LifeLock Blog

My wife and I just purchased a car and because of this we both begun receiving credit offers on a daily bases. There were days we would receive 5 – 10 credit offers in the mail in a single day. This is simply ridiculous and not a good thing. Pre-approved credit offers are an identity theft’s best friend because it’s as simple as fill in the blanks without worry of rejection from the credit companies.

So what can be done about all these pre-approved credit offers? Luckily there is a simple way to opt-out using the website optoutprescreen.com. The opt-out process is simple and free. To opt-out for 5 years all you have to do is fill out the online form and submit it. If you want to permanently opt-out you have to fill out the form and send it in by mail. If for whatever reason you want to begin recievieving offers again all you have to do is opt back in using the same website.

This should reduce or eliminate credit offers coming to you by mail, and should reduce the likely hood of someone obtaining one. I simply got tired of shredding all of our credit offers because I didn’t want to simply throw them away, but it will also help protect me and my wife from a potential identity theft and credit card fraud.

https://www.optoutprescreen.com/

Facebook has constant malware attacks that most can void simply by not allowing the application access to their account. This recent malware attack, piggybacking on Charlie Sheen’s recent publicity, is much like the others except it uses a technique called click jacking to make it a little bit more effective.

The scam works like this. You see the article posted by a friend with a catchy title like “RIP! Charlie Sheen Found Dead at his House.” You click it and it takes you to a page that looks much like Youtube but isn’t. If you click anywhere on the page the malware gains access to your Facebook profile and it will start to post itself to others profiles. This is followed by a survey, that to this day I don’t know why people fill out, and then some reports of an actual virus that installs itself onto your computer.

If you click this link all you need to do is go to Account>>Privacy Setting.  In the bottom left you will see a section called ‘apps and websites’ click the link that says Edit your settings. Find the recent addition and remove the application’s access to your account. Then find the posts it made to friends walls and your own and remove them. That should take care of it.

Well it’s tax season again and people are gearing up to prepare their tax returns in hope of getting just a little bit back from old Uncle Sam.  Every year however people are scammed into giving away important information that ultimately leads to an identity theft. Tax time can be a confusing and hectic time for some and leaves them open to scammers impersonating the IRS and other government agencies.

What the Scam looks like.

These tax related scams often times manifest themselves in the form of an email. The sender will often times impersonate the IRS or the treasury and include attention grabbing titles like “Tax Refund”  or “IRS Notice.” The email will then inform you that you need to provide information to them in order to receive your refund or to prevent from paying a penalty or fee. Also scammers use fake or phony websites to try and steal information from their victims. These websites might look identical to the IRS but are used by the criminals to trick users into entering data into them.

What you should know.

You should know that the IRS does not send unsolicited e-mails to tax pays. So if you do not contact them via email then it’s not really the IRS. Also many of these emails are sent by individuals who’s first language isn’t English. So look out for unusual grammar and sentence structure because these are dead giveaways. When presented with a IRS website make sure the URL starts with http://www.irs.gov/. If it does not it’s not the real IRS website and you should leave.

Every year new scams come out and scammers find new and interesting ways to take advantage of unsuspecting people. So keep your eyes open and your information safe this tax season.

Larry Smith on the Left Joseph Kidd on the right

Identity theft is a serious matter and has ruined people’s lives. The amazing thing is it doesn’t take a brilliant criminal to pull off a long term identity theft and ruin someone’s life. No one knows this better than a Florida man named Larry Smith.

17 years ago a homeless man named Joseph Kidd stole Larry’s identity. Joseph Kidd was a simple drifter and used the identity as an alias passing all his medical bills, tickets and warrants on to the real Larry Smith. The identity theft has prevented Larry from gaining access to his medical benefits as well as almost getting his license suspended for unpaid tickets Kidd was racking up in California.

Things were about to get worse when Joseph Kidd violated his parole after completing time for non-violent crimes. The problem was Joseph was booked using his alias Larry Smith. Because of this the real Larry was arrested in Florida and put into prison in Orlando. His wife and family or course were shocked and didn’t sleep until they convinced the police their Larry wasn’t the Larry they were after. They were also concerned that their Larry would be extradited to California because Kidd had violated his parole. Larry was eventually released and the Joseph Kidd was found and sent back to California where he served more time.

