Jump to content



Recommended Posts


How to keep safe in a dangerous digital world






Damage control for identity theft

How can I start reclaiming my life?



NEW YORK (Armchair Millionaire) - Dear Armchair Millionaire: I just discovered that my identity was stolen. I'm in a bit of a panic -- what should I do to protect myself?


There's no doubt that identity theft -- when someone uses your personal information such as Social Security, credit card or driver's license numbers to make purchases or open accounts -- is widespread in the U.S. A comprehensive study by the Federal Trade Commission found that there were nearly 10 million victims in 2002. All told, identity theft cost businesses and individuals nearly $50 billion in that one year alone.


Behind these statistics are real-life stories, such as these from the Armchair Millionaire community:


"I have had several credit cards opened in my name. One person ran up a $1,300 bill on one credit card. I have a fraud alert on all my credit reports now." -- Jeff B.


"I have had credit cards that have not been used for some time suddenly appear with balances. I canceled the cards and was not penalized and also asked the credit bureaus to put a fraud alert on my file. I am also checking my charges on the Internet almost daily as this will probably happen again." -- Steve


If you think you've had your identity stolen, follow my checklist of the actions you should take now to recover your good name.

The Armchair Millionaire's Checklist for Recovering from Identity Theft


Get organized. You're going to need to navigate a bureaucratic maze to fully recover from identity theft, so get ready by organizing all your credit- and identity-related information.


File a police report. Include as many details as possible. Get copies of the report to send to your creditors, who may require proof of the crime.


Put a fraud alert on your credit file. Contact the fraud department of one of the three major credit bureaus and ask that a fraud alert be placed on your credit file. This alert requests creditors to contact you before opening any new accounts or making any changes to your current accounts.


As soon as the fraud alert is in place with one credit bureau, the other two will be automatically notified to place alerts on your files with them. The three bureaus are Equifax (www.equifax.com or 888-766-0008), Experian (www.experian.com or 888-397-3742) and TransUnion (www.transunion.com or 800-680-7289).


Fill out an ID theft affidavit. This affidavit is offered by the Federal Trade Commission to make it easier for identity theft victims to document accounts that have been opened or used in your name. Many creditors will request a copy of this affidavit to investigate your claim. You can find a link to the affidavit at www.consumer.gov/idtheft/.


Contact your creditors. Contact the fraud department of each company where you believe your accounts have been tampered with or opened fraudulently. This can include credit card companies, banks and mortgage companies. Report the fraud and close each account. Make your requests in writing, sent by certified mail, return receipt requested, so that you can document what each company received and when.


Follow up. Keep a close eye on your credit report for any new suspicious activity, particularly in the first year after you've been a victim of identity theft. Visit www.annualcreditreport.com to order copies of your credit report from each of the credit bureaus.


THE BOTTOM LINE: With your access to loans, housing or even job opportunities on the line, identity theft is serious business. If you become the victim of ID theft, take the right steps immediately to minimize the damage.


THE ARMCHAIR MILLIONAIRE WEEKLY SURVEY: What are your biggest financial fears? Log on to www.armchairmillionaire.com and let us know.


Lewis Schiff founded the Armchair Millionaire Web site in 1997. His first book, "The Armchair Millionaire," was published in 2001. Today, http://www.ArmchairMillionaire.com is a fast-growing community of common sense savers and investors.




Advice for ChoicePoint victims

5 Tips: Protecting your identity -- and reclaiming it if you were a victim.



NEW YORK (CNN/Money) - Have you seen ChoicePoint in the headlines? What is it anyway? As many as 145,000 consumers may be the victims of identity theft after a company few have ever heard of exposed their personal information to criminals.


Is nothing sacred these days? What do you need to learn from this expose? Here are today's top five tips.

1. Know the story.


ChoicePoint is a personal information clearinghouse that provides insurance companies, employers and the government with information on consumers. The company is making headlines because it put information into the hands of fraud artists posing as legitimate business officials.


The company says the information taken on victims could include: name, address, social security numbers, drivers' license numbers, abbreviated credit reports, bankruptcy filings, professional licenses, and real property data. One Los Angeles woman just filed a lawsuit against ChoicePoint for putting her identity at risk.


How is it that a company has the right to sell your information? It happens often, my friends. However, it often works in our favor. ChoicePoint has more than 19 billion separate pieces on consumers.


The government uses information gathered by ChoicePoint and other databases to monitor terrorist activity, while banks, employers, and landlords use it to run credit checks on you.


It's not always a bad thing that your private information is available to businesses. However, according to Ed Mierzwinski, Consumer Program director at U.S. Public Interest Research Group, it shouldn't be that easy for businesses, especially fraudulent ones, to get consumers' information.


Having your information stolen can really cost you. While you aren't responsible for debts rung up by identity thieves, you will still spend time, energy and money to clear your name.

2. Don't panic.


Chances are you weren't affected. There is no need to panic that your identity was stolen unless you receive a letter from the company. ChoicePoint is sending letters to all those exposed by the end of this week.


