Content Theft and Identity Theft Go Hand in Hand

By | September 9th, 2014|Uncategorized|

online_gamingThis guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes to us from Tom Galvin, Executive Director of Digital Citizens Alliance. Tom is based in Washington, DC and has been active in Internet security and safety issues for over a decade. He is focused on bringing a voice to consumers, including those who have been victimized online. By putting a face on the victims of online crime, Digital Citizens will serve our fellow citizens and issue a wake-up call to policymakers and Internet companies that they must do more to protect us.

Children today are engaging with a vast amount of digital content. The average child spends around 7.5 hours a day consuming some form of media—a lot of it through the Internet. While children may be tech-savvy, they don’t always understand the implications of downloading an illegal game, song, TV show, or movie—and what those actions can mean for their personal online safety.

It should come as no surprise that a significant percentage of the content children encounter online is stolen content—music, movies, and games that are provided for “free” because the sites hosting them have misappropriated them. Criminals rake in hundreds of millions of dollars a year through advertising and subscription fees for content they don’t own. In fact, that’s a topic Digital Citizens has explored at length in our study, Good Money Gone Bad.

Children may or may not realize that downloading this content is illegal, and certainly more education is needed to help children behave ethically and morally online. Beyond the issue of whether downloading stolen content is ethically wrong, it also exposes children to significant risks. Those “free” games or songs can end up costing children and their parents a lot, including their identities.

A good rule of thumb for anyone to follow is that there’s no such thing as “free” on the Internet. Downloading stolen content exposes an Internet user and his or her entire family to malware and spyware that puts personal information at risk, gives hackers access to private content, and enables identity thieves to steal your life.

According to a recent survey, identity theft among children is on the rise. One out of every 40 households with kids 18 or under has experienced “at least one child’s personal data compromised by identity thieves.” Sadly, most of the time identity theft among children isn’t even discovered until years later, when the child becomes old enough to apply for a bank account, student loan, or credit card. By then, the damage done can be extraordinary.

Children are especially vulnerable to identity theft because their identities are essentially clean slates. They have Social Security numbers with no credit histories, making them perfect targets for online criminals who can use their Social Security information to open fraudulent bank accounts, new lines of credit, or even mortgages and loans.

Most of us would never condone a child walking into a local store and stealing a CD, DVD, or video game, but when they download illegal content, that’s essentially what they’re doing. The only real difference is that stealing a DVD from the local Best Buy isn’t likely to lead to weeks or years of frustration and expenses trying to reclaim a stolen identity.

In today’s digital world, it’s not just about teaching our children right and wrong when it comes to content theft, as important as that is. It’s also about helping them understand how downloading supposedly free movies, music, or games can put their online safety and their identities at risk. Today’s children need to know how their actions online can impact their entire life offline, and that means their parents need to know as well.

For more information, visit the FTC’s guide to Child Identity Theft.

News Recap: Healthcare Industry Accounts for 44 Percent of Breaches

By | September 4th, 2014|Uncategorized|

medicalEarlier this year, our friends at the Identity Theft Resource Center published their latest breach statistics, showing that the healthcare industry accounted for nearly 44 percent of all breaches. According to Fortune reporter Laura Shin, 2013 “was the first time that the medical industry surpassed all others, and stood in stark contrast to the financial services industry, which represented just 3.7% of the total.”

Shin reports that the “leading causes of a breach are typical for any business: a lost or stolen computing device, an employee error, a third-party snafu.” However, there’s also a different kind of fraud that occurs in the healthcare industry, one that Shin terms “Robin Hood fraud.” In this case, family members knowingly give their insurance to an uninsured family member or friend so they may receive health care.

The effects of medical identity theft are harmful to victims and the industry. Not only can fraudulently altered medical records lead to misdiagnoses, but “clearing up a record corrupted by commingled information costs victims an average of $19,000,” reported Jane Antonio at FireceHealthPayer.

Beyond these fraudulent causes, Shin notes that “one cause has grown in importance: criminal attacks have doubled in the last four years,” according to Ponemon’s Fourth Annual Study on Patient Privacy and Data Security.

How can the healthcare industry better protect against data breaches and “friendly fraud?”  Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.


