Identity Theft Prevention & Recovery

Moving ...

2008-04-29T14:08:00.000-07:00

by Doug Pollack

Our ID Experts blog is moving to a new home. Please check out the latest in identity theft and data breach news, advice and other happenings at our new address www.blog.idexperts.corp.com.

We are also sponsoring a new, informational data breach news site providing articles and news events specifically focused on data breaches. Please visit often or subscribe to this site at www.databreachwatch.org.

Both sites will continue to provide you with current and helpful information in the areas of identity theft and data breaches.

Independent Risk Analysis Presented at FOSE Conference April 1, 2008

2008-04-03T17:30:00.000-07:00

by Rick Kam
April 3, 2008

This conference is one of the largest IT conferences for public agencies with attendance approaching 20,000 professionals. Leading educators and technology solution providers focused on security, privacy, and "green" IT solutions.

Keynote speakers from Google, Sun Microsystems and others talked about the future of computing and how public agency IT professionals can create a more productive and secure computing environment.

I presented for ID Experts on the topic of how an "Independent Risk Analysis" provides public agencies a more effective solution to mitigate risk when they have a data breach (i.e. when the best security measures fail, what next). Highlights from my presentation included:

1. The requirements that prompted congress to enact public law requiring independent risk analysis
2. When an agency would implement an independent risk analysis
3. What are the benefits of doing an independent risk analysis
4. How to initiate an independent risk analysis
5. How to be better prepared before an agency has a breach

ID Experts was one of two companies awarded a government contract to provide Independent Risk Analysis to public agencies in the U.S. This was a great opportunity for us to explain to public agencies how our solution helps them assess and certify the level of risk for an affected breach population and develop an effective risk mitigation plan.

LifeLock Class Action Lawsuits

2008-04-01T16:59:00.000-07:00

by Doug Pollack

This past week, there were two class action lawsuits filed against LifeLock, one in its home state of Arizona and one in New Jersey. Following on a recent lawsuit filed against LifeLock by Experian, one of three US credit bureaus, these class action lawsuits also assert that LifeLock is engaged in deceptive advertising relative to the level of protection provided by their service against identity theft. The LifeLock offering depends almost entirely upon the placement of perpetual fraud alerts as the means for protecting their subscribers from identity theft.

As noted by David Paris, an attorney involved in this matter, in an article on the CNBC website titled "N.J. Class Action Lawsuit Filed Against LifeLock Alleging Deceptive Marketing Regarding Limited Level of Protection Against Identity Theft":

" 'While fraud alerts may be effective in limited instances, they certainly cannot provide the comprehensive identity protection that LifeLock deceptively advertises,' said Paris. 'For instance, fraud alerts cannot stop the use of existing account numbers, and contrary to LifeLock's advertisements, lenders are certainly not required to contact the subscriber before extending credit to a potential identity thief.' "

The article and comments from Mr. Paris also address the alleged deceptive nature a severe limitations on the highly publicized $1MM LifeLock Guarantee:

"According to the Complaint, LifeLock also misleads subscribers by advertising its $1 million service guarantee. 'Potential LifeLock subscribers are enticed by the 'safety net' of what appears to be a one-million dollar insurance policy against any losses sustained as a result of identity theft,' said Paris. 'In actuality, once you get beyond the limitations and disclaimers, you find that the guarantee is limited to fixing failures in LifeLock's services and paying third-parties to attempt to restore subscriber losses.' "

Hopefully these lawsuits will help bring visibility and clarity to consumers as to the differences in identity theft protection services. Most services, including those provided by the company that sponsors this blog, ID Experts, do not rely on fraud alerts as a primary or sole means of protection, nor do they make questionable or misleading large dollar guarantees. It is unfortunate that brash marketing tactics have made it difficult for consumers to make an informed product decision based on the facts related to differences in these services.

ID Experts Launches New Data Breach Services

2008-03-25T18:47:00.000-07:00

by Doug Pollack

Tomorrow at the International Association of Privacy Professionals (IAPP) conference in Washington, D.C., we will announce our new ID Experts Data Breach Services.