Be careful not to toss out any mail before opening it: Apparently these letters are arriving in very generic, unsuspecting envelopes. If you hear nothing, you may be eager to check your credit report anyway. That's fine. But remember, the last thing this situation needs is an epidemic.

3. As a victim...


The letters sent to victims advise them to call ChoicePoint, which has arranged for a dedicated customer service team through Experian to assist in the matter.


The operators will help those consumers order their credit reports from all three bureaus (Equifax.com, TransUnion.com, and Experian.com) and set up a year's worth of credit monitoring and fraud alerts.


By putting a fraud alert on your credit report, the bureau is supposed to notify you when any company tries to access your records. On your part, keep monitoring your reports, as some consumers are not always alerted when a company is asking for their credit files. Additionally, call your credit card companies and banks and ask them to put passwords up to help verify all purchases made are only made by you.


The Privacy Rights Clearinghouse is also advising the 34,114 victims in California to take advantage of their state's law which allows consumers to set a security freeze on their credit reports. No one but you and companies you currently hold credit with can access your files.


Since credit card companies need to access these reports to approve any new accounts, freezing them puts up a roadblock for any identity thief trying to set up 30 credit cards under your name. Californians can put a freeze up for free with a police or authority report, or can pay to do it as an extra precaution on their credit. To find out more information about this law, click here.


Texas also allows victims to freeze their reports, so check out the Texas Attorney General's Web site for information.


If you are a victim and live in neither state, talk to TransUnion, which is the most consumer-friendly of all the credit bureaus. They have allowed identity fraud victims in the past to put a freeze on their reports and may do so for ChoicePoint victims, according to Sheila Gordon, director of Victim Services at the Identity Theft Resource Center.

4. Put up your guard.


None of the victims of this crime could have done anything to prevent it.


"You can only take steps to minimize your vulnerability," according to Jordana Beebe, communications director at the Privacy Rights Clearinghouse, who recommends consumers get off pre-approved credit card lists, invest in a shredder, and keep an eye on their credit reports to avoid day-to-day identity theft. Not all identity theft is done electronically, a lot of these thieves are dumpster divers.


Check your credit reports every six months with the major 3 bureaus I mentioned above. Ironically, the credit bureaus are the ones selling your name to the credit card companies that flood your mailbox with offers. You can opt to get off their lists by calling: 1-888-5-OPTOUT.

5. Talk to the state.


If it hadn't been for California, this whole mess might not have even been exposed, according to Mierzwinski. California law requires businesses to inform consumers when their personal information has been compromised.


While there is talk that some action may be taken on a federal level to further protect consumers, take it to the state too. Talk to your state legislators also about creating a law like California's that informs consumers when they are at risk.




40M credit cards hacked

Breach at third party payment processor affects 22 million Visa cards and 14 million MasterCards.



NEW YORK (CNN/Money) - Over 40 million card accounts were exposed to potential fraud due to a security breach that occurred at a third-party processor of payment card transactions, MasterCard International said last Friday.


"It looks like a hacker gained access to CardSystems' database and installed a script that acts like a virus, searching out certain types of card transaction data," said MasterCard spokeswoman Jessica Antle.


Of the cards involved, 13.9 million were MasterCard-branded cards, which include Maestro and Cirrus, and 22 million were Visa cards, said Visa spokeswoman Rhonda Bentz.


The breach took place at the Tucson office of CardSystems Solutions, a company that processes transactions on behalf of merchants and financial institutions.


As of Monday, MasterCard and CardSystems said that of the more than 40 million accounts exposed, information on only 68,000 Mastercard accounts, 100,000 Visa accounts and 30,000 accounts from other card brands are known to have been exported by the hackers. The data exported included names, card numbers and card security codes.


MasterCard and CardSystems have offered differing explanations of how the data breach was uncovered. MasterCard said its fraud monitoring system identified a series of fraudulent transactions in April. Then, with the help of a member bank, traced the problem to CardSystems Solutions.


CardSystems, meanwhile, said in a statement it identified a potential security incident on Sunday, May 22nd and notified the FBI the next day, and Visa and Mastercard after that.


CardSystems has admitted it was improperly holding consumer credit card data by keeping a file on credit card transactions that failed to receive authorization.


Both MasterCard and Visa have rules prohibiting card processors from saving cardholder information after transactions, and both have said CardSystems violated their policies.


"We were out of compliance and we recognize that file was out of compliance with the association rules," Bill Reeves, CardSystems' Senior Vice President, told CNN.

What's next?


Visa said it would review whether it would continue to work with CardSystems when the case is resolved. MasterCard said that it is giving CardSystems "a limited amount of time to demonstrate compliance with MasterCard security requirements."


For its part, CardSystems said it has taken measures since discovery of the breach to enhance its security procedures.


FBI spokesman Rex Tomb couldn't give more details about the case, saying only that "we're looking into it. But there's nothing more we can say at this time. It's a pending case."


MasterCard said it is giving member financial institutions the specific card account numbers that may have been compromised.


The credit card information exposed in the breach did not include any Social Security numbers, birth dates or other highly sensitive personal data, MasterCard said.


Consumers receive protection if unauthorized charges are made on their credit cards. MasterCard and Visa, for instance, have zero-liability policies.


