To Catch a Thief?
So a couple of nights ago I was watching Dateline NBC about the significant increase in identity theft and/or fraud in the past year. For as long as I can remember the public has been blanketed with scary stories of consumers whose lives were ruined because someone took over their financial identity. You’d think that consumers would listen to the warnings and take the appropriate actions to protect themselves. Well I don’t think it is working. According to the United States Secret Service, “It happens once every 4 seconds, thousands of times a day, millions of times a year": That’s how many times experts estimate there’s a phony charge made with a stolen credit card number.
That number is staggering to me given the fact that we all know we need to be extremely careful with our personal informaiton. So instead of simply ripping up credit card applications or shredding them, we need to be cross cutting them with a professional shredder. I’ve seen demonstrations where ex-cons will piece back together torn or single shredded applications back together and send them in; only to have the credit card company send them a brand new credit card within 1-2 weeks.
Dateline wanted to find out a couple of things during their investigation. 1)How much does your personal information sell for on the black market? Let me tell you I was shocked. At any given time there are hundreds or possibly thousands of people selling consumer information (which ultimately leads to financial fraud) for as little as 5 bucks. Yes, you heard me right! Thieves can enter a online chat room and buy a stolen credit card for the same price as a Starbucks coffee. 2)Once your credit card information is stolen how long does it take for a thief to use it and max it out? Again I was astonished...Less than 12 seconds after purchase on the Internet the card was used illegally. And in less than 10 minutes it was maxed out!
Given this information, you’d think that people would finally get the hint that this is a very serious issue that is bound to get worse. With the increase of computer malware released onto the Internet whose sole purpose is to steal consumer information and evade traditional security solutions the possibility of someone compromising your information is not small. Does this mean we need to be paranoid about being online? Does it mean we need to burn our trash to ensure that nobody can do us harm? While I think some good can come from being overly cautious, it is not an ideal solution and we can’t be afraid to do the things we like to do online and this just lets the bad guys win.
So what can we do? Well we all know (or you should) that to be protected online you need basic anti-virus, anti-spyware, firewall, and anti-phishing protection. EarthLink offers this to all of our customers for free via our Protection Control Center. And for an extra-layer of protection, I recommend upgrading to the Attack Shield functionality. Attack Shield protects you from the most advanced forms of malware that are able to fool traditional security measures because they are polymorphic (the ability to hide, and change their identity to appear harmless). Attack Shield monitors your system for bad behaviors and is able to remove malicious code without the need for scanning or the need for updated definitions. This revolutionary technology used in conjunction with traditional protection methods give you unparalleled protection against known and unknown threats. Consumers must also take responsibility in that they shouldn’t be clicking on attachments from people they don’t know, nor should they EVER respond to emails that ask for them to update their personal accounts, or personal information. Reputable companies DO NOT ask their customers to update information in this way. If you’re ever in doubt about whether an email is legitimate or not, you should call the company in question and ask.
In the offline world the same precautions should apply. Don’t give out your personal information unless you know with 100% certainty what that information will be used for and why. If you shred your documents, make sure you get a cross cut shredder and not just a single cut type. This will ensure that your documents are impossible to piece back together.
Identity Theft will continue to increase as the criminals get smarter and their technology more advanced. This coupled with the fact that consumers are easily fooled or too trustworthy only compounds the problem. I’m interested to know what you all think should be done to protect your personal information? Should the government step up investigations into this type of crime? Should the banking industry band together to come up with a universal solution?
Comments
Great writeup, Ben. I recently used my Visa Card at a gas pump. The pump's user interface asked if the card was a debit or credit card; once I confirmed it was a credit card, it asked for my zip code (the credit card billing zip code). The reason, of course, is to filter out credit card thieves who may not (but may) know this additional information -- similar to the request for the three number code on the back of the actual credit card. Over time, I think we'll see stronger variations on this approach - especially for online credit card transactions. A request for a password (maybe even a stronger, RSA-type SecurID/constantly-changing password) is another option.
Posted by: Todd Ague | April 4, 2007 4:40 PM
There is real help for Identity theft There will be a show on Saturday Sept. 29th at (11am Eastern)( 10am Central)( 9 am Mountian)( 11 am Pacific) time on Court TV(check your local listing) it will be a documentary everyone needs to see about the legal revolotion thats taking place in this country (and Identity Theft Protection)the show is called "JUSTICE FOR ALL"
Posted by: Tina Hester | September 18, 2007 11:27 AM