Developed to resolve the growing consumer dissatisfaction with current breach notification and response methods, these services include breach assessment, notification and communications, monitoring and identity theft recovery components. Tailored to meet the individual needs of the private sector and government agencies, ID Experts is delivering a comprehensive approach to responding to data breach events that alleviates legal liability, manages public perception, and protects and restores individuals’ identities from identity theft.

We have also released a preview of the results from a study that we recently commissioned with the Ponemon Institute, the leading privacy and information management research firm, to be released in April 2008 . The study delves into how consumer victims of corporate breach events are terminating their business relationships because of a lack of responsiveness.

“Our research shows that consumers are growing increasingly dissatisfied with the way they are being treated following a data breach,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “The manner in which breach notification communications are often conducted fails to appropriately convey what the consumer needs to make an informed decision about protecting their personal information and, as such, does not succeed in being the first step in helping to repair a breakdown in trust.”

You can download a pre-release copy of this Ponemon report at our website at www.idexpertscorp.com.

ID Safeguards now ID Experts(tm)

2008-03-25T10:12:00.000-07:00

by Doug Pollack

ID Safeguards is changing its name. ID Safeguards will become ID Experts(tm). Founded in 2003 with a mission to protect Americans from identity theft, we have grown into a leader in identity theft protection. Today, we apply best practices to protect over three million Americans from this growing problem.

Our team of experts is passionate about helping victims of identity theft. We are one of the only companies in the industry that provide fully-managed recovery services, in other words we do all the work for victims of identity theft in order to restore them to pre-theft status. We are also trusted by some of our country's largest and most prominent companies to provide a full spectrum of data breach response services.

As our market and our services have evolved, we have found that the common thread across all aspects of our business is our people and the expertise they provide in addressing the problems associated with identity theft. For this reason, we feel that the name ID Experts expresses more clearly and appropriately who we are today.

So ID Safeguards is now ID Experts. But rest assured, we still provide the best in identity theft protection services for individuals and families, and we provide leading corporations and public sector organizations with the most complete and tailored data breach services.

Visit us on the web at www.idexpertscorp.com, and continue to visit our blog for the latest in news and advice on identity theft.

Is the U.S. Losing the Information War?

2008-03-17T15:20:00.000-07:00

By Rick Kam

In a March 13, 2008 article in GovernmentExecutive.com by Gautham Nagesh titled "Feds losing war on information security, senators told",

"The federal government is losing the battle to keep its information systems secure, according to expert testimony at a Senate hearing on Wednesday."

Why?

Protecting information has become a significant challenge for all organizations large or small, in pubic or private industry. The amount of personal information any organization has on its customers and employees and the many ways they are stored; both in electronic and paper form, make protecting information from thieves a daunting task.

What are these organizations trying to protect?

There is value in information considered personal or health related. Your name, address, SSN, mother's maiden name, and yes, even the name of your favorite pet (if you use it as a password recovery keyword) has value to ID thieves who utilize it to access your bank accounts, set up new accounts using this information, or use you to mask their criminal past.

Think about the places you have your information stored in your home like files in your kitchen or home office, boxes in the garage, utility bills, and explanation of benefits statements posted on the refrigerator awaiting payment.

Now think about where you work, whether in health care, insurance, government agencies, car dealerships, accounting firms, etc. You may see a lot of this information accessible to anyone, including ID thieves. There in lies one of the biggest challenges. Protected information is easily available to anyone everywhere you look!

What do you do about it?

In your home, secure this information in a locked file cabinet and away from people who may see it and decide to use. At work, let your supervisor know that there is information that you think should be protected so the organization can secure it properly.

Is this a losing battle?

No. We can win the information war by each of us making an effort to do our part to protect our information and alert others when we see possible exposures. You can make a difference.

