News Recap: Identity Thieves Stole $4B in Tax Returns

By | November 8th, 2013|Uncategorized|

tax blog picA recent inspector general’s report released information that the Internal Revenue Service (IRS) sent $4 billion in fraudulent tax returns last year to identity thieves. Many fraudulent returns were sent to Miami, Chicago, Detroit, Atlanta, Houston and overseas countries, including Bulgaria, Lithuania and Ireland.

The IRS increased efforts this past year to combat tax fraud, Associated Press’ Stephen Ohlemacher reported. In 2012, ”the IRS stopped more than $12 billion in fraudulent refunds from going to identity thieves, compared with $8 billion the year before,” Ohlemacher wrote. This increased savings may be resulted from the IRS doubling the number of employees working on identity theft issues last year, totaling 3,000, according to Gregory Korte of USA Today.

However $4 billion in fraudulent taxes still managed to get to identity thieves last year. Though the IRS prevented more refunds from going to identity thieves, more victims had their identities stolen this year, reported the Washington Post: “Through June, the IRS identified 1.6 million victims who had their identities stolen during this year’s tax filing season, the report said. That compares with 1.2 million victims in 2012.”

USA Today reporter Gregory Korte explained how tax fraud by way of identity theft typically works: “Thieves, using a valid social security number, file a tax return using fictitious withholding forms showing that they’re due a refund, and have those refunds sent to another address. When the real taxpayer tries to file a return, the IRS rejects it.” Identity thieves usually prey on the young, old and people who have died, said the Washington Post.

IRS spokeswoman Julianne Fisher Breitbeil said in USA Today that the IRS is continuing to develop fraud detection systems. “Since 2011, the IRS has stopped 12.6 million suspicious returns involving $40 billion in fraudulent refunds,” USA Today reported.

Are you surprised at how many U.S. tax dollars were stolen by identity thieves? How can people and businesses better protect against tax fraud and identity theft? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Ponemon Institute Survey Reveals Medical Identity Theft is on the Rise

By | September 25th, 2013|Uncategorized|

imagesThe number of medical identity theft victims increased by over 300,000 cases since last year, according to a report from the Ponemon Institute’s 2013 Survey on Medical Identity Theft. The fourth year of the study revealed that medical identity theft is a costly crime and on the rise.

While data breaches are still a concern, the study found that many cases of medical identity theft resulted from the sharing of personal credentials with family and friends. In most instances, many lacked awareness of the crime and its severity. According to the study, “50 percent are not aware that medical identity theft can create inaccuracies in their personal records,” resulting in life-threatening misdiagnosis, errors in prescriptions, delay in receiving medical treatment and mistreatment.

Individuals, healthcare and government are having to adapt in order to reduce the risk of medical identity theft. The first step for individuals is to build awareness of the consequences of sharing personal information. Below are a few recommendations from the study to protect individuals from medical identity theft:

  1. Never share your personal medical credentials with anyone, even family and friends.
  2. Regularly monitor your credit reports and billing statements for any fraudulent activity.
  3. Check with your primary physician to ensure the accuracy of your medical records.
  4. Engage in identity protection services to monitor and safeguard your identity.

Follow CSID on Twitter and Facebook for more news and tips, and be sure to check out our Tumblr for the latest industry news stories.

10 Ways to Prevent Identity Theft While Traveling

By | July 24th, 2013|Uncategorized|

travelSummer is a prime time for traveling, and travelers are prime targets for identity thieves. Why? Because they typically carry more personal identifiable information with them than usual, including passports, airline tickets and extra credit cards. Additionally, people on vacation typically travel with more money in their bank accounts, making identity theft a high priority for criminals. Whether you’re traveling domestically or internationally this summer, for business or pleasure, be sure to follow these 10 tips to help prevent having your identity stolen while you’re away from home.

1. Leave important PII documents at home
Before you set off, leave personally identifiable information documents at home, including social security numbers, bank statements, medical documents and personal checks. These documents are easily stolen – or forgotten – from your wallet, rental car or hotel room.

