Protecting Yourself Against Tax Identity Theft

CSIDEvery year, tax season gives way to a fresh wave of identity theft-related crimes that affect millions of Americans. In 2015, the U.S. Federal Trade Commission tracked a whopping 47% increase in identity theft complaints. Tax refund fraud was a major contributor to this spike, with FTC Chairwoman Edith Ramirez naming tax refund fraud as the “largest and fastest growing ID theft category” tracked by the commission.

Tax-related identity theft crimes involve thieves using stolen Social Security numbers to file tax returns and cash in on refunds. Tax identity theft victims usually discover the crime when their returns are rejected because scammers have already filed. It’s important to note that even those who are not required to file a return can also fall victim to return fraud. Similarly, even if you’re not owed a refund from the IRS, you are also at risk for these crimes.

Although the IRS reported that their public-private partnership crackdown efforts have helped prevent millions of dollars in fraudulent reports in 2016, there are steps that individuals should take to help reduce the likelihood of tax identity theft:

  • File early: The best way to avoid falling victim to tax identity fraud is filing your state and federal taxes as soon as filing season begins. This usually falls on the second or third week in January.
  • Watch out for tax documents in the mail: Usually, employers and banks will send hard copies of tax documents in the mail, noting “tax documents enclosed” on the envelope. This is an easy target for identity thieves, but can be avoided by having your mail delivered to a mailbox that locks, a P.O. box, or by simply checking your mail frequently.
  • Safeguard your Social Security number: Any vulnerability to your SSN can result in fraudulent tax crime. Some best practices for protecting your SSN are shredding documents that include the number, only sharing on secure documents when required, and keeping your Social Security card in a safe place. If you believe your SSN is at risk, there are monitoring services available that will alert you if a fraudulent name or address has used it.
  • Beware of phishing scams: The IRS saw a 400% increase in phishing and malware incidents in the 2016 tax season. These scams, conducted via email or telephone, are disguised as official communications from the IRS, tax software companies, and other tax companies. The scammers ask for personally identifiable information like SSNs. The IRS does not initiate contact with taxpayers by email, text messages, or social media to request personal or financial information. If you encounter a phishing scam, report it to the IRS.
  • Request a free copy of your credit report annually: Consumers are legally entitled to a free copy of their credit report from each of the major bureaus every year, which include Experian, Equifax, and TransUnion. Proactively disputing unauthorized or suspicious activity is one way to get ahead of potential identity theft. The three national credit reporting companies created a central location for ordering credit reports, which you can do by visiting com or by calling 1-877-322-8228.
  • Data breaches and your taxes: If you’ve fallen victim to a data breach where your SSN was compromised, it’s likely that this information could be used to file a fraudulent tax return. The FTC recommends that data breach victims notify one of the three major credit bureaus to place a free fraud alert on credit files. Another recommended step is a credit freeze, which prevents access to credit records. In some cases, the IRS may contact breach victims to inform them of tax-related identity theft or if an e-file tax return was rejected as a duplicate. In these instances, submit IRS Form 14039 (see below), and continue to file your tax return.

Victims of tax-related identity theft should respond immediately to notices from the IRS that indicate fraudulent tax activity. You can contact the IRS Identity Protection Specialized Unit to report fraud at 1-800-908-4490. It’s also worth filing a police report or an IRS ID Theft Affidavit Form 14039, along with proof of your identity like your Social Security card. Record the dates you made calls and keep any copies of letters you sent, along with all tax documents and IRS notices.

Proactivity is key when combating any instance of identity theft. If you’ve experienced tax identity theft and want to share any lessons learned, join the conversation on Facebook, Twitter, and LinkedIn.

By | March 7th, 2017|Identity Protection|0 Comments

CSID at SXSW 2017

CSIDEvery year, hundreds of thousands of people come to Austin to attend South by Southwest. This technology, film, and music conference and festival brings together some of the brightest minds in innovation from around the world. We’re looking forward to another opportunity to weigh in to the conversation and will be participating in a range of security-focused sessions at this year’s event, which kicks off March 10.