Bentz said Visa will be monitoring the accounts closely and should know before cardholders if there has been any fraudulent activity. Thus far, she said, "We haven't seen anything outside of the norm."


If ever you notice unauthorized charges on your credit card, you should notify the bank that issued your card immediately.


The breach reported by MasterCard on Friday is one in a long line of breaches reported this year by consumer data aggregators like ChoicePoint, retailers such as DSW and corporations such as Time Warner (up $0.35 to $17.13, Research), parent company of CNN/Money.com.


Rather than a rash of illicit activity, experts say, the slew of reports may have more to do with companies wishing to protect themselves in the wake of a California state law requiring businesses to notify its customers when their personal information has been exposed in a security breach.


Illinois last week became the second state to pass such a law.


Concerned about your ID being stolen? Click here.


To learn more about the companies that profit off your personal information, click here.


Allan Chernoff, a senior correspondent at CNN, contributed to this report.




The hottest celebrity ... viruses?

Software company says Britney Spears is No. 1 name used by hackers to spread computer viruses.



NEW YORK (CNN/Money) - While Britney Spears' pregnancy may be popular with celebrity news junkies, her time in the public eye is also making it a whole lot easier to spread computer viruses.


According to a computer software maker, Spears tops the list of famous people whose names are used in mass e-mail messages to entice readers to download damaging viruses.


A typical scenario would involve a spam e-mail that either contains the virus program as an attachment or includes a link to a Web site that can infect the reader's computer with a Trojan-type virus.


Panda Software, which published the rankings, notes that creators of these viruses often use attractive female celebrities such as Spears, Jennifer Lopez or Paris Hilton or globally known figures such as Bill Gates, who took second place in the rankings. Phony news events surrounding such polarizing individuals as Osama Bin Laden can also lure a reader to click on the virus link.


One of the more recent instances of this mass virus messaging occurred when an e-mail surfaced indicating that Michael Jackson had attempted suicide before a California jury announced his acquittal on child molestation charges on Monday. In that instance, four different types of viruses were sent out through spam e-mails.


In order to prevent falling victim to these attacks, Panda Software recommends keeping your anti-virus software updated.


As for the people who made the top ten, Jennifer Lopez and Shakira took third and fourth place respectively, Osama Bin Laden and Michael Jackson came in at fifth and sixth, while Bill Clinton, Anna Kournikova, Paris Hilton and Pamela Anderson rounded out the list.




Kim Komando



Protect your computer

A firewall is your first line of defense against hackers.



PHOENIX (Komando.com) - It only takes 20 minutes on the Internet for an unprotected computer running Microsoft Windows to be taken over by a hacker. Any personal or financial information stored on that computer is ripe for the taking -- passwords, bank accounts, credit card numbers, and more. A firewall is your first line of defense and it works, so long as it is used properly.


Firewalls hide your computer or network from Internet threats. They can be either hardware or software.


Hackers use programs that roam the Internet and search for open computers. They do this by sending information to IP addresses. If the IP address (the location of your computer) is unprotected, a message is sent back to the hacker. The hacker then knows your computer can be infiltrated.

Hardwire firewalls


Hardware firewalls prevent this from happening by only accepting requested information. For example, every time you type in a Web address or access the Internet, you are requesting information. If you type in my home page (www.komando.com), a request is sent to my Web site's server.


The server acknowledges the request and sends the information, and your computer displays it. Since your computer made the request, the firewall lets the information through.


This is a great first step to protecting your computer, but it's not enough. What happens if a malicious program gets onto your computer and requests information without you knowing it? Trojans can be downloaded with a free program, or they can get onto your computer via an e-mail attachment. A hardware firewall won't stop them because your computer is initiating a request.

Software firewalls


That's where a software firewall comes in. It alerts you with a pop-up message whenever a program tries to access the Internet. If it's a valid program, such as Internet Explorer or Outlook, you tell the firewall to allow access. If it's an unknown or suspicious application, you can block it.


This can get confusing. You'll be amazed at the number of programs that need Internet access. Sometimes, your music player needs access to online databases when playing CDs or MP3s. Other programs automatically log onto the Net to check for software updates.


After installing a software firewall, you'll initially get bombarded with messages. If you recognize the program name, grant it access. If you don't, deny access and then look up the name on the Internet.


There are a number of free and pay software firewalls. Windows XP has a built-in firewall. This firewall works much like a firewall on a router. It's able to shield your computer from hackers trying to get in, but it does nothing if you have a Trojan trying to get out.

Firewall recommendations


So I recommend a good third-party firewall. Several companies market free for personal use software firewalls, including Agnitum's Outpost and ZoneLabs ZoneAlarm. Firewalls are also available from McAfee and Symantec for under $50.


Mac OS X has a built-in firewall similar to the one included with Windows XP. If you want something better, check out offerings from Intego ($59.95) and Symantec ($69.95). So far, Macs have not been targeted like Windows machines, so the situation there is much less dire.


Firewalls are just one part of a bigger equation in computer security. You still need anti-virus software, and Windows updates. All work in tandem to keep the predators out.




Kim's Log





Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...