How the New Credit Card Microchips Protect You

Even if you don’t have one yet, you’ve probably seen the new credit cards that have a microchip on the front. These chips, officially called EMV Smart Chips (The EMV means “Europay, MasterCard and Visa”), provide users with a better layer of security than traditional credit card magnetic strips. They’re more secure because the chip and credit card reader talk to each other using encrypted data – old cards simply gave the data without protection. This makes chipped cards far more difficult for fraudsters to clone and they’re certainly a welcome technology for anyone looking to protect their identity and financial information.

It’s time to retire your swiping motion and get caught up on the insert – the credit card microchip EMV conversion mandate is upon us come Thursday, September 30.

If you do your banking with a major financial institution like Bank of America, Wells Fargo or Chase, there is a pretty good chance that you already have a microchip on your credit or debit card. Not only that, but you may have used the technology already while shopping at a major retail chain (Wal-Mart is where I first encountered one). Continue Reading at About Bill Pay

But unlike a simple magnetic strip, the chip interacts with the machine that is reading it, in order to encrypt the data and authenticate it more securely. In effect, the credit card and its reader have an encrypted conversation in order to ensure the credit card is valid, while a simple (that is, “dumb”) magnetic stripe merely recites your credit card number and expiration date to any machine that can read it. Continue Reading at Credit.com

Avoiding Credit Card Chip Scams

Ironically, the new credit card security chips, which are supposed to keep your information even more secure from hackers and data breaches, has driven scammers to come up with new (& old) angles to steal your personal information.  While we all may be just a little safer using our cards at retail stores, criminals are using phishing emails which appear to be from legitimate banks.  The company logos, addresses and information all appear to be real.  The messages read to the effect, “Your card is on the way, but you need to update some information before you can start using it”.

They then ask you for your account numbers, passwords and other sensitive information that you definitely do not want to give out.  Don’t go for it!

Do not reply to the email.

Do not click on any links within the email

Your bank or credit card company will never ask you for this kind of information via email.  Keep your account numbers and online passwords secure and never give them to anyone you can’t 100% verify their identity.

This type of scam has been going on since the beginning of the internet, but that doesn’t mean it’s not still an effective tool for identity thieves.  Stay aware.  Report any suspicious emails like this to your financial institutions immediately.  If you believe you’ve been a victim of one of these scams, immediately check your credit report and monitor your credit to ensure you haven’t had more information stolen than just your account numbers.

 

Is Your Mailbox A Target For Identity Theft?

With all of the creative and technical ways that identity thieves can use to steal your identity, good old common mail theft is still one of the easiest ways for a criminal to steal your personal identifiable information, and use it fraudulently.  Unfortunately, mail theft is one of those things we just don’t think much about, with most of us being concerned about online passwords, hackers, phishing email scams and data breaches.   These criminals will generally target mail that appears to contain checks or money, but they’re also looking for sensitive information that includes your drivers license number, account numbers and even your social security number.  If they get a hold of any of these items, you are likely to be the victim of complete identity theft.  The effects of this can be devastating.

Taking the protection of your mail should be a top priority, as it’s one of the places you are most vulnerable to identity theft, yet it’s extremely easy to secure.

Here are some suggestions to avoid having your ID stolen via your mail:

Don’t leave your mail in your home mailbox for the postman to pick up. Instead, take it to the post office. You can also get a locking mailbox, as Barbara did.

Study your bank and credit card statements to make sure all the charges make sense and monitor your credit monthly to ensure no unauthorized accounts have been opened.

To read an personal account of how mail theft leads to identity theft, read this article at abcnews.com.

IRS Reports New Data Breach

According to the IRS, on Tuesday, hackers attempted to breach their computer systems in an attempt to file fraudulent tax returns.  The thieves were attempting to gain access to E-File pin numbers which are used by some people to file their tax returns electronically.  The IRS stated on Tuesday that approximately 464,000 social security numbers were accessed and nearly 100,000 of those were used to acquire E-file pin numbers.

The hackers apparently acquired personal tax payer data that was stolen from other sources to assist them in obtaining & generating the E-file pin numbers.  The IRS is also reporting that no personal data was compromised or released in the attack.  Tax payers who’s social security numbers may have been involved in the breach will be sent notifications by mail. The agency also noted that they are protecting the affected accounts by marking them to “protect against tax-related identity theft”.   This is especially unnerving considering the IRS suffered an extensive data breach in 2015 in which over 300,000 taxpayers information was stolen, used to file fraudulent tax returns and obtain over $50 million federal funds.