SEC Proposal to Amend Data Breach Regulations

2008-03-13T17:09:00.000-07:00

by Doug Pollack

The Securities and Exchange Commission (SEC) is proposing amendments to the Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Reporting Act (FCRA) that would create more specific requirements for safeguarding information and responding to information security breaches.

"Under the proposed amendments, if a covered institution determined that an unauthorized person had obtained access to or used sensitive personal information, and that misuse of the information had occurred or was reasonably possible, the institution also would be required to provide notification, in a clear and conspicuous manner, to each individual identified with the information."

The amendments are currently open for comment. If they go through in substantially their current form, the SEC will be requiring public companies to analyze each data breach for the risk of exposure of personal information, and then, if their determination is that the risk of unauthorized access is "reasonably possible", notify all individuals affected by the data breach.

Currently, there are no federal regulations that require notification of individuals affected by a corporate data breach. There are however numerous states that have notification laws with varying provisions.

It would be a very positive step for all of us if there are federal laws and regulations that would ensure that those affected by data breaches are notified on a timely basis and provided with useful, instructive information. All too often, individuals (millions of them each year) are notified of a data breach in such as way that it causes them great concern, but provides them with little help.

More on Experian vs. Lifelock

2008-03-12T17:32:00.000-07:00

by Doug Pollack

There is a growing amount of legal commentary emerging in the discussion surrounding the Experian vs. LifeLock lawsuit. This week, Peter Bronson from The Union.com published an article titled "Business Law Bulletin: Experian vs. LifeLock Heats Up".

Relative to the false and misleading advertising issue, Mr. Bronson notes that:

"According to Experian's lawsuit, at least one Lifelock ad claims that the company's services make it virtually impossible for identity thieves to strike, but that fraud alerts are only effective against those particular types of fraud that require accessing a credit report. In other words, says Experian, Lifelock cannot protect against such forms of identity theft as an undocumented worker using someone's Social Security number to obtain a job; or against unauthorized use of a credit card."

It is interesting to see a credit bureau that advertises their credit monitoring services as a means to help deter identity theft relentlessly (who hasn't seen the FreeCreditReport.com ads on TV?) make the case for the inherent limitations in this area.

Mr. Bronson goes on to point out the ambiguities with LifeLock's famous $1 million guarantee:

"Lifelock does offer a $1 million guarantee that if a customer's identity is compromised, Lifelock will help restore the customer's credit standing and pay the cost of doing so. However, Lifelock's web site states that the guarantee comes into effect when a customer's identity is compromised "due to a failure or defect in our Service", a phrase that seems open to more than one interpretation. (If the service offers protection against only certain types of identity theft, does the guarantee only cover those specific types?)"

This is the first instance where I've seen someone dig into the specifics of this guarantee. The "service defect" provision certainly provides LifeLock with a get-out-of-jail-free card. Not to mention, given that it is the financial institutions who provide most of the financial fraud protection, how valuable really is a $1 million guarantee other than as a marketing gimic. I guess we'll all find out as this lawsuit unfolds.

Putting LifeLock to the Test

2008-02-26T17:41:00.000-08:00

by Doug Pollack

Right on the heels of the lawsuit filed by Experian against LifeLock, the self-proclaimed leader in identity theft protection, which asserts that LifeLock uses deceptive advertising and misleading claims in advertising their service, as well as illegal means of setting fraud alerts on behalf of their customers, now a CBS news report by Jim Benemann has put LifeLock to the test, along with two other companies, Debix and TrustedID, that rely on credit bureau fraud alerts or freezes for protecting their customers.

It seems that based on this test, these products do not prevent identity theft as you might be led to believe based on LifeLock's advertising. So on to the test. The first thing he did was have three of his colleagues, Tom, Jillian, and Kristine, each sign up for one of the three services. Then...

"With their permission, CBS4's Jim Benemann took all of Tom, Jillian and Kristine's personal information including their social security numbers and dates of birth. Using that information, Benemann applied for the same major credit card in each of their names. The only little thing he changed was the address. Benemann asked for those credit cards to be mailed to his home address. Essentially, he stole Kristine's, Tom's and Jillian's identities.