2. Don’t use public Wi-Fi at the airport
Never connect to an unsecured Wi-Fi network on your laptop or mobile device. Connecting to “Free Public Wi-Fi” at the airport or other public place enables cyber criminals to capture your Internet history tracking data, aka “cookies,” and access your email and social networking accounts. Use a VPN (virtual private network) and/or stay on your 3G or 4G connection to remain secure.

3. Keep your mobile device locked
Password protect your phone in case it is lost or stolen. This can prevent, or at least delay, identity thieves from accessing sensitive apps and data. For extra protection, you can download the “Find My Phone” app for iOS or “Where’s My Droid” app for Android that enables you to remotely wipe your SD card and phone data.

4. Treat your child’s identity as your own
Children are also a key target for identity thieves – one in 10 children will become a victim to child ID theft. Treat their PII documents as securely as your own, and teach your children to avoid public Wi-Fi on mobile devices during your trip.

5. Don’t store devices in checked baggage
While it may be tempting to store a heavy laptop in your checked luggage, it’s safer to keep your devices with you in your carry-on baggage. Keeping your devices close to you while traveling helps keep snoops away.

6. Don’t post on social media during your trip
Avoid posting pictures and locations while you’re vacationing, including Facebook updates, tweets, Instagram pictures and Foursquare check-ins. This can alert criminals to your absence and give them a prime opportunity to snatch your unchecked mail or worse – break into your unprotected home.

7. Update everything before traveling
Make sure all of your devices are up to date on the latest software prior to going on your trip, as updating while traveling (on hotel or public Wi-Fi for instance) can increase your chances of downloading malware.

8. Use the hotel security box
Carry as little personal information with you as possible to protect against pickpockets and muggers, and safely store the rest of your documents in the hotel safe.

9. Check your bank account activity intermittently
Make sure there’s no fraudulent activity occurring during your trip – and after. Keep an eye on your bank account for several weeks after returning from a trip; identity thieves are patient and will likely use your information after you return home.

10. Change log-on passwords when you return
To be extra sure that criminals will not be able to access your bank accounts, email or social accounts, change your passwords. Create long passwords that do not contain any personal information an identity theft could guess. Avoid using words like “password” or “123456,” or any of these “Worst Passwords of 2012.”

National Internet Safety Month: Keeping Children and Teens Safe on Mobile

By | June 27th, 2013|Uncategorized|

internet_safetyThis June, organizations across the country are celebrating National Internet Safety Month, a nationwide effort to spread awareness on Internet dangers and provide resources to educate children, teens and adults on preventative measures.

National Internet Safety Month was passed as a resolution in 2005 by the U.S. Senate to raise awareness of the need for online safety, especially among children and teens. The Internet safety landscape has changed since 2005, thanks to the rise of smartphones and social media. Now children and teens are connected to the Internet more than ever with mobile devices, putting themselves at higher risk for identity theft and child predators. In fact, 78% of teens now have a cell phone and almost half (47%) of them own smartphones according to Pew Research’s Teens and Technology 2013 Report. That’s a large increase compared to just 23% having smartphones in 2011. Additionally, teens are connected to tablets just as often as adults.

This constant connection to the Internet means that parents and educators have a responsibility to teach children and teens how to stay safe online, especially on their mobile devices. Here are 5 tips for keeping your child’s identity and device free from cyber criminals.