If the IRS isn’t going to do something to protect your sensitive data, isn’t it time you took matters into your own hands.  There’s no way you can protect yourself against a major corporate data breach like this one.  Individuals who are notified that their information has been part of a data breach are 6 times more likely to have been a victim of identity theft in the past year.

This means that before you are even told that your social security number, credit card number or other personal information has been part of a data breach, the criminals have likely used your information fraudulently, without you ever even knowing.  By this time, the damage has been done.

Start taking your identity protection seriously.  IdentityGuard.com provides unmatched credit & identity monitoring, so you know if your information has been breached before the IRS or retail store gets around to telling you.  Sign up today from StopIdentityFraud.org and get 30 days free protection and save $3.00/month off the homepage price.

States Delaying Tax Refunds To Protect Against Fraud

In 2012, international hackers penetrated the South Carolina Department of Revenue system and gained access to nearly 3.6 million tax returns from as far back as 1998.  This was a wake up call, not only for the South Carolina government, but for the entire nation.  Since then, nearly all states have beefed up security surrounding their tax & revenue collection agencies and identity theft prevention has finally become a top priority.   This year, South Carolina and other states are implementing a new tax fraud detection process that will hopefully make it more difficult for criminals to file fraudulent tax returns using other peoples information.  Unfortunately, this is going to delay tax refunds to many Americans, which is likely to not be received warmly.

However, these identity theft protection steps are essential to protect individuals against, not only identity theft, but tax fraud and insurance fraud.  In 2013, the IRS identified nearly 3 million potentially fraudulent tax returns.  Nearly 5 billion dollars was paid out in fraudulent returns that year alone. That’s 5 billion..with a B.  You can read more about the South Carolina tax fraud situation here.

Thing to look out for this tax season.

Always ensure your tax documents are kept secure and under your control at all times.  They contain your social security number and other sensitive information that you don’t want falling into the wrong hands.

If you’re going to be mailing your tax preparation information to a CPA or service, drop your documents at the post office, instead of mailing directly from your home mailbox. This is much more secure and will prevent your information being compromised by mail theft.

If you receive an unexpected letter or notice from the IRS, this could be because someone else has already filed a tax return using your social security number.  Contact the IRS immediately at 1-800-908-4490 to determine if this is the case.  IRS agents will work with you to ensure you properly file your tax return and receive any refunds that are due.

The IRS will never correspond with you regarding identity theft via email or text. If you receive a suspicious looking text or email, it’s likely a tax fraud phishing scam.  Forward it to [email protected]

If you need a reasonable priced tax service that will get you all of the refund to which you’re entitled, I always recommend H&R Block.  They’re professional and affordable and can handle nearly any tax prep situation.  You can file online, fast & extremely simple.

hrblock468x60

 

Do You Really Need RFID Blocking Wallet?

Buying a wallet used to be a relatively simple decision.  You had your choice of a bifold, trifold, credit card sleeve or maybe just a money clip.  Now if you flip through tech or gadget magazine, you’ll find a whole new genre of wallets that are designed with RFID blocking protection. Like this one from Common Fibers and Billetus  RFID (Radio Frequency Identification) blocking wallets are, in theory, made to shield your smart cards from identity thieves who use a cheap, handheld RFID scanners to “skim” your card information from a distance.  Once they’ve downloaded your card information, they create a new card with your card number and details. That’s when the real damage starts, because the new cards read just like a legitimate credit card and credit card scanners can’t tell the difference.  The criminals can do all of this from several feet away, without you even knowing it’s happening.

With frightening reality in mind, do you really need an RFID blocking wallet?  Do they even work as advertised?  To some extent they may offer a level of protection, however not all of these wallets work as well as others. Testing by Consumer Reports and others have shown that some of the RFID blocking wallets on the market work about as well as wrapping your credit cards in a layer of aluminum foil..but others may have some merit.

It’s also not certain whether the threat of RFID skimming is occurring often enough to truly be a concern for most people.  There have been very few reported cases of RFID skimming crimes and for good reason.  There are simpler and more effective ways of stealing peoples personal information and money.

RFID technology has improved significantly since it’s inception.  Early versions would transmit sensitive information unencrypted, including credit card numbers.  However, according to the major credit card companies, the latest RFID payment systems are extremely secure and now use full data encryption.  Nevertheless, RFID technology may be dying a slow death as card companies begin the transition to cards with EMV chip and PIN technology, which are considerably less susceptible to remote skimming.  EMV cards do not transmit a radio frequency signal, so an RFID wallet isn’t going to do much good with these new cards.