The three testers weren't worried. They all figured they would get that phone call telling them that someone was applying for credit in their name and they would put a stop to it immediately. Tom waited, Jillian waited and Kristine waited close to their phones. They waited 24 hours, then 48 hours and then a week. Not one of them got a phone call from any creditor even though they had paid companies for credit protection."

It is worth noting, that a fraud alert can easily be placed by an individual for free, just by contacting the credit bureau. Unfortunately services like these make the fraud alert seem like a "silver bullet" for preventing identity theft. As this test proves, nothing could be further from the truth. The reporter goes on to note:

"And remember Kristine who signed up with LifeLock? A little more than a week after Benemann applied for a credit card in her name, that card arrived, mailed to him, at his home address. And that had Kristine all the more interested in finding out about LifeLock's $1 million guarantee...Here is what LifeLock had to say:

'The credit card companies have a contract with the credit bureaus that say they must honor fraud alerts. The fact that they chose not to is proof that the fraud alerts are not bulletproof. The good news is that this is where the LifeLock $1 million guarantee is most effective. LifeLock is not a credit monitoring service but a protection service in the event a fraud alert proves to be ineffective.' "

Having said that, LifeLock didn't clarify how they then provide "protection" for the victim of ID theft. In the past, LifeLock had outsourced victim recovery services to other companies. It would be instructive to know what they do for their victims today.

Experian vs. LifeLock Lawsuit

2008-02-21T18:12:00.000-08:00

VS.
by Doug Pollack

The Red Tape Chronicles yesterday reported on a recently-filed lawsuit by Experian, a major US credit bureau, against Lifelock. This lawsuit represents the first "shot across the bow" for vendors of credit services that rely on placing continuous fraud alerts on consumer accounts with the credit bureaus.

About.com's identity theft site defines a fraud alert as a "flag that is put on your credit report through the consumer reporting agencies. This flag establishes that as part of any credit approval process, you need to be notified."

Lifelock's consumer service, which they tout as providing guaranteed protection against identity theft, relies solely on the setting of fraud alerts to provide consumers with the stated protection. The Experian lawsuit brings into question the efficacy of fraud alerts as a means to prevent identity theft.

The Red Tape Chronicles article highlights that a key assertion of the lawsuit is that LifeLock is using deceptive advertising practices and making misleading claims in order to persuade consumers to subscribe to their service. The article notes that the "credit bureau Experian is suing the identity theft prevention firm LifeLock, accusing it of deception and fraud in its familiar advertising campaign, which includes a spot in which CEO Todd Davis reveals his Social Security number and then brags about the effectiveness of the company’s protections. In the lawsuit, filed in U.S. District Court on Feb. 13, Experian contends that LifeLock's advertising is misleading and that the firm is breaking federal law in the way it goes about protecting consumers."

The Experian lawsuit also brings into question the legality associated with firms placing fraud alerts on behalf of consumers. The Red Tape Chronicles article notes that "Experian contends that LifeLock's chief ID theft prevention tool -- the placing of continuous fraud alerts on consumers' credit files – is illegal because, under the Fair Credit Reporting Act, fraud alerts can only be requested by the individual consumer or an individual acting on behalf of the consumer."

ID Safeguards provides corporations and consumers with identity theft services. Among these services are those that assist victims of identity theft with recovery of their identities taking a "fully managed" approach to recovery. Coincidentally, the company has handled identity theft recovery efforts for numerous LifeLock members who became victims of identity theft, despite the placement of fraud alerts by LifeLock.

The fact that LifeLock members do fall victim to identity theft should not be surprising. Fraud alerts do not prevent an identity thief from co-opting and using one of your credit cards. They also don't prevent someone from using your social security number to work. They further don't prevent thieves from signing up for utilities of telecommunications services using your identity. And they don't stop someone from using your personal information to get access to health care services.