Don’t post your credit card number online and other social networking best practices

By | June 18th, 2014|Uncategorized|

OopsThis Monday, we got a good reminder that you always need to mind your security p’s and q’s when posting to social media sites. Celebrity chef Marcus Samuelsson accidentally posted a picture of his personal credit card (and security code!) after enjoying a meal at Spices in San Francisco. This was an innocent mistake that was likely resolved after a brief moment of panic and a call to the credit card company but this brings to mind other common security faux pas that we make online that can have a more lasting impact.

Here are some good social networking basics that should be kept in mind to stay safe online:

Once online, always online. Marcus deleted the picture of his credit card shortly after he posted. Despite his quick reaction, plenty of people had time to grab a screenshot (ourselves included) thus immortalizing his credit card number. Never assume that anything you post online is private or that anything you delete is gone forever. With this in mind, it is best to err on the side of caution and don’t post anything that you wouldn’t want your mother or future employer to see.

Check up on your privacy settings. Social media sites are constantly updating and changing their privacy policies. This means that the information you thought only friends could see may now be visible to others. A good best practice is to check up on the privacy settings of the networks you use every few months or when you get an alert that something is changing. This will ensure that what you post is visible to only those that you want to see it.

Be cognizant of the types of personal details you post online. Your address, phone number, personal email and date of birth are all information that can be used in an identity theft event. Even innocuous information like your high school mascot or mother’s maiden name should not be shared, as these are common password reset questions. Cyber criminals are getting pretty savvy at piecing together information to create a profile that can be used for identity theft. An identity monitoring service can give you a heads up if this is happening to you.

Don’t talk to strangers. This age-old advice should be heeded both in person and online. Don’t connect to people you don’t know on social media sites as this can increase your likelihood of being a victim of fraud.

Have you made one of these mistakes in the past? How did you fix it? Let us know on Facebook, Twitter or LinkedIn.

Facebook’s Acquisition of Oculus VR: Next Evolution of Social and Security

By | May 20th, 2014|Uncategorized|

Oculus VRFacebook’s bold buy of Oculus VR in late March made a statement that virtual realities have a future in the social space, and companies like Sony, Microsoft, Google and others are taking note. Virtual realities have been around for decades, but have yet to materialize beyond the world of gamers. The big question rests with Facebook: how will they use Oculus VR to bring life to the 1s and 0s that make up our digital profiles?

This next evolution in technology has the potential to make virtual realities accessible to consumers through Facebook, fostering stronger online interactions in a new online world. In past, gamers used nicknames and virtual aliases to connect with others. For social experiences, users do not rely on anonymity, but rather tie their social profiles to their identity. As a result, consumers need to be more aware than ever before with the risks associated with this new technology.

The expansion of virtual realities brings new evolutions to the methods of cyber attacks. Identity thieves are constantly adapting to the changing technological infrastructure, and social networks have made it easier for cyber criminals to collect your personal information. In addition, children have been found to be more easily attacked online, and this new online world will only increase their chances of becoming victims of cybercrimes as it becomes more adopted. Now, the need for identity management resources is more important than ever—and at CSID, it is our job to stay on top of cyber crimes. For advice on how consumers, parents and even companies, can protect their sensitive information online and off, check out our white papers, Managing Online Reputation in a Digital World and Child Identity Theft: A Parenting Blind Spot.

As always, tell us what you think about Oculus VR and the future of virtual realities on Facebook and Twitter, and stay up-to-date on the latest security news on our Tumblr feed.

#cyberSAFEChat: Child ID Theft and Privacy

By | April 10th, 2014|Uncategorized|

Last year we polled parents on their feelings and actions towards child identity theft. The results? Most were not taking measures to protect their children against identity theft risks. Recently, we heard from parents and businesses with more questions and interest surrounding this topic. To address these questions, we hosted a #cyberSAFEchat Twitter chat coupled with a replay of our 2013 webinar on child identity theft and privacy. The onslaught of interest and information shared during the Twitter chat showed just how relevant the topic still is in today’s digital world.

Clay Nichols from LookOut Social and Anne Livingston from KidsPrivacy co-hosted our #cyberSAFEchat this week, answering questions and providing expert advice on child identity theft prevention. We had a wonderful group of participants, including the National Cyber Security Alliance, Ginger Hill from Security Today Magazine, Social Assurity and Data Privacy Day. This brilliant group of security and child privacy experts shared tips, resources and facts about the realities and risks parents face when it comes to protecting their child’s identity. Below are some key highlights from our #cyberSAFEchat or you can read the entire chat transcript on our Storify.