CSID will be hosting a workshop and a solo session at the conference to share our expertise on two topics that have become increasingly prevalent in today’s cybersecurity climate. CSID’s very own Joel Lang will be co-hosting a breach response workshop and giving participants the hands-on opportunity to learn best practices in risk mitigation and breach response through a live simulation. This interactive workshop will take place at 9:30am on March 11 at the Westin Austin Downtown in Continental 2. Don’t forget to RSVP to this workshop. To RSVP, you must sign into your SXSW account and have your badge linked to your account on social.

Additionally, our Chief Innovation Officer, Adam Tyler, will be speaking about the new face of cyber crime, showcasing through a live demonstration how younger individuals get involved in cyber crime, and how consumers can help defend against growing threats. You can catch Adam’s session at 3:30pm on March 15 at the JW Marriott in Salon 7.

If you’re attending SXSW, we’d love to see you at our sessions. Check out some of our other top picks below that are sure to offer unique insights into the latest threats and opportunities in the security landscape. Unable to attend this year’s conference? You can join the conversation at @csidentity where we’ll be on-site and live tweeting from our panels and other sessions throughout SXSW.

The Future of You: Identity Tomorrow
Saturday, March 11, 11:00 am, JW Marriott, Salon 8
In the future, your digital ID may replace all your current forms of identification. These ID experts discuss the current state of web identity from business to consumer, and dig into the important advancements that are being made to build your future identity. Who will own your ID in the future? Why will it become so important for your future digital existence? Is the future of ID centralized and managed by governments, or distributed and trust-less like block chain? What do you need to know to protect yourself in this new digital Domain?

A New Normal: User Security in an Insecure World
Monday, March 13, 3:30 pm, JW Marriott, Salon D
Online security is becoming a game of Whack-a-Mole, where one threat is contained while another emerges; where a credential dump of millions of users is yet another note in a chorus of breaches. Today, complete security is somewhat of a pipe dream. Given this new normal, how do we keep our information as secure as possible? This diverse panel will navigate the evolving challenges to online security and question conventional wisdom around security across industry and sector–to understand the economics of a seemingly chaotic online world and to illuminate unexpected trends.

Connected Cities, Hackable Streets
Tuesday, March 14, 12:30 pm, JW Marriott, Salon 6
In cities around the world, street lights, public transit systems, and electric meters are already connected to the Internet. Soon, smartphone controlled, self-driving cars will roam cities and every part of the urban fabric could be Wi-Fi enabled. While tomorrow’s smart cities will usher in efficiencies and convenience, they’ll also bring about security threats and vulnerabilities. Hackers have already demonstrated they can remotely take over cars and switch off traffic lights. So, how can urban planners and engineers build cities of the future that are resilient enough to guard against cunning criminal hackers who may want to bring Singapore or San Francisco to a grinding halt?

Biotechnology Needs a Security Update
Wednesday, March 15, 12:30 pm, JW Marriott, Salon 6
Great leaps forward in biotechnology have made the IT-based manipulation of life increasingly easy. To many, biotech offers unparalleled opportunities to reshape our world and ourselves. To others, it poses significant threats. As human systems are better understood and life becomes more programmable with CRISPR and other technologies, governments need to prepare for a new age of biosecurity. Join experts from industry, FBI, and academia who work with hackers, sociologists and politicians to tackle the security challenges of the emerging bioeconomy. Explore real opportunities and threat profiles of modern and future biotech, and why life on earth may soon need a security update.

SXSW 2017 is sure to be full of enlightening conversations and ideas. In our new Firewall Chats bonus episode, we take a deep dive into a handful of SXSW sessions and their application in the current cybersecurity landscape. As always, feel free to join the conversation on Facebook, Twitter, or LinkedIn.

By | February 24th, 2017|Uncategorized|0 Comments

Introducing Family Account Management

CSIDWe’re excited to announce Family Account Management: a new feature available for our partners that makes it easy for their subscribers to extend identity protection services to family and friends.

Family Account Management allows our partners to offer quick and easy enrollment, enabling new subscribers to opt in to a family plan by inputting family or friends’ email addresses within their portal. Subscribers can invite anyone of the age of 18 to join. Every family has different security needs and preferences. This feature offers plan options that can be configured to match the primary subscriber’s current enrolled services, or customized to include a set of services that best suits each family’s needs.