Fraud alerts also don't prevent inquires for credit from showing up on a victims credit report. These "little dings" can have a detrimental effect on an person's credit score. Fraud alerts do have their place in dealing with a threat to your financial identity, but they are not a silver bullet and certainly are not a guarantee that individuals won't fall victim to identity theft.

The Indirect Costs of a Data Breach

2008-02-11T15:35:00.000-08:00

by Doug Pollack

A recently published article in E-Commerce Times concerning the costs of corporate data breaches titled The Cost of ID Theft, Part 2: Fixing the System written by Andrew Burger, highlights the staggering economic impact of the increasing number of data breaches by America's corporations.

The article notes a statistic from the Ponemon Institute that pegs the average cost of a data breach at $197 per record compromised.

"The stakes are already quite high when it comes to data loss: According to Gartner and the Ponemon Institute, the loss of a single record -- not financial fraud -- is around (US)$197. If you take the extremely conservative estimate from the same research that said that in 2007, 127 million records were lost, you get around $25 billion in direct losses noted Uriel Maimon, senior researcher for security firm RSA."

Ponemon further explores these costs, finding that around two-thirds of the cost of the data breach is associated with the loss of customers or reduction of corporate reputation.

"The cost of lost business is likely to be larger and more significant than actual cash losses and expenses related to remediation, however. The average customer churn for businesses surveyed that had suffered a breach was 2.67 percent, noted Kevin Bocek, director of product marketing for encryption firm PGP."

With this in mind, companies should plan as part of their data breach response plans to explicitly focus on elements of their response that will engender customer goodwill. While this may seem difficult to achieve in such circumstances, every opportunity to reach out and touch your customers creates an opportunity to increase retention and brand loyalty.

Are You Well Protected?

2008-01-25T16:28:00.000-08:00

by Doug Pollack

As we look forward to what is in store for us in 2008, The Identity Theft Resource Center is projecting an increase in both the number of security breaches and incidents of identity theft.

With this as a backdrop, we've developed a set of recommendations for people to protect themselves. As part of our ID Self-Defense Academy, a component of our subscription services member website, this Self-Defense Checklist includes both common sense suggestions that you are likely to be familiar with, as well as others that are new this year given the evolution in the use of the internet and computers in identity theft.

Some of the items you may not have thought about include using a "wipe" utility on your computer hard drive to make sure all of your information is permanently erased before disposing of the computer, and checking the annual earnings statement that you receive each year from the social security administration for any discrepancies in earnings or work history.

The complete checklist follows.

Self-defense Checklist

Protect Yourself At Home

Switch to a mailbox with a lock.
When you're away from home, place a hold on your mail (online at www.usps.com or with a Hold Mail form at the post office).
Use a cross-cut shredder to shred documents containing financial or other personal information.
Secure important documents in a safety deposit box or a fire-proof safe hidden at home.
Stop newspaper delivery and garbage service if you're leaving town.
Set up lights on timers to make your home look occupied when you're away.
Have a neighbor you trust keep an eye on your home, and leave a number where you can be reached.
Immediately notify the post office and anyone you do business with if you change your address.
Place outgoing mail in a post office mail slot or hand it to a postal worker instead of leaving it at your home mailbox for pick-up.
Review your credit card, bank account, and cell phone statements regularly to make sure there are no unauthorized charges.

Protect Your Computer and Internet Access

Protect your computer with a password.
Never provide personal information in response to an unsolicited e-mail.
Avoid viruses and other scams by frequently updating your browser and e-mail software.
Use and regularly update your firewall and anti-virus/anti-spyware software.
Change your passwords often, and use letter and number combinations that are difficult to guess.
Never have your computer remember your password.
Don't respond to instant messaging from unfamiliar users, and avoid instant message offers.
To ensure the authenticity of e-mail requests for personal information, type the company's Web site URL directly into your browser instead of clicking on a link in the e-mail. (The real destination of the link may be different than the URL that you see.)
Don't ever send personal or financial information via e-mail.
Don't open e-mail attachments or download files from strangers.
Before doing business with any company, ask for and verify its name, street address, and phone number.
Choose an Internet Service Provider and browser that use filtering software to limit spam in your e-mail inbox.
Never respond to email asking for your help in getting money out of a foreign country.
Encrypt your wireless network as soon as you set it up.
When using Ebay, Craigslist, or other sites linking buyers and sellers, use PayPal for transactions. Don't ever wire money via wire service, and don't accept cashier checks or money orders, as these can be forged.
Review your credit card, bank account, and cell phone statements regularly to make sure there are no unauthorized charges.

