Credit
Card Theft & Your Identity
Criminals know the way
to steal your identity, and the worst part is that it’s not all
that difficult. You know all those credit card
applications you get in the mail? If you don’t shred
them, they can use that to steal your
identity.
It’s not above them to
sift through garbage just to obtain a social security number or
a driver’s license number. Once they have these vital
bits of information, it’s easy for them to steal your
identity.
What they will do is
scary. They will apply for credit cards in your name and
max them out within days. They will obtain loans in your
name and never make a payment. Then the loan company
comes after you for the money. It’s something that
affects millions and millions of people each year and it can be
a real mess when it comes to your credit
report.
As many as 85 percent of
all identity theft victims find out about the crime only when
they are denied credit or employment, contacted by the police,
or have to deal with collection agencies, credit cards, and
bills.
A study on the aftermath
of an identity theft by the non-profit Identity Theft Resource
Center found that victims spend 600 hours recovering from the
crime because they must contact and work with credit cards,
banks, credit bureaus, and law enforcement. The time can add up
to as much as $16,000 in lost wages or
income.
The number of reported
cases of identity theft is increasing steadily. There is no one
reason for this, but rather this is due to several ways in
which our lives have changed in recent years, all of which make
it easier for people to obtain our personal
information.
In the United States,
Social Security numbers are used more commonly as a means of
identification. The Internet has made the transmission of
personal information easy and, at times, less secure. Online
retailers store our credit card information and contact
information in databases we assume to be
secured.
Marketing databases not
only contain personal information, but they aggregate
information on our spending habits as well as contact
information. But potentially nefarious employees of these
companies could have access to that information. They can then
sell it online in chat rooms where criminals meet to swap
information.
Even in the days of
e-mail and instant messaging, the postal mail can also play a
surprising role in identity theft. Checks can be stolen from
the outgoing mail. Credit card companies bombard their
customers and potential customers with pre-approved offers that
need very little personal information to
complete.
Credit card issuers also
send what they call "courtesy checks" to customers who can use
them to make charges on a card. Many experts consider them an
invitation to identity theft.
One of the increasingly
common ways that criminals try to obtain personal information
is by using what is called a "phishing attack." If you have
e-mail, the chances are good someone has tried to get you to
bite.
Phishing combines a
criminal attempt at obtaining personal information with another
plague of the Internet age — spam. Potential victims receive an
e-mail from what appears to a bank, an online payment company
like PayPal, or a retailer like eBay or Amazon.com. The message
is usually sent using HTML e-mail and, when opened, uses
company logos and symbols to make it appear to be
legitimate.
The e-mail asks the
receiver for user names, passwords, account numbers, or some
other type of personal information by saying they are updating
records or something related to their account requires their
attention. The e-mail usually links to a site that also appears
to be legitimate using logos and other symbols of a real
company, where visitors are asked to supply the
information.
The first step to avoid
becoming the victim of a phishing attack is to know what
companies do business with you by e-mail and familiarizing
yourself with the types information they request and how they
request it.
What you will likely
learn quickly is that, while online retailers you frequent and
financial services firms you use online often send you e-mail
to make you aware of new products or services, or even to alert
you when your online bill is ready to be viewed, they rarely if
ever ask for any information from you.
Banks and financial
services firms will never ask you for any personal information
via e-mail because e-mail can be notoriously insecure. So any
e-mail asking you for personal or account information, such as
passwords, Social Security numbers, PINs, credit or check card
numbers, or other confidential information should be deemed
suspicious.
Often the sender of a
phishing e-mail may appear to be legitimate, but e-mail
addresses are easily spoofed. Just look at the amount of
spam you probably get that appears to be from friends,
co-workers, or even yourself.
If a phishing e-mail
directs you to a link using an HTML e-mail, the text of the
link may appear to be legitimate, but following that link often
brings you to a Web site where the URL (in your Web browser's
location bar) is often an IP address (basically numbers
separated by periods, like 128.0.0) or a site other than the
institution you think sent you the
e-mail.