The kicker to this story is that when Joseph was booked for violating his parole he was booked as Larry again and even given a parole Id with Larry’s name on it. Instead of just fixing the matter it seemed it was easier to just let Joseph keep tormenting the real Larry Smith. Well it seems the real Larry is going to get his life back after Det. Jim Hudson of California’s Placer County Sheriff’s Department has taken his case and arrest Joseph Kidd for multiple counts that include identity theft and welfare fraud. The detective says “Undoing 17 years of damage to this guy will take years to fix, but I’m committed to making sure Mr. Smith is no longer considered a felon and I want to give him back his medical benefits.” I applaud the detective and I think that’s a great place to start.

The Red Flag Laws that took effect on Jan. 1, 2008, where supposed to require businesses that handle credit to adopt written plans to identify, detect, monitor and respond to potential instances of identity theft. The enforcement deadline was set for a reasonable Nov.1, 2008, but the FTC as postponed the enforcement several times to allow business time to comply.

The first time the laws were delayed was to May 1, 2009. Then the FTC backed it up to August 1, 2009, and then Nov. 1, 2009, and then again to June 1, 2010 ,and then finally Jan. 1, 2011 were the FTC says it will finally be enforced.

One of the reasons for the delays were because of several groups petitioning the FTC for more time to comply. Other delays were because of several members of congress trying to narrow the scope of the law.

Several professions have already worked their way out of the Red Flag Laws including lawyers, health care providers, and physicians. Also under the new clarification act any businesses that allows deferred payments for expenses incidental to a service is now not considered to be a creditor and is exempt from the Red Flag laws as well. So it seems there’s not a whole lot of businesses left to comply mainly car dealerships from what I have read.  Oh well, at least they aren’t going to move the deadline back again it was starting to get ridiculous.

who are the red flag laws for anyway? I know the regulation says creditors and that was supposed to include health care providers, attorneys, doctors, hospitals, and anyone who allows people to deffer payments. I’m sure they meant to include them in the regulations to make their professions less likely to be used and abused by identity thieves. It seems the attorneys and health care providers as well as other who  permit payment to be deferred have been left off the hook.  Pending litigation by the American Medical Association and other physician organizations has all but gotten them exempt as well. So who are these laws for anyway?

What follows is the new clarification as to what a creditor means.

SECTION 1. SHORT TITLE.

This Act may be cited as the `Red Flag Program Clarification Act of 2010′.

SEC. 2. SCOPE OF CERTAIN CREDITOR REQUIREMENTS.

(a) Amendment to FCRA- Section 615(e) of the Fair Credit Reporting Act (15 U.S.C. 1681m(e)) is amended by adding at the end the following:

`(4) DEFINITIONS- As used in this subsection, the term `creditor’–

`(A) means a creditor, as defined in section 702 of the Equal Credit Opportunity Act (15 U.S.C. 1691a), that regularly and in the ordinary course of business–

`(i) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction;

`(ii) furnishes information to consumer reporting agencies, as described in section 623, in connection with a credit transaction; or

`(iii) advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person;

`(B) does not include a creditor described in subparagraph (A)(iii) that advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person; and

`(C) includes any other type of creditor, as defined in that section 702, as the agency described in paragraph (1) having authority over that creditor may determine appropriate by rule promulgated by that agency, based on a determination that such creditor offers or maintains accounts that are subject to a reasonably foreseeable risk of identity theft.’

(b) Effective Date- The amendment made by this section shall become effective on the date of enactment of this Act.

Confused? Yeah so am I, not sure what all that says but it seems no one except for people who most likely already have identity theft detection programs active have to follow these rules. These Red Flag laws started out as a great idea, but now they a simply a job that can be fixed simply by complaining enough about them.

You would think people would learn that you shouldn’t click on everything you see on the internet and on Facebook, but we constantly see people who refuse to learn this lesson. If people were smart enough not to fall for these tricks hackers would move on to something else. Another Facebook scam similar to all the others is using the super popular pop star Justin Bieber as it’s bait.

