Attorney's Advice for Identity Theft
It seems today that we need to ever watchful of our identities being stolen. An email was sent to me by a friend who ran across information that a corporate attorney sent to the employees of his company to reduce the risk of being a victim of identity fraud. I would like to share these with you as it may help you or someone you know some day. Here they are:
1)
Do NOT sign the back of your credit cards. Instead, put "PHOTO ID REQUIRED".2) When you are writing checks to pay on your credit card accounts, DO NOT put the complete account number on the "
For" line. Instead, just put the last four numbers. The credit card company knows the rest of the number, and anyone who might be handling your check as it passes through all the check processing channels won't have access to it.
3) Put your work phone number on your checks instead of your home phone. If you have a P O Box use that instead of your home address. If you do not have a P O Box, use your work address.
Never have your social security number printed on your checks (DUH!). You can add it if it is necessary, but if you have it printed, anyone can get it.
4) Place the contents of your wallet on a photocopy machine. Do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel. Keep the photocopy in a safe place. Also, carry a photocopy of your passport when you travel either here or abroad. We've all heard horror stories about fraud that is committed on us in stealing a name, address, social security number, credit cards.
The attorney who wrote this article also said: "Unfortunately, I, an attorney, have firsthand knowledge because my wallet was stolen last month. Within a week, the thieves ordered an expensive monthly cell phone package, applied for a VISA credit card, had a credit line approved to buy a Gateway computer, received a PIN number from the DMV to change my driving record information online, and more." He went on to give some critical information to limit the damage in case this happens to you or someone you know:
5) We have been told we should cancel our credit cards immediately. But the key is having the toll free numbers and your card numbers handy so you know whom to call. Keep those where you can find them.
6) File a police report immediately in the jurisdiction where your credit cards, etc. were stolen. This proves to credit providers you were diligent, and this is a first step toward in investigation (if there ever is one).
7)
Most important, though, is to call the three national credit reporting organizations immediately to place a fraud alert on your name and also call the social security fraud line number. This is important because an application for credit can be made over the internet in your name. The alert means any company that checks your credit knows your information was stolen, and they have to contact you by phone to authorize new credit. The attorney whose wallet was stolen didn't do this until two weeks after the wallet was stolen - and there were records of all the credit checks initiated by the thieves purchases - which none he knew of before placing the alert. Since he placed the alert no additional damage had been done and the thieves threw away his wallet and someone turned it in as the thieves were no longer able to make purchases using his identity.
Now, here are the numbers you need to contact to notify about your wallet, etc being stolen:
1) Equifax: 800-525-6285
2) Experian (formerly TRW): 888-397-3742
3) Trans Union: 800-680-7289
4) Social Security Administration fraud line: 800-269-0271
Feel free to share this information with those you know.
Labels: credit cards, fraud, identity theft, wallet stolen
What You Need To Know About Phishing!
A rapidly increasing problem among internet users today is Phishing. Internet users need to be prepared to deal with this issue for many different reasons. In this article, I will be using “CompanyABC” for the name of some of the companies that have been used in Phishing e-mails. Note that the company names used are well known but have become innocent victims themselves. Some of these companies are CitiBank, PayPal, and Capital One to mention a few. Pay very close attention to your incoming e-mails and everyone will be happier.
What is Phishing?
Phishing is a form of fraud designed to steal your identity. It works by using false pretenses to get you to disclose sensitive personal information, such as credit and debit card numbers, account passwords, or Social Security numbers.
One of the most common Phishing scams involves sending a fraudulent email that claims to be from a well-known company. Phishing can also be carried out in person, over the phone, through fraudulent pop-up windows, and websites.
DEFINITIONS
Phishing (pronounced “fishing”): Fraudulent emails that request or initiate a scam to get sensitive personal information.
Spoof Site: Fraudulent sites – usually linked from a Phishing email – that look like well-known websites.
How Phishing through email works.
1. Mass Email
2. Phishing Email
3. Fraudulent Website
A fraudster will start out sending thousands, even millions, of emails to different mail accounts disguised as messages from a well-known company. The typical Phishing email will contain a concocted story designed to lure you into taking an action such as clicking a link or button in the email or calling a phone number. Learn how to spot a fraudulent email.
In the email, there will be links or buttons that take you to a fraudulent website. The fraudulent website will also mimic the appearance of a popular website or company. The scam site will ask for personal information, such as your credit card number, Social Security number, or account password.