  1. Teach children how to identify email and text phishing scams: Frauds will send you a text or email that looks like it is from a familiar source in order to squeeze personal information out of you. Do not click on any links and never respond with personal information such as your phone number or home address. Personal information should only be given in person.
  2. Don’t use public Wi-Fi: Some smartphones may be set to automatically connect to Wi-Fi, giving hackers a chance to steal information from your phone. Show your children how to turn off that setting to avoid using unsafe public hotspots.
  3. Disable GPS identifiers on social media apps: Children and adults alike should turn off GPS identifiers on social media apps, including location stamps on Facebook posts, tweets and Instagram pictures. Geotagged information can compromise privacy and reveal personally identifiable information (PII) to identity thieves.
  4. Prevent mobile malware by downloading credible apps: Mobile malware can slow down your phone’s processing abilities, steal your photos, spam your contacts and hack into your email. Help your children prevent malware from getting onto their mobile devices by allowing them to download only credible apps from known app marketplaces.
  5. Protect devices with anti-virus software: Though iOS does not have anti-virus software for mobile devices, Android users can download extra protection for their phone.

What are some additional ways you protect your children and yourselves online? Be sure to share with us on Facebook and Twitter and don’t forget to take a look at our blog post “5 pieces of information kids should not share online” for more child identity theft protection tips.

News Recap: Yahoo plans to “recycle” old email addresses, causing identity theft concerns

By | June 20th, 2013|Uncategorized|

mail_lockYahoo announced that they are planning to “recycle” inactive email accounts in order to free up old email addresses for active users. Security experts are worried that this move will allow criminals to claim identities of the inactive account’s previous owner.

Mat Honan, senior writer at Wired who was attacked by hackers last year, called this move a “very bad idea.” He believes this “means that people will be able to claim Yahoo IDs and use them to take over other people’s identities via password resets and other methods.”

Yahoo addressed security concerns, stressing that it has “put in place various safeguards, such as coordinating with other major web companies including Google and Amazon to minimize the risk of identity theft,” reported PC Pro. Additionally, “the vast majority of inactive Yahoo IDs don’t have a mailbox associated with them,” CNN said. “Any personal data associated with the accounts will be deleted.”

Yahoo Director Dylan Casey told Reuters: “Can I tell you with 100 percent certainty that it’s absolutely impossible for anything to happen? No. But we’re going to extraordinary lengths to ensure that nothing bad happens to our users.”

According to The Verge, active users will have a chance to reserve an inactive email address beginning July 15th and will be notified in August if their registration is successful. Users can only claim email addresses that have been inactive for more than 12 months.

Do you think Yahoo’s move to release old email addresses will result in identity theft? What are some ways to safeguard your active and inactive email accounts? Let us know what you think on Twitter and Facebook. Be sure to check out our Tumblr page for the latest industry news stories.

Protecting Against Child Identity Theft

By | May 16th, 2013|Uncategorized|

child_id_theftOne in 10 children are targeted for identity theft. This rate is often higher for the 380,000 children in the foster care system. As May is National Foster Care Month, it is important to recognize that foster children are prime targets for identity theft for a number of reasons. Their Social Security Numbers go with them through frequently changing hands, including parents, foster parents and care organizations. Plus, their credit often remains unchecked until they leave the foster system at age 18.

Unfortunately, these same conditions apply for children not in the foster care system. A child’s Social Security Number gets passed around quite a bit – schools, doctors, after care programs and often parents don’t even think about checking their child’s credit report for activity.

As occurrences of child ID theft increase, states are starting to take notice – just this week, legislation that would increase the penalty for identity theft committed against children is headed to the Pennsylvania Senate. In April, Florida passed a bill that requires the nation’s three consumer reporting agencies to allow Florida parents to open a credit report for their child – and then freeze it – a measure that would prevent others from opening a fraudulent account with the stolen information.

We expect to see similar bills being drawn up and passed in the coming year as more government officials, child advocates and parents become aware of this issue. In the meantime, take a minute to make sure you are taking the appropriate measure to protect your child against the threat of identity theft.

Have questions about how to protect your child’s identity, reach out to us on Twitter or Facebook.

#Youridentity and Social Networks

By | May 2nd, 2013|Uncategorized|

identity_socialThis blog post comes from Adam Kennedy, Product Analyst at CSID.

With the rise in social networks and the increasing desire to share personal data in public forums, it’s no surprise identity thieves are targeting Facebook, LinkedIn, and Twitter to steal your identity.