The Consumer Sentinel Network, a division of the Federal Trade Commission, reported over 1.2 million fraud-related complaints in 2015. With identity fraud on the rise, we need to be more vigilant than ever before and take steps to improve our own security and the security of our loved ones. We all have unique identity elements, including birthday, email address, and Social Security number, and monitoring one person’s identity elements won’t minimize risk for other family members. That’s why Family Account Management is so important, allowing subscribers to extend coverage for what matters most – family.

“Families are more connected than ever before, but with more ways to stay connected, there are new threats putting families at risk of identity theft,” said Joe Ross, CSID President and Co-Founder. “With Family Account Management, businesses can provide their subscribers with an easy and convenient way to extend identity protection services to their loved ones.”

For more information on Family Account Management, visit our Marketing Support page and stay up to date with all CSID news on FacebookTwitter and LinkedIn.

By | February 10th, 2017|Product News|0 Comments

Tips for Staying Secure on Social Media

CSIDWe recently celebrated Data Privacy Day, where industry leaders and experts shared security insights to help businesses and individuals protect themselves from cybercrime. Social media was a big focus throughout the day; in fact, Twitter celebrated by live streaming from its headquarters, hosting panels with some of the top minds in the industry. As social media continues to become more popular, there are new cybersecurity concerns to consider. Information that is shared on social media can be used to access other, more sensitive accounts – especially if that information is the answer to a password reset question, such as the name of a first pet or favorite teacher. Individuals and businesses alike can take basic precautions to minimize the risk of their information becoming compromised.

Social media networks are doing their part to keep their users’ information secure. Facebook just announced its updated “Privacy Basics” tool, which makes it easier for people to find the tools that control how their information is shared on Facebook. Twitter also updated their safety policy at the end of last year, allowing users to mute or report abusive or hateful content, even allowing bystanders to step in to report questionable content.

While we love seeing social media platforms upping their security, the responsibility ultimately falls on the individual to check out the privacy settings offered across platforms and use caution when sharing information. Here are a few tips and best practices to consider:

  • Facebook offers a Privacy Checkup, which walks users through their settings. The checkup reviews who can see your posts, which apps you’re using, and the privacy of critical pieces of information on your profile.
  • Turn on two-factor authentication. Many networks, including Facebook and Twitter, offer the option to have a security code sent to your phone whenever you log in from a new device. It’s a quick, convenient extra measure of security.
  • If you go on vacation, it’s tempting to share photos of your experiences as they happen. However, it’s best to wait until you’re back home to post. Otherwise, you’re alerting a potential cyber criminal to the fact that you’re away. An empty house is a much more attractive target for a thief.
  • While you’re at it, it’s worth turning off the geotagging feature of your networks. When you’re posting, there’s an option to share your location. Make sure that icon is unchecked, or people will know exactly where you are when you post. If you’re at home, they now have your address. If you’re out and about, they now know your home is unoccupied.
  • Keep your social media bios free of personally identifiable information. You can also remove the year from your birthday, and refrain from sharing other information like your mother’s maiden name or high school mascot, since they often serve as password reset questions to your online accounts.
  • When your favorite social media app offers an update, do this as soon as possible. Many updates fix bugs and potential vulnerabilities, so it’s worth taking the time to do it, even if it means waiting a few minutes before being able to log in.

What other tips do you have for staying secure on social media? Join the conversation on Facebook, Twitter, or LinkedIn.

By | February 2nd, 2017|Online Safety|0 Comments

Secure Your Information for Data Privacy Day

CSIDOn January 28, cybersecurity experts around the world will recognize Data Privacy Day. With efforts led by the National Cyber Security Alliance, Data Privacy Day invites industry leaders and experts to share security insights that can help safeguard businesses and individuals from cybercrime. CSID is proud to be a registered champion of the international event.

On Thursday, Data Privacy Day was celebrated with a daylong event featuring TED-style talks, interviews and tips for staying secure. The National Cyber Security Alliance traveled to Twitter’s San Francisco headquarters, where consumers and businesses were able to watch and engage in real-time through social media.