Protect Yourself On the Road

Carry only the credit cards and checks you absolutely need when traveling.
Keep identification and credit cards in a secure wallet or purse on your person (and out of pickpockets' reach) where you can keep an eye on them.
Make photocopies of the fronts and backs of your credit cards, driver's license, and passport and store the copies someplace other than your wallet in case of theft.
Program the toll-free numbers for your credit card companies into your mobile phone in case of theft.
Never leave valuables, phones, receipts, or other papers containing financial or personal information in your car, even if it is locked (and always lock it).
Keep receipts in a safe place until you can cross-shred or safely store them at home.
Always keep your mobile phone in a secure place on your person to avoid losing it. Activate the lock feature when it's not in use so that it can't be used and any stored information can't be accessed if it is stolen.
If you must discuss personal or financial information over the phone, do so in your hotel room or another private place where you won't be overheard.
Avoid downloading attachments from your e-mail account onto a computer other than your own. Erase your browsing history and discard any personal files in the computer's trash or recycling bin, then empty it before logging off.
Never enter or access personal information from a public-access computer or one in a hotel business center, as these can be fitted with hard-to-see key loggers that record your information.
Be sure to eject any personal CDs, DVDs, or jump drives at the end of a session on a computer that isn't your own.
Especially after you travel, dealing with merchants you don't know, remember to review your credit card, bank account, and cell phone statements regularly to make sure there are no unauthorized charges.

Data Breaches Reach Record Levels in 2007

2008-01-08T10:04:00.001-08:00

by Doug Pollack

According to a December 30, 2007 AP article written by Mark Jewell, the trend in data breaches continues on the upswing. He reported that:

"The loss or theft of personal data such as credit card and Social Security numbers soared to unprecedented levels in 2007, and the trend isn't expected to turn around anytime soon as hackers stay a step ahead of security and laptops disappear with sensitive information."

This of course is bad news for consumers who have also experienced meteoric rates of identity theft in 2007. It has been estimated that over 9MM US citizens fell victim to identity theft in 2007. If you're counting, this averages out to one every three seconds. And the growing adoption of new technologies such as wireless internet and devices by businesses and consumers, provides new ways for technically-savvy criminals to circumvent data security measures.

"With wireless data transmission more common, hackers increasingly are expected to target what many experts see as a major vulnerability. Eavesdroppers appear to be learning how to bypass security safeguards faster than ever, said Jay Tumas, the head of Harvard University's network operations, at a recent conference for information security professionals."

Research Groups estimate that between 50MM and 80MM records of personal information were breached during 2007. These breaches were caused both by hackers whose intent is to steal and exploit this personal data, as well as by unintentional human error such as in the loss or misplacement of a laptop computer with sensitive personal data residing on its hard drive.

Predictions by industry groups suggest that breach numbers reported will continue to rise given a growing trend requiring disclosure of breaches and notification of affected individuals by organizations that experience a data breach.

ID Theft During the Holiday Season

2007-12-11T10:40:00.000-08:00

by Doug Pollack

Unfortunately, ID thieves don't take time off during the holidays. Because people are out and shopping (or on the web and shopping) more actively during December, there is an even greater risk of identity theft.

Christine Arevalo, an ID theft expert and head of data breach services at ID Safeguards, discusses ID theft during a recent edition of AM Northwest.

When shopping online during the holidays, remember to look for the "lock" icon and "https:" address in your browser when entering your credit card or other personal information. Also, she suggests that you dedicate just one credit card for your online purchases in order to make it easier to keep track of the charges in January. And never use a debit card for online buying since it directly accesses your checking account funds.