Often a sense of urgency
is conveyed in the e-mail, such as an alert saying your account
will be closed if you don't provide information. Take a moment
and don’t fall for this.
A close look at the body
of the e-mail itself may reveal typos, misspellings, or
horrendously poor grammar. One reason for this is that many
phishing attacks are launched from overseas, and many are
believed to be related to international organized
crime.
Despite all the attention
phishing has received of late, there remains precious little
enforcement of the widespread problem and there are simply too
many attacks to handle. It is an easy buck for online
criminals.
We already covered many
of the ways you can detect a phishing attack, but there are
several simple steps you can take to keep your private
information safe that bear discussion. Experts say that
educating consumers not to follow links in e-mails is a good
way to help them avoid phishing attacks. Rather than following
a link in an e-mail, open a browser and go to the site of the
retailer or bank in question.
When submitting personal
information like credit card numbers, you can ensure you are
using a secure connection by looking for "https://" in front of
the site's location on your browser rather than
"http://."
Speaking of your browser,
make sure it is up to date with the latest security patches. If
you use Microsoft's Internet Explorer, visit WindowsUpdate.com
to see if you need any updates.
Here are some simple
software tools you can use to help guard against online
identity theft:
-
CoreStreet
makes a free product called SpoofStick. It's a
browser extension for both the Internet Explorer and
FireFox Web browsers that helps users avoid spoofed
Web sites. If you do follow a link in a suspicious
e-mail, SpoofStick can tell you if the Web site you
visit really is the Web site you think you are
visiting.
The EarthLink toolbar,
which is also free to Internet users, has a feature called
ScamBlocker. EarthLink keeps a database of known phishers, and
if you visit a page known to be operated by a phisher it will
alert you right in your browser.
Unfortunately, correcting
your credit report when you have become a victim of identity
theft is no easy proposition. But with some patience and
a lot of work, you can recover from identity theft and restore
your credit report.
Identity theft can result
in damage to your credit rating - damage that could take years
to fix. Generally, victims of credit and banking fraud
are liable for no more than the first $50 of the loss. In many
cases, the victim will not be required to pay any part of the
loss.
To reduce your risk of
identity theft, protect personal information and do not carry
your Social Security card with you. Shred items that
contain your personal information and account numbers.
Keep your mail safe and store your personal information in a
safe place. Order your credit report at least once a year
to make sure no one is using your identity to open
accounts.
If you think your
identity has been stolen, take the following
steps:
-
Armed
with your police report, FTC affidavit, and sample
letters, you
must contact your creditors to alert them to the
situation. In addition to obvious creditors like
your credit card issuers, don't forget utility
companies, wireless phone provider, and your
ISP.
Also remember any private
label credit cards to department stores, for example. Don't
forget about other personal documents. If your passport was
stolen, for example, or if you have reason to believe someone
is using a passport in your name, contact the State
Department.
When you are trying to
correct your credit report due to identity theft, you will have
to provide information that proves you are you. That
means digging out your birth certificate and making a lot of
copies of your driver’s license and social security card.
You’ll also have to try and prove that you didn’t make the
purchases that the thief or thieves
did.
When you have become a
victim of identity theft through phishing, this becomes a real
problem as these purchases can be made anywhere with a few
strokes of the keyboard, so proving that the purchases were
made by someone other than you can be a real
headache.
Just try to be patient
and point out to the company or companies who say you owe them
money that you have filed a police report as well as a report
with the FTC and that you have been a victim in other places as
well.
As we’ve said, it will
take time, but it can be done. Your credit rating and
credit score is very important, so taking the time to do will
pay off in the long run. Realize that in the long run,
you’ll be able to enjoy good credit
again.
Even if you are denied
credit, you can appeal the decision by pointing out that you
have been a victim of identity theft and are trying to correct
it.
| 