Even if you make the switch to all EMV based credit cards, you may still be transmitting an RFID signal from your drivers license or passport.  Luckily, the only information anyone is likely to steal is your name and physical address.  Even if compromised, this basic information isn’t likely to make you a fraud or identity theft victim.  If you fancy yourself as a wannabe James Bond or you’re just a little on the paranoid side, an RFID wallet may be a wise purchase.  However, chances are you’ll be ok without one.

Fitbit Hacking – Are Your Wearable Devices At Risk?

Some of the hottest holiday gifts this past season were the wearable fitness tracking devices such as Fitbit, Runtastic Orbit & Mio Fuse.  But apparently the hackers of the world were paying attention as well and there have been reports of Fitbit accounts and other wearable technology accounts being compromised.  This was not reported as a breach on a large scale where a customer database was hacked.  It appears to have been some isolated incidents where customer usernames & passwords may have purchased on the black market where stolen account information is often bought and sold.

In the reported cases, the Fitbit identity thieves changed the account information shortly after stealing it.  This prevented the true account owners from accessing their accounts.  The criminals then used the stolen accounts to request replacement devices under warranty by reporting them as “faulty”.  In most cases, it was the more expensive Fitbit & wearable hardware that was the target of the scammers.  Its also scary to think of the personal health information that may be accessible to anyone who hacks a Fitbit account.   Previous articles on the topic have stated that a Fitbit type device can be hacked in less than 10 seconds.

As reported by Mr. Krebs, Fitbit’s cybersecurity team recently assigned risk levels to incoming requests. He quoted Fitbit’s CSO, Marc Bown as saying: “If we see an account that was used in a suspicious way or a large number of login requests for accounts coming from a small group of Internet addresses, we’ll lock the account and have the customer reconfirm specific information.” Not surprisingly, Fitbit has plans to introduce two-factor authentication to combat hijacking of Fitbit accounts via the company website.

You can read more about the Fitbit hacking incidents here.

Related Fitbit hacking resources:

https://www.schneier.com/blog/archives/2015/10/hacking_fitbit.html

https://www.theregister.co.uk/2015/10/21/fitbit_hack/

https://www.engadget.com/2015/10/21/fitbit-tracker-bluetooth-vulnerability/


Email Credit Card Chip Scam

Ironically, the new credit card security chips, which are supposed to keep your information even more secure from hackers and data breaches, has driven scammers to come up with new (& old) angles to steal your personal information.  While we all may be just a little safer using our cards at retail stores, criminals are using phishing emails which appear to be from legitimate banks.  The company logos, addresses and information all appear to be real.  The messages read to the effect, “Your card is on the way, but you need to update some information before you can start using it”.

They then ask you for your account numbers, passwords and other sensitive information that you definitely do not want to give out.  Don’t go for it!

Do not reply to the email.

Do not click on any links within the email

Your bank or credit card company will never ask you for this kind of information via email.  Keep your account numbers and online passwords secure and never give them to anyone you can’t 100% verify their identity.

This type of scam has been going on since the beginning of the internet, but that doesn’t mean it’s not still an effective tool for identity thieves.  Stay aware.  Report any suspicious emails like this to your financial institutions immediately.  If you believe you’ve been a victim of one of these scams, immediately check your credit report and monitor your credit to ensure you haven’t had more information stolen than just your account numbers.

 

How To Freeze Your Credit Report

freezecreditreportfb

Placing a freeze on your credit report is one of the initial steps you should take if you discover you are the victim of identity theft.  This temporary freeze prevents the information in your credit file from being reported to companies, credit grantors etc.  The short version is that nobody can run a credit inquiry and see your credit report.  This prevents further fraudulent accounts from being opened with your social security number and personal identifiable information.

Only the individual who’s social security number is attached to that credit file can request a temporary credit freeze or a temporary lift of the credit freeze.  Keep in mind that you will not be able to apply for new lines of credit, loans or mortgages while the freeze is in place, so you will need to plan ahead if you know that a creditor may need to pull your credit report in the near future.

When submitting for a credit report freeze, you must do so with ALL 3 CREDIT BUREAUS.  Equifax, Experian & TransUnion.  Additionally, if you wish to temporarily remove the freeze, you must again request the lift with all 3 bureaus.  After you freeze your credit files, it will be necessary to monitor your credit reports over the next several weeks & months, to ensure no new fraudulent accounts were reported before you set the security freeze.

You Can Learn More About How To Freeze Your Credit Report at FTC.gov

Learn How To Protect Your Social Security Number

ssnprotectiontips

The most sensitive piece of personally identifiable information is without a doubt your social security number.  This is one piece of information you don’t want anybody else getting their hands on. An identity thief can do unthinkable amounts of damage with your social security number and very little other information.   So what do you need to do in order to keep your SSN as secure as possible?