The Bad Check Boomerang

2007-12-04T13:06:00.000-08:00

By: D. Jones, Recovery Advocate

Have you recently received a collection notice in the mail and don’t know why? Collection notices can be for outstanding balances on credit cards or for outstanding, uncollected checks. Those pesky notices are one of the main ways the average consumer discovers the theft of their identity.

When a check has been written, whether a forgery (signing a name that isn’t yours) or a counterfeit check (a false check created with accurate or completely inaccurate information or a mixture of both) it goes through a few steps before its final destination.

Ever notice those little machines or attachments to the register that scan your check when you present it to the merchant? Those are usually linked to larger check verification companies. The four major ones are: Telecheck, CheckRite, SCAN/ChexSystems and Certegy. The system used either denies or accepts the check and the merchant goes from there.

If the check is denied, it means there is a check collection or an alert out with the particular bureau the merchant uses. The merchant will often give the consumer a card with contact info for the bureau used. However, if the check clears, either the name, driver’s license number or checking account information is not on file with the bureau as being in “negative status”. When a check is verified as “no negative status” it doesn’t mean the check is good – it means there is no record of the check being bad. Not as easy as it sounds.

Back to those check collection notices in the mail – if you've received one it means your personal information (bank info, name, driver’s license number) was used to write a check to a merchant.

If the information used was your account info, you notice unauthorized debits exiting your checking account and alert the bank. If it does not belong to your bank, and here’s the frightening part, you may not know about it for a while.

Once the check doesn’t clear it goes back to the merchant to collect the amount. Often they use those same verification bureaus to collect for them and record the information as “negative” which means the victim is unable to present checks validly – another way a victim discovers the theft of their identity. Enter the appearance of the check collection notice in the mail.

Remember that frightening delay mentioned earlier? If incorrect address or fake address information was used the notice may not get back to you for some time, and identity thieves count on this delay to utilize the checks as long as they can.

Thieves obtain our info through various illegal methods including mail theft, purse/wallet theft, dumpster diving, or corporate breach compromise and black market dealings.

Sometimes the victim attempts to resolve the situation themselves but the collection notices can often be the tip of a very nasty iceberg. We’ve all heard about collection bureaus and their practices - dealing with these guys can run the gamut from irritating to abusive. So if you ever get one of those notices call the check collection bureau and ask them to provide verification of the debt – it’s your legal right!

Credit Union Customers Targeted with Latest Scam

2007-12-04T11:00:00.000-08:00

by Heather Wells (Recovery Advocate)

What could be worse than having your bank account or good credit history hijacked around the holidays? Picture yourself at the register attempting to pay for gifts using your debit card and being told that there are insufficient funds in your account. Or imagine checking your credit reports only to discover dozens of new maxed out lines of credit that you did not know about.

The identity thieves are getting increasingly clever with their scams. They have realized that consumers are becoming less willing to respond to “phishing” emails that direct them to decoy websites asking for personal banking information or a social security number. Most folks delete these sorts of emails suspecting foul play, which is the smart thing to do. The newer version of this phishing scam is known as “vishing,” or “voice phishing.”

An article from consumeraffairs.com dated December 3, 2007 states that “sophisticated criminals now send emails instructing consumers to call a telephone number instead of clicking on a link. This tactic, known as ‘vishing’ can be especially effective because consumers who encounter a live person are much more likely to let down their guard.”

Read more from the article and view a recently circulated vishing email here.

Consumers who receive one of these bogus emails should contact their credit union directly by using the phone number on their monthly statement or by obtaining the number from the financial institution’s official website. It’s also a good idea to report this scam to the Federal Trade Commission at http://www.ftc.gov/.

The Missing Ingredient in Most ID Theft Services. Personal Help.

2007-11-16T15:55:00.000-08:00

by Doug Pollack

There has been a great deal of attention recently paid to the actions by credit bureaus enabling consumers to use credit freezes as a tool to avoid or deal with identity theft events.