CSID Hosting #cyberSAFEChat: Child ID Theft and Privacy

By | March 17th, 2014|Uncategorized|

A few months ago we hosted a webinar about the increasing problem of child identity theft. Since then, the topic has only gotten hotter. On a daily basis we see more stories in the news and receive business inquiries about child ID theft – so we thought, why not address this issue again? Thus, on April 8 at 12 PM CDT we will be re-screening our webinar about child ID theft, featuring panelists from LookOut Social, Carnegie Mellon Cylab and uKnowKids. Stay tuned for details on how to register for this webinar replay.

Leading up to the webinar, we’ll be hosting another rendition of #cyberSAFEchat! Join us for the Twitter chat Monday, April 7 at 1 PM CT to talk about child identity theft and privacy.

In this chat, we will explore why and how children’s identities are at risk, how social media plays a role in their security, privacy and reputations, and what we can do to mitigate these risks. We will welcome co-hosts and fellow child identity and privacy experts LookOut Social (@lookoutsocial) and KidsPrivacy (@kidsprivacy) to discuss the following key questions:

  • Q1: Why and how are children targeted for ID theft?
  • Q2: How have social media and other online activities impacted children’s identities?
  • Q3: What are schools, governments and other institutions doing to help protect kids’ identities – and how much of a role do you think they should have?
  • Q4: What can we do – as parents, businesses and consumers – to combat child ID theft and keep kids safe online?

To participate in #cyberSAFEChat, all you need is a Twitter account. You can follow the hashtag #cyberSAFEChat on Monday, April 7 from 1 – 2 PM CT, and tweet your questions and comments to the group by including the #cyberSAFEChat hashtag in your tweets.

Don’t forget to add it to your calendar! And be sure to connect with CSID, LookOutSocial and KidsPrivacy on Twitter and let us know if you plan on participating. See you there!

Twitter chat_031714

Evolution of Identity Management

By | February 6th, 2014|Uncategorized|

CS_Infographic_EvolutionOfID_LargeProtecting your identity isn’t as cut and dry as it was before the digital age. Before the internet, identity thieves would find personal data by hunting through the garbage for sensitive documents, phishing for private information via phone rather than email or purchasing personal data from unscrupulous store employees.

Now, with advances in technology, identity thieves have many more tricks and tactics to collect sensitive information, especially in the online world. The types of information that are valuable to identity thieves have also changed. Social Security numbers and credit cards still fetch a high price on the identity black market but email address and login information are also prized as they provide access to valuable online accounts such as Amazon or banking sites. Add this to the fact that social networking profiles have made it easier than ever for cyber criminals to collect personal information and it is easy to see that the need for identity management has become more important than ever.

Take a look at our identity management infographic to see what information cyber criminals are going after now and what security risks consumers and businesses should anticipate in the future. While identity management in this increasingly digital world can be daunting, there are many unique solutions both new and in the works that can help companies and consumers protect their sensitive information online and off.

You are welcome to share this infographic on your website and can access the embed code on In the meantime, please let us know how you plan on managing your identity by leaving a comment on our Facebook or tweeting at us on Twitter. Be sure to stay up-to-date on the latest security news on our Tumblr.

Tax Identity Theft: How to Avoid It and What to Do if You Are a Victim

By | January 23rd, 2014|Uncategorized|

Tax tips picOn January 31, the IRS will start processing income tax returns. This day also marks the beginning of one of the busiest times of year for identity thieves looking to cash in by filing false returns.

Tax identity theft is a growing issue. In 2010, almost 15 percent of all identity theft complaints to the FTC were related to tax returns. In 2012, this number increased to 43 percent. The growth continued in 2013.