You think you’re giving information to a trusted company when, in fact, you’re supplying it to a criminal. Learn how to spot a fraudulent website.
Questions A “CompanyABC” will never ask you in an email.
To help you better identify fake emails, “CompanyABC” follows strict rules. The “CompanyABC” will never ask for the following personal information in email:
Credit and debit card numbers
Bank account numbers
Driver's license numbers
Email addresses
Social Security Number
Passwords
Your full name
Things to look for in scam email and websites.
Fraudulent email and websites are designed to deceive you and can be difficult to distinguish from the real thing. Whenever you get an email about your “CompanyABC” account, the safest and easiest course of action is to open a new browser, type https://www.a“CompanyABC”.com, and log in to your “CompanyABC” account directly. Do not click on any link in an email that requests personal information.
How to spot a Phishing email.
There ar
e many telltale signs of a fraudulent email.
Sender's Email Address. To give you a false sense of security, the “From” line may include an official-looking email address that may actually be copied from a genuine one. The email address can easily be altered – it’s not an indication of the validity of any email communication.
Generic Email Greeting. A typical Phishing email will have a generic greeting, such as “Dear User.” Note: All A“CompanyABC” emails will greet you by your first and last name.
False Sense of Urgency. Most Phishing emails try to deceive you with the threat that your account will be in jeopardy if it’s not updated right away. An email that urgently requests you to supply sensitive personal information is typically fraudulent.
Fake Links. Many Phishing emails have a link that looks valid, but sends you to a fraudulent site that may or may not have an URL different from the link. Always check where a link is going before you click. Move your mouse over the URL in the email and look at the URL in the browser. As always, if it looks suspicious, don't click it. Open a new browser window, and type https://www.a “CompanyABC”.com.
Attachments. Similar to fake links, attachments can be used in Phishing emails and are dangerous. Never click on an attachment. It could cause you to download spyware or a virus. A “CompanyABC” will never email you an attachment or a software update to install on your computer.
How to spot a spoof (fraudulent) website.
A Phishing email will usually try to direct you to a fraudulent website that mimics the appearance of a popular website or company. The spoof website will request your personal information, such as credit card number, Social Security number, or account password. You think you are giving information to a trusted company when, in fact, you are supplying it to an online criminal.
Deceptive URLs.
Be cautious. Some fraudsters will insert a fake browser address bar over the real one, making it appear that you’re on a legitimate website. Follow these precautions: Even if an URL contains the word "A “CompanyABC”," it may not be a “CompanyABC” site.
Examples of fake addresses:
http://83.16.123.18/pp/update.htm?=https://www.alegitimatecompany.com/=cmd_login_access.www.secure-alegitimatecompany.com
Always log in to A “CompanyABC” by opening a new browser and typing in the following:
https://www.a “CompanyABC”.com.
The term "https" should precede any web address (or URL) where you enter personal information. The "s" stands for secure. If you don't see "https," you're not in a secure web session, and you should not enter data.
Out-of-place lock icon.
Make sure there is a secure lock icon 
in the status bar at the bottom of the browser window. Many fake sites will put this icon inside the window to deceive you.
Ways to combat scam email and websites.
Remember, when it comes to Phishing, you are in control. To protect your personal financial information, ignore the requests in the email.
Never provide any information.
Never click on any link that seems suspicious.
How to report a Phishing email.
The companies which are victims themselves, take online fraud seriously by investigating Phishing emails reported to them. PayPal is one of these companies. If you think you have a Phishing e-mail from PayPal follow these steps:
Forward the entire email to spoof@PayPal.com.
Do not alter the subject line or forward the message as an attachment.
Delete the suspicious email from your email account.
PayPal will let you know quickly if the email is legitimate.
A genuine PayPal email will never ask for:
Credit and debit card numbers
Bank account numbers
Driver's license numbers
Email addresses
Passwords
Your full name
A genuine PayPal email will never include:
Attachments
Software
More steps to protect you from Phishing.
Monitor your accounts. Check your account periodically for suspicious activity. If you notice unauthorized use, report it.
Keep security software current. Update your firewalls and security patches frequently.
Be smart about your password. Change passwords often and use unique passwords that include letters, numbers, and symbols.
Dr. Eugene R GibbinsABR, ABRM, AHWD, CIPS, CREA, CRB, CRS, e-PRO, GRI
DrEugene@Gibbins.com
Gibbins Real Estate & Consulting
GAI Seminars
Labels: fraud, identity theft, internet, phishing