Practicing secure habits at home and in the workplace can and should happen every day. Here are some of our top tips:

At Work:

  • Create a culture of cybersecurity by discussing threats and best practices with all employees.
  • Develop a “Bring Your Own Device” policy for your company. Be sure to include insights and standards from your IT department, risk management, and legal counsel.
  • Require your employees to create long, strong, and unique passwords. Encourage employees to take advantage of two-factor authentication wherever possible.
  • Require your employees to update their software on devices whenever prompted to help address security vulnerabilities.
  • Be mindful of how you collect, use, and store employee and consumer information.
  • Carefully vet partners and third-party vendors to see how they manage data.

At Home:

  • Discuss security and privacy habits with your family. It’s never too early (or late) to create an ongoing conversation about best practices.
  • Talk to your family about which types of information should be kept private, both online and in-person.
  • As a family, create strong passwords, especially for social media accounts.
  • Discuss how spam and scams can appear through email and private messages. Avoid clicking on links if a message seems suspicious or you do not know the sender.
  • Familiarize yourself with your child’s gadgets and apps. Understand the data collected and consider the privacy settings on each device. Always opt for the strictest security settings to help keep your – and your child’s – information safe.
  • Talk about the permanence of posting to social media, as well as manners and cyberbullying.

How will you celebrate Data Privacy Day? Share your experience with us on our social media — Facebook, Twitter and LinkedIn. For more information around Data Privacy Day, please visit stopthinkconnect.org.

 

 

 

 

 

 

By | January 26th, 2017|Online Safety|0 Comments

Small Businesses Will Remain a Target in 2017

CSIDAs we enter 2017, small businesses remain a prime target for hackers and criminal schemes. Last year, countless headlines reported on nationwide DDoS attacks, complex ransomware, and repeated hacks. These attacks, as well as phishing attempts, malware, and even simple human error, can compromise a thriving business – regardless of its size.

In our own survey, we found that while the majority (58 percent) of small businesses know to be vigilant and proactive about cyber attacks, most are not taking proactive measures to combat these threats. These companies are also not allocating budgets for risk mitigation and response services. The reason is surprising. Of the companies we surveyed, 51 percent were not aware that they were storing at-risk data, although many were collecting email addresses, billing addresses, Social Security numbers, and credit/debit card numbers. This data, belonging to customers and employees, can be easily compromised by malicious activity.

Last year, to help businesses of all sizes and stages protect their sensitive information, we launched our white-labeled Small Business Monitoring product. This service includes two features: Defense and Restoration.

To help defend against threats, our proprietary dark web surveillance technology, CyberAgent, monitors for compromised business information and alerts the business if we find a match to employee credentials, company URLs and domains. If compromised, users will have access to our CSID specialists who can assist with restoration for a wide range of identity theft types. Our case workers are CITRMS, FCRA, and FACTA certified.

This year, take action to help keep your business, employees, and customers safe from cyber threats. To learn more about our small business product, visit csid.com/sb.

To stay up to date with all CSID news, be sure to follow us on Facebook, Twitter and LinkedIn.

By | January 20th, 2017|Business Security|0 Comments

Unlocking the Power of Data to Change the World

As part of the Experian family, we’re excited to participate in their #ExperianStories campaign with a story of our own.

For more than 10 years, we’ve had the immense privilege of developing innovative solutions to help businesses and consumers address growing threats related to breach and identity theft. We started in 2006 with four founders and now have more than 180 employees, offices in four different locations around the globe, and products spanning both credit and non-credit identity monitoring solutions.

We believe that harnessing the power of data plays a critical role in protecting consumers, businesses and society against growing cyber threats. The identity protection services we provide to businesses mine the dark web to alert consumers to instances where their identity may be at risk, empowering them to respond quickly and mitigate the impact of identity theft. Our access to this data and intelligence allows consumers to take a more proactive approach to protecting their identity.

Beyond the technology services we provide, we also believe in making the world a better place in other ways: through our culture and our people. We’ve maintained a long-standing tradition of giving back to and supporting the community in ways that make a positive impact. In fact, it’s been core to our culture since we started the company and remains a central part of our mission. We offer a variety of service opportunities for our employees throughout the year and encourage them to get involved in with organizations and causes for which they are most passionate.