Why this quick growth? Tax identity theft is a relatively easy crime to commit. All an identity thief needs to file a false return is a Social Security number and forged forms. However, the ways to combat tax identity theft are a little more complicated. Here are some tips to decrease your chances of becoming a victim:

  • File early: This is perhaps the most important and effective tip to avoid tax ID theft. The earlier you file your taxes, the earlier the IRS processes them and the smaller the window that leaves for identity thieves to file using your information. Once you file your return, an identity thief won’t be able to collect on your Social Security number.
  • Protect your Social Security number: This tip applies to all forms of identity theft, but is particularly relevant when tax time rolls around. Guard your Social Security number. Shred any documents that include the number. Don’t put it on forms or share it when it is not needed. Don’t carry your Social Security card in your wallet. If an identity thief doesn’t have your Social Security number, they can’t file for a tax refund on your behalf. There are services available that will monitor your Social Security number and send an alert if a fraudulent name or address becomes associated with it.
  • Keep an eye on your mail: Tax documents like your W2 are usually sent via mail in envelopes marked “tax documents enclosed,” making them easy marks for identity thieves. The typical W2 not only lists your earnings for the year but also your name, address and Social Security number. Consider investing in a mailbox that locks or a P.O. box. At the very least, check your mail frequently.

If you have been the victim of tax fraud there are a few things you need to do to ensure you get your return and reduce the risk of it happening again:

  • Contact the IRS ASAP. You can reach the IRS Identity Protection Specialized Unit at 800.908.4490, extension 245.
  • File the IRS Identity Theft Affidavit, Form 14039. This form will help prevent future occurrences of tax-related identity theft.
  • Contact the fraud departments of the three major credit bureaus. This will help prevent identity thieves from misusing your personal information for other things such as securing a loan or opening up a credit card.

Have you been a victim of tax-related identity fraud? What was your experience like? As always, let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

News Recap: IRS Reports Increase in Tax ID Theft

By | January 10th, 2014|Uncategorized|

Tax ID BlogAs the opening of tax season approaches, concern for the identity protection increases – and new reports confirm that the risk for tax identity theft is real.

According to the Associated Press, The IRS has reported a significant increase in the number of identity theft cases in 2013. AP quotes the agency, saying “[As of] Tuesday it launched 1,492 criminal investigations into identity theft last year, a 66 percent increase from the year before.

Prosecutions and indictments more than doubled.” The AP also reported on the growth pattern of identity theft and fraudulent tax returns, saying, “The issue has exploded in just a few years. In the 2011 budget year, the IRS recommended 218 cases of suspected identity theft for prosecution, a number that grew to 1,257 last year. The number of indictments grew from 165 to 1,050 in the same period.” reporter Mike Godfrey described the steps the IRS is taking to prevent identity theft and tax return fraud, which include significant increases in hiring as well as training for employees. As for steps the IRS is taking to protect and advocate for victims, Godfrey reported, “the IRS pointed to the expansion of Identity Protection PIN (IP PIN) numbers… Furthermore, the IRS continues to dedicate more employees to resolution of victim cases that are usually extremely complex to resolve, frequently involving multiple issues and multiple tax years.“

This year, the FTC is hosting “Tax Identity Theft Awareness Week” from January 13th to the 17th. Take a look at their website to find out how you and your business can participate in Tax Identity Theft Awareness Week.

What else should the IRS do to prevent identity theft and tax return fraud? What steps should individuals take in order to protect themselves? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

News Recap: New Texas Law Aims to Protect Children From Identity Theft

By | January 3rd, 2014|Uncategorized|

Texas law blogAt the start of 2014, Texas passed a law enabling parents to create a security freeze on their children’s consumer and credit files. Texan residents 16 and under will be protected under this new legislation, which aims to prevent children from becoming victims of identity theft or credit card fraud.

KVUE’s Jim Bergamo quoted Texas Senator Jane Nelson, who helped to get this bill passed, saying: “A staggering number of Texas children have fallen victim to illegal child identity theft, putting them at risk for credit problems before they ever reach adulthood.”

Last year, CSID surveyed parents on the topic of identity theft and found many were aware of child identity theft, but 88 percent were not actively taking measures to prevent the misuse of their child’s online information.

While many seem to be in support of the legislation, some speculate whether this will protect children from the people closest to them. D’Ann Johnson, a resident of Austin, Texas, pointed out in an interview with KVUE, “there are parents who steal their children’s identity, because they themselves have bad credit. So, giving parents control over children’s credit might not always be in the best interest of the child.”

You can find a full summary of the law by visiting LegiScan.

Do you think this law is an effective preventative measure against child identity theft? Do you think Texas will see a reduction in the number of child identity theft and credit card fraud cases? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts