Information services company Experian has acquired an 88.5% share of A-Care Systems, Japan’s leading e-mail marketing company. A-Care will be blended into Experian’s CheetahMail e-mail marketing unit.

A-Care has more than 1,000 clients across several Japanese sectors, including e-commerce, manufacturing and retail. Financial terms of the deal were not disclosed.

The acquisition extends Experian CheetahMail’s global marketing reach. In addition to its New York headquarters, the company has offices in Los Angeles, San Francisco, Amsterdam, Barcelona, Dublin, Duesseldorf, London, Melbourne and Paris.
California's new law restricting the release of marriage license information went into effect on January 1.  This law is aimed at protecting private information and, as a result, curb identity theft.  The law requires people obtaining marriage license information to fill out an application that gives information about the requester.  This gives the authorities a record of who asked for the information in case it is later misused. 

This is already done regarding birth and death certificates, which have for a decade or more not been available without data about the person seeking the certificate. 

I think this law is a good idea and I hope more states follow California's lead.

January 05, 2010

Does using another person's identity when you get married constitute a menage a trois?

Aracelis Cherico, a Manhattan, New York medical assistant has pled guilty to stealing a stranger's identity and using it to get married in the other woman's name.

As a result of Cherico's marriage in her victim's name, the victim's application for a marriage license was denied.  Cherico admitted using the name and personal identifiers of Sara Benitez for years, including when Cherico wed in 1992.  Cherico also filed tax returns in Benitez's name to get more than $2,600 in refunds.

Cherico is expected to be sentenced to 60 days in prison and to help clear Benitez's name.  Seems to me that that's a pretty weak sentence and, from my experience, even the identity thief's help is not enough to undo the havoc caused on an identity theft victim's credit report and financial life.

January 04, 2010

Identity theft is for the birds ... chickens to be precise

Poultry producer Pilgrim's Pride has reached a non-prosecution settlement agreement with the U.S. Attorney Office for the Eastern District of Texas and the U.S. Immigration and Customs Enforcement regarding charges of identity theft and employment of illegal aliens at five of Pilgrim's Pride's plants.

The settlement agreement requires Pilgrim's Pride to pay $4.5 million to the government over the next three years.  Immigration and Customs Enforcement conducted raids of the five plants in 2007 and 2008, apprehending 338 unauthorized workers. 

Pilgrim's Pride has indicated that it will seek to enhance its voluntary compliance programs to identify unauthorized persons who seek or obtain employment with the company.

New article with tips on preventing identity theft

The Holyoke Enterprise (from Holyoke, Colorado) gives the following tips on preventing identity theft:

—Protect your social security number: Don’t keep a Social Security card in your wallet or include the number on checks. Only provide the number when absolutely necessary, and ask to use other identifiers. If a social security number appears on a driver’s license or health insurance card, ask to substitute another number.

—Backup your wallet: Photocopy the fronts and backs of a wallet’s contents, including driver’s license, credit cards and insurance cards. One will be able to quickly notify the appropriate institutions if it gets stolen.

—Safeguard your mail and trash: Before disposal, always shred credit card receipts, checks and bank statements, credit applications or offers, insurance forms, doctor statements, expired charge cards and anything with personal information.

—Store personal information securely: This is especially important when one is having work done in the house, if they employ outside help or have roommates.

—Be on guard in public: Thieves don’t have to steal a wallet for ones identity. Shield the entry of a PIN when using the ATM. Watch out for people peeking over a shoulder or using cell phone cameras to record actions.

—Stay vigilant online: Practice safe surfing when it comes to online shopping, banking, e-mail usage and more. Don’t use public computers to access personally sensitive information. For tips to protect against Internet fraud, visit the government’s safety site at

—Choose better passwords: Select tough passwords for bank, credit card and phone accounts. Don’t use easily available information like a birthday, address, phone number or mother’s maiden name. Combinations of letters, symbols and numbers create the strongest passwords.
Or you could just do what my wife did and marry an identity theft lawyer.

For the full article, see here -