Throughout the last 10 years, we have partnered with fantastic local organizations like Lifeworks, Operation Blue Santa, the Sustainable Food Center, and Girlstart. Just last month, we spent an afternoon sorting, bagging, and wrapping presents for families in need for Operation Blue Santa. It was an incredibly moving experience and we were glad to play a small role in spreading some holiday cheer. We look forward to deepening our relationships with these organizations, and volunteering with others, in the year ahead.

We’re fortunate to have a company where our people are moved by the power of data and technology to change the world – and are ready to volunteer their time to make the world a better place. You can find out more about why giving back goes hand-in-hand with CSID culture on our site.

Join in on the conversation by sharing your story and tagging #ExperianStories and follow along with all CSID news on Twitter, Facebook and LinkedIn.

By | January 12th, 2017|Company News|0 Comments

Resolutions for a More Secure 2017

CSIDLast year is in our rearview mirror, and we’re moving full steam ahead into 2017. It’s around this time that people start focusing on their New Year’s resolutions. One resolution that should be on everyone’s list: improving personal online security. With the right resolutions, you can help minimize the risk of your information being compromised online.

Resolve to Use Strong Passwords and Update them Regularly
A quick look at the most common passwords from 2015 reveals a list that lacks complexity. The two most common are “123456” and “password,” with other easy-to-guess passwords like “football” and “abc123” high up on the list.

Yes, these passwords are easy to remember, but that also means they are easy to guess. Make a promise to yourself in 2017 that you won’t use your name (or a family member’s name, including pets) or birthday (or a family member’s birthday) in your passwords. Use long, strong, unique passwords with a mix of numbers, letters, and special characters. A technique that could help if you can’t think of anything is to start at a key on your keyboard and draw the shape of a letter. For instance, beginning at the “X” key, your password could be XdR5TgY&UjM, which makes the shape of the letter “M.” The end result is a password that’s difficult to crack but easy to remember.

Creating a strong password is the first step. To take your security even further, keep that password updated regularly – that means changing it every three to six months. Additionally, don’t reuse passwords across multiple apps and sites. Together, these steps will reduce the risk of your information being accessed.

Resolve to Think Before Clicking
Have you ever received an email or a link from a company or a person you knew, but something just seemed a little bit off? Maybe a word was misspelled, or the language just didn’t sound like it normally does. It’s possible the email was a phishing scam. Before you click on something that looks suspect, visit the sender’s website directly or give their customer service a call. And if the link was sent from a friend or colleague, pick up the phone and confirm they actually sent it themselves.

Resolve to Be More Proactive – And Make Your Devices Act Accordingly
Enabling two-factor authentication or setting up monitoring services can further bolster your protection. It’s always a good idea to keep an eye on your credit card and bank statements. If there’s a charge that looks unfamiliar, contact your credit card company or bank. Many credit card issuers give users the option of opting in to alerts if something seems out of the ordinary. It’s very easy to set these alerts up, and they’re incredibly helpful in keeping an eye on your data and sensitive information.

With these resolutions, you’ll be doing your part to make this year more secure. Another great resolution is to educate others: help a family member set up monitoring services, or encourage a friend to update their passwords. Together, we can help minimize the risk of cyber attacks.

Do you have any other cybersecurity resolutions for 2017? Share your tips with us on LinkedIn, Facebook and Twitter.

By | January 6th, 2017|Online Safety|0 Comments

2017: The Evolution of the Password, IoT Threats and Other Predictions

CSIDFor both consumers and businesses, 2016 was a big year for cybersecurity. As we predicted at the beginning of the year, large-scale breaches continued to dominate the headlines and the Internet of Things (IoT) became a growing source of security concerns. But as the year comes to a close, it’s time to look to the future. Here are the trends we predict will shape the cybersecurity industry during the year ahead:

Consumer Password Practices: Same Problems, New Solutions
Poor password use continues to plague consumers, leaving them vulnerable to attack. With the volume of breaches increasing, it will be more important than ever for consumers to use long, strong and unique passwords across accounts. If any of your passwords made it on to last year’s list of “Worst Passwords,” you should take care to update now. Consumer adoption of biometric authentication will also increase, not only across traditional financial accounts, but other apps as well, as we saw with Google’s Trust API earlier this year.