What are they after?
Your Facebook page and Twitter profile page will show your name, email address, your current employer and friends. Most don’t use the proper privacy settings and provide access to date of birth, phone number, and current address. Those in the professional world have a LinkedIn profile with your primary college, where your first job was, and your colleagues. Soon the identity thief can piece together your personal life; your childhood nickname, your favorite childhood friend, where you were born, the make and model of your first car.

What can they do with your identity?
Identity thieves that successfully gather enough information about you can gain access to your bank accounts, email accounts, and even open new accounts since your bank, credit card company, and your email accounts all have security questions designed on your personal life (your childhood nickname, your mother’s maiden name, etc.). In addition, an identity thief can call your bank acting as you and have the password reset over the phone, free to gather any information needed to drain your accounts.

An individual’s email inbox contains a treasure trove of information such as old passwords for bank accounts and e-commerce accounts like Amazon or eBay, bank and credit card account numbers, and even tax return information including, your SSN. So, you can imagine an identity thief’s desire to get into your email inbox.

What are safe social network practices?

  1. Maintain you Privacy settings: There are privacy and security settings on social networks which help keep your information private and out of public view. Each social network website has a section outlining the necessary steps to utilize these settings.
  2. Limit personal information: It is important to be careful how much personal information you share on social networking sites. The more information you post, the easier it is for a hacker to access your data and piece together your identity for malicious use. Avoid listing the following information publicly: date of birth, hometown, address, education, and primary email address. Also avoid information that could be used as a security question: your mother’s maiden name, the make and model of your first car, etc.
  3. Stay away from surveys: Survey scams are typically found on social networking sites like Facebook. They come in the form of wall posts with a link. They use clever social engineering techniques like mentioning popular news items about celebrities, or political issues. Another popular hook is mentioning a contest or prize giveaway. By hooking survey scams with effective social engineering lures, users are likely to click the links or follow the instructions included in the posts. Once the link is followed, malware can be attached to the computer where your personal information can easily be collected.
  4. Be aware of whom you friend: The easiest way for identity thieves to get into your personal life is by friending you. This gives the identity thief access to any public or private information you or a friend posts about you. Only invite people to your network that you know or have met, as opposed to friends of friends and strangers.

Have additional tips for safe social network practices? Share your thoughts with us on Facebook and Twitter.

Prevent Child Identity Theft – 5 Pieces of Information Kids Should Not Share Online

By | April 23rd, 2013|Uncategorized|

child_ssnThis post comes to us from Anne Livingston, the creator of the KidsPrivacy blog. She is writer and speaker with a passion for teaching parents and kids how to manage life online. Follow her on twitter @kidsprivacy.

When I talk to my kids about what not to post online, I focus primarily on information that would allow a stranger to contact them. Their information is also valuable to identity thieves. Thieves search kids’ social media accounts looking for personal information. They use their information to open fraudulent accounts or attain pieces of ID such as a driver’s license. With a child’s information, they often can impersonate them for years without being detected. According to a study by CyLab at Carnegie Mellon, identity theft is 51 times more likely with children than adults. Recently, CSID conducted a survey to find out what parents know about child identity theft. The survey found that most parents do talk to their kids about sharing information online and, like me, they do so because of concern about their child sharing information online with strangers. Only 18% of parents were concerned with identity theft, however, and although concerned, most (52%) are not taking action to protect their children’s information. The survey found that when parents are aware of the issue they want to take action, but don’t know what to do or where to begin.

CSID brought together a panel of child safety experts to discuss what parents can do to protect their kids’ information. The first step is talking with our kids about what information identity thieves want. For example, most websites ask for a date of birth during sign up, and birthdays are routinely added to social media profiles. What parents and kids may not realize is their birthdate is a key piece of information for identity thieves.

It is important for parents to teach kids to protect their information from thieves. Here are 5 key pieces of information kids should not share publicly online – in social media profiles as well as chat rooms, forums or blogs.