A typical yet effective strategy on preventing Social Security Number (SSN) theft is on the way, finally. This change will hopefully make it more difficult for identity thieves to easily access your SSN and use it for identity theft purposes.  Your SSN will eventually be excluded by Medicare as part of their benefit cards. Over the years, these numbers have been among the primary basis for medical identification.  This was just a problem waiting to happen.  And guess what, it did happen.  In the form of countless cases of identity theft.

Recently, President Obama signed a bill intending to stop using SSNs when transacting with Medicare. This law was accepted by the State’s major political parties. The primary objective of this law is to modify doctors’ fees when it comes to giving medical services to patients covered by Medicare, however there is a specific section of the law that emphasizes that never should SSNs be reflected, typed, or included on the Medicare ID.

According to Texas Representative Sam Johnson (Republican), the main ingredient to making identity theft possible is the SSNs and that the criminals use the Medicare cards of the seniors as a tool.

“Carry your card with you when you are away from home. Let your hospital or doctor see your card when you require hospital, medical or health services under Medicare.” These statements serve as aid to prevent identity theft. This defies the rule that mandates not a single person should ever bring their personal SSN on their behalf. The good news is that the law just solved identity theft by addressing the source.

While this is true however, there are still other ways by which culprits will be able to get your SSN and use it to their schemes. Take note of the following ways where your social security number is most vulnerable and protect yourself in the future.  If you do become a victim of a stolen social security number, here are some steps to follow immediately.

1. Tax Documents

These days, filing taxes through mail is a common practice. If you are among the people who do this, there is a possibility that unauthorized people/entities may have access to your documents containing sensitive, personal information like your SSN. Identity thieves can simply take mail from your mail box during tax season.  They know exactly what they’re looking for and within seconds, they can have your social security number, and possibly even drivers license numbers, phone numbers and your entire identity. In addition to, SSN thieves also execute their crime through phone scams. Fraudsters pretend to be IRS representatives contacting people and convincing them to provide specific information such as the SSN and other documents. Keep in mind that the IRS only communicates through mail. Solution:  Don’t file your taxes via mail.  Ask your tax preparer to e-file or if you do your own taxes, you have this option as well.  Keep the sensitive paperwork out of the mail and the hands of id thieves.

2. Data Sharing

When you stop and think about it, it seems like every agency requires SSN today – from government agencies, real estate companies, insurance firms, and even telephone plan provider. Unfortunately, providing your SSN is something that most people nowadays do not worry about anymore. It is true that a lot of institutions need SSN for their processes. However, it does not necessarily mean that everyone should lawfully have it. For your information, the law states that it is the IRS, healthcare providers, police, banks, and employers which are allowed to require Social Security Numbers and information from you. A few companies, however, may also be permitted but the process must be upon strict compliance with the law. Whenever you notice that there is an option that does not require you to share your SNN information, choose not to share it. This limits the possibility for your SSN details to be obtained by fraudsters.

3. Bank transactions

Clearly, the law allows banking institutions to ask for your SSN information. However, they are mandated to observe and abide by the “Know Your Customer” guidelines. This stops criminals to use the banks for their fraudulent schemes. As a customer, you have the privilege to learn about the measures that the bank adopts in order to secure your SSN details as well as be oriented about their solutions in case a breach happens.

When you know about the typical sources of SSN ID theft, you will be able to protect yourself from it. Safeguard your SSN at all times by keeping your SS card in your safety deposit box or in a safe at home.  Never carry your social security card on your person.  It is not necessary. Furthermore, don’t feel that you are required to share your social security number with anyone.  You can always refuse to provide it if you don’t feel comfortable with the person asking for it.  As always, monitor your credit for signs of fraud or unauthorized use.

Here’s 4 More Tips You Can Use To Keep Your SSN Private

How To Fix Your Credit Yourself

FIXYOURCREDIT

Most people generally believe they don’t have the knowledge or time to properly fix their own credit without the assistance of a professional credit repair service.  In some cases, when there are extreme issues such as multiple charge-off accounts, collections and bankruptcies, a credit repair service may be the best option.  But in many cases, individuals can easily take repairing their credit on with out much difficulty.

All you’re really trying to do is have any negative items or reporting errors removed & corrected on your credit reports.  This goes a long way in helping to improve your credit scores.  Keep in mind, you are not likely to have legitimate negative items such as delinquent payments, outstanding unpaid debts and loan defaults removed from your credit reports before the allotted time for these accounts has expired.  You can however, ask the credit bureaus to remove unauthorized credit inquiries, outdated negative items & accounts from your credit reports.

Learn More About How To Fix Your Credit On Your Own.