The malware works like most of the other on Facebook that make it through Facebook’s filters. There’s some kind of link that has eye catching title in this case “OH MY GOD!…Justin BIEBER Hits Girl For NO Reason! OMG! This Is So Badd!” When people click on it they are taken to a page that has a picture of a girl next to the Fox logo and a big invitation to “click here.” When you do you have to approve an application and will out a information forum. While you are filling out the forum the application is sending altered versions of the scam to your friends and to your wall.

The scam is all too familiar and should be to pretty much any Facebook user by now. The information gained form the users profile and form is used to make money for the creators of the Facebook malware. Who knows what they do with the information you gave them, perhaps could be used to steal someone’s identity, but you can’t assume it’s for anything productive.

If you have fallen for one of these Facebook malwares make sure to remove the application from the Applications and Websites page under Privacy Settings. This will prevent it from further spreading itself to your friends.

News of data breaches are becoming more common these days. With new laws concerning data breach disclosure and the fact identity theft is one of the fastest growing crimes in America you can see why. Many schools, colleges, and universities around the country have battled with data breaches. Whether someone hacked in and stole some data or like in some cases it was simply left unprotected on the server. University of North Florida is not longer a stranger to the pains of dealing with a data breach as they start to notify more than 106,000 students and applicants of their recent security breach.

According to a security advisory post on the school’s website a person outside of the US has manages to access a recruitment file sometime between Sept. 24 and Sept. 29. The document contained information from current students as well as current applicants ranging from 2007 to 2010. Information provided in the file included: Social Security numbers, names, and dates of birth. Some of the records even had the students SAT and ACT scores.

UNF is working with the FBI to investigate how the attackers gained access to the files as well as make sure no other files have been compromised. UNF is dedicated to protecting it’s students from this sort of breach and is investigating new technology the protect it’s servers. The main difficulty is along with better technology comes new and effective ways of breaching it. Security of important information is always a uphill battle one that I’m sure UNF is willing to fight.

A Bulgarian citizen, who was living in Oregon, has been charged with identity theft of a 3-year-old child, who was kidnapped and killed in 1982, after applying for a US passport. Doichin Krustev has plead not guilt to the charges.

Doichin Krustev, better known to friends in Oregon as Jason Evers, assumed Evers’ identity when he was just 16. The real Jason Robert Evers was kidnapped and killed in 1982 at the age of 3. Krustev was caught when he tried to apply for a US passport, which checks names and Social Security numbers against the death records by a division of the US state department.

According to kboi2.com Krustev was the son of a “respected scientific scholar in Bulgaria, attended high school and college in the United States, living with a former Reagan administration lawyer and his physician wife outside Washington, D.C. He dropped out of college and disappeared about 15 years ago,”

US federal court documents suggest that a plea bargain is imminent. Krustev has been charged with knowingly making false statements on his passport application  and aggravated identity theft.

It’s a sad situation. A runaway college dropout runs away from his friends and starts a new life with a stolen identity of a child who was kidnapped and murdered. The parents of the child who had his identity stolen have got to be angry with the situation. I’m sure the theft has caused them stress and brought to the surface feelings and thoughts that they would prefer to soon forget.

LifeLock Credit Score Manager is scheduled to drop sometime in the month of October. LifeLock, the leader in proactive identity theft protection, has decided to add this feature after receiving customer feedback. LifeLock is so closely tied to what is happening to your credit that allowing people to view and monitor their Credit Scores is a very logical next step. Even though your credit score doesn’t have anything to do with identity theft a lot of people want to know what their score is. So why not add it to a service they already know and love.

LifeLock already offered members free credit reports from all three major credit bureaus annually. The new Credit Score Manage offers the same thing as well as monthly credit reports and scores from TransUnion. Credit Score Manage comes with the following features.

*  Daily Tri-Bureau Credit Monitoring (TransUnion, Equifax, Experian)
* Monthly Credit Score Updates
* Annual Tri-Bureau Credit Reports
* Annual Tri-Bureau Credit Scores
* 24/7 Credit Dispute Assistance

I think the new Credit Score Manage from LifeLock is going to be a great tool for it’s members. Allowing members to get their credit scores right from LifeLock will prevent them from having to go elsewhere trying to find them. It’s going to make a lot of people’s live just a little bit easier.