  1. Full Name
  2. Date of Birth
  3. Place of Birth
  4. Address
  5. Pictures of anything with identifying information (new driver’s license, first credit card, etc.)

Besides these 5 key pieces, kids should also avoid sharing information that thieves could use to guess their passwords or verify accounts. For example, if your child is using the dog’s name as their password, they should not post the name on their profile. Same goes for information used to verify accounts. If their social network asks for their mobile number to verify their account, kids should not publicly post their phone number. Finally, one of the best privacy settings is to keep sharing between real world friends and family. Remember, a friend of a friend could be an identity thief.

For more information on children and identify theft, see the CSID paper on Child Identity Theft: A Parenting Blind Spot and Child Identity Theft by the FTC.

Spring Cleaning 101: Shred, Shred, Shred

By | April 17th, 2013|Uncategorized|

shred_dayThis Saturday, April 20, is the Better Business Bureau’s (BBB) annual Shred Day—what they call an “identity theft, fraud prevention and educational initiative.”

Why shred?
We often have documents lying around that feature sensitive information sought by identity thieves and fraudsters. This personal identifying information (PII) can include your name, Social Security Number, bank account number or routing number, and credit card number. Most know that we need to keep this information safe. But what you may not know is that your birthdate, address, phone number and other details can leave you just as vulnerable to identity theft and fraud.

While many of us just rip these documents in half before throwing them in the trash, thieves can still put together the torn document or make out the information they need on just one piece. Shredding is one of the easiest, most reliable ways to securely dispose of old documents with sensitive information.

Remember digital files, too. Be sure to completely wipe old mobile devices, computers and external hard drives of all records before disposing of them.

What can you do?
Through the initiative, BBB will host free document shredding events and cell phone and computer recycling stations around the country. Go to the BBB website to find events in your area, or see here for events in Austin.

Or, if you can’t make it to a BBB sponsored event, you can still take the time to secure yourself and your business.

  • Shred old sensitive files in your home or business, including: tax returns, bank statements, credit card offers, pay stubs, expired credit cards, proposals and plans, and proprietary information. Encourage your friends, family and employees to do the same.
  • Organize a shred day at your office in which everyone collects old files to shred – a good spring-cleaning initiative.
  • Teach your kids about the importance of properly disposing sensitive information – and let them help (with supervision).
  • Wipe all data from old hard drives and mobile devices – then recycle them safely. Encourage your friends and family to do the same, and set up best practices for disposing of unused devices at your company.

Do you already shred at home or in your company? If not, we’d love to know why – and will you start? Let us know on Twitter and Facebook.

Industry News Recap: Lawmaker Experiences Tax Identity Theft

By | April 12th, 2013|Uncategorized|

tax_id_theftIn trending news, Mississippi state Representative Lester Carpenter found that someone else had filed for his 2012 tax return. While the identity thief asked for Carpenter’s tax refund to be automatically deposited, he or she had provided incorrect bank account information, causing the check to be mailed to Carpenter’s home address.

“Carpenter went to the Mississippi Attorney General’s Office where officials did a computer search and found that two other individuals, including the one in Texas, were using his Social Security number,” said USA Today. “Since the start of this year, the IRS has worked with victims across the country to resolve more than 200,000 ID theft cases.”

The IRS reported that tax identity fraud cases are on the rise, with 940,000 fraudulent tax returns filed in 2011 – an increase of 49,000 cases in two years. “In response, the IRS has been updating its fraud screening systems and penalizing more identity thieves,” said CNN Money. “Last year, the agency stopped $20 billion in fraudulent refunds from being issued – up from $14 billion in 2011. And earlier this year, it launched a nationwide crackdown that brought enforcement actions against 389 identity theft suspects in 32 states. The IRS has also more than doubled its staff devoted to identity theft cases.”

As another tax season comes to an end, what are some safety precautions you use year-round to prevent identity theft during tax season? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr page for the latest industry news stories.

Load More Posts