In a recent New York Times article titled "In ID Theft, Some Victims See Opportunity", the author highlights several companies, like ours, that provide ID theft protection services. Several of these companies see the use of credit freezes and credit fraud alerts as a panacea for eliminating the threat of identity theft. This is a position that we do not subscribe to. We believe strongly in encouraging consumers to use all appropriate best practices to avoid identity theft, and we provide a product, FraudStop, that provides broader prevention from ID theft by addressing not just credit records, but also other records including real estate, motor vehicles, utilities and the like, all of which can be used by identity thieves.

"Among its peers, LifeLock has attracted the most attention--much of it negative. In radio and television ads, Todd Davis, chief executive of LifeLock, gives out his Social Security number to demonstrate his faith in the service. As a result, he has been hit with repeated identity theft attacks, including one successful effort this summer in which a check-cashing firm gave out a $500 loan to a Texas fraudster without ever checking Davis' credit report. Last summer, The Phoenix New Times, an Arizona paper, reported that LifeLock's co-founder, Robert Maynard, had a criminal past. Maynard later resigned."

But despite the best protection, ID theft does and will occur. Which is why the consumer is best served by a company that can provide them with an expert to handle any identity theft issues. Which is what we do with our staff of personal recovery advocates. Most identity theft protection services companies do not provide recovery services. They do not have teams of trained professionals. They do not see this as important. We obviously do. And so do the over 2.5 million people that rely on our recovery services.

Among other things, the author highlights that identity theft services whose only value is in setting fraud alerts or credit freezes for consumer, are vulnerable to potential legislation.

"[This] business [specifically mentioned were LifeLock, TrustedID, and Debix] is vulnerable if Congress succeeds in pressuring the three major credit agencies to make these theft-fighting measures cheaper and more accessible to consumers. Sen. Charles Schumer, Democrat of New York, criticized the credit companies last month for making identity theft freezes too cumbersome to set and lift. Each of the three credit agencies recently bowed to public pressure and made freezes available in all 50 states."

But this article is silent on the consumer need for professional ID theft recovery services. It is projected that over 10MM people in the US will fall victim to identity theft in 2008. Identity theft protection services such as ours, and those provided by others in this space, will help in turning this trend. But consumers should be told the truth. There isn't a silver bullet that will guarantee that you won't become a victim of identity theft. ID thieves are using increasingly more sophisticated means to steal from you. Which is why if you opt for an identity theft protection service, it should include expert, professional, personal recovery assistance.

Experian, Equifax and TransUnion Offer Credit Freeze to All Consumers

2007-11-12T18:10:00.000-08:00

by Heather Wells (Recovery Advocate)

Starting this month, all consumers will be able to place a “security freeze” with the three major credit reporting agencies. This press release sent on October 31, 2007 details who is eligible to freeze their credit files for free and which folks may need to pay fees to each of the credit bureaus for this service. These fees are for "freezing" and "thawing" your credit files.

Before November 1st of this year, there were 39 states (and DC) that had laws on the books stating that their residents could freeze their credit files. Some other states had adopted freeze laws that applied to victims of identity theft only. With this new law, everyone is eligible, whether they are victims of identity theft or not.

A security freeze (a.k.a. credit freeze) prevents creditors and other entities from viewing your credit report without your express permission. When you apply for credit with a freeze in place, you must use a PIN provided by the bureaus to temporarily lift the freeze. The temporary lift lasts 2-3 days and the entire process adds a few extra days to the application process. The freeze is in place indefinitely until you decide to permanently lift it. Much has been written about the benefits and drawbacks of the freeze. If you are thinking about placing a security freeze, be sure to take into consideration all of the negative consequences as well as the positive.

For example, with a freeze in place, you may be denied employment because your potential employer is unable to conduct a background check. I have personally worked with victims of identity theft who were unable to purchase a new car at a "super sale" rate because they did not time the "thawing" of their credit files just right. On the other hand, there