IoT Threats Will Begin To Take Shape
IoT threats, once somewhat abstract, will start to become very real as more devices are connected and as consumers and businesses start to participate in the resulting connected ecosystems. Recent DDoS attacks in 2016 showed us that the IoT is, and will continue to be, a valuable tool and target for cyber criminals. The security industry, businesses and consumers will need to come to together to tackle IoT security – from education to product development.

BYOD Brings News Era of Workplace Threats
With evolving workplace cultures – including a rise in work from home and bring your own device (BYOD) policies – we’ll start to see a new era of threats facing businesses. Companies will need to prioritize building a BYOD policy in partnership with IT, risk management, and legal counsel. They’ll also need to educate employees on security best practices, like creating strong passwords and updating the software on their devices, to ensure all employees understand their role in protecting the business.

Hollywoodization of the Hacker Brings Mainstream Awareness
With shows like Mr. Robot gaining mainstream, loyal followings, we’ll see a new level of fascination with hacker culture and cybersecurity, especially from younger individuals, who are more digitally connected than any previous generation. Consumer interest in cybersecurity, along with attacks in the headlines, will drive popularity of these shows and start to blend entertainment with education.

Ransomware Will Threaten Hospitals And Other Enterprises
Hospitals and other healthcare organizations will be among the most vulnerable for attack, as moves to digital – including the shift to electronic health records (EHR) and launch of mobile applications – will introduce valuable targets for cyber criminals.

Have your own 2017 security predictions to share? Weigh in with us on FacebookTwitter and LinkedIn.

By | December 27th, 2016|Online Safety|0 Comments

How Consumers Can Respond to the Yahoo Breach

CSIDYahoo recently disclosed that it has discovered a breach of more than one billion user accounts that occurred in August 2013. This is believed to be a separate attack from the breach Yahoo reported in September.

Bob Lord, chief information security officer at Yahoo, said the stolen user account information may include names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers. Whether or not you have a Yahoo account, this is a great reminder to make sure you’re following best practices when it comes to your online security.

Create Strong Passwords
Take a look at the most common passwords from last year and it’s a canvas of simplicity. “123456” and “password” are the two most common, with other easy-to-guess passwords like “football” and “abc123” high up on the list.

While these are easy to remember, they’re also quite easy to guess. Refrain from using your name, birthday, or pet’s name in your passwords; instead, use long, strong, unique passwords with a mix of numbers, letters, and special characters. Don’t reuse passwords across multiple apps and sites and also be sure to update your passwords regularly – it’ll help further protect your information from being accessed.

Stay Updated
When your computer or an app asks if you’d like to update to the latest version, do you typically ignore it, or click “Remind Me Later?” Get out of that habit – those updates are there for a reason. Developers are constantly fixing bugs and adding security adjustments and patches to make your devices safer.

Keep an Eye out for Phishing Scams
Phishing scams often come in the form of a fraudulent email message. Though they can occur at any time, they’re even more prevalent during the holidays, with cyber criminals sending what appears to be a legitimate offer. Avoid clicking on links or downloading attachments from suspicious emails, especially if you don’t know the sender. Be wary of emails that ask for personal information or refer you to a website to input your information, even if it appears to come from a retailer you do business with. The best way to confirm if the retailer really sent the email, is to call the legitimate entity directly to confirm the email is legitimate.

Monitor Your Payments
Keep records of online transactions and monitor bank and credit card statements to ensure there aren’t any fraudulent charges. Contact your bank or credit card company immediately to report suspicious activity or charges – even small ones. Oftentimes, cyber criminals test small amounts to ensure the account is active. Take the time to set up monitoring services to help you keep an eye on all your financial accounts.

This latest breach is another reminder that no company is safe from cyber attack. However, by taking a proactive approach to online security, you’re doing your part in safeguarding your information and minimizing your vulnerability to attack.

Do you have any other best practices for ensuring online security? Share your tips with us on LinkedIn, Facebook and Twitter.

By | December 16th, 2016|Industry News|0 Comments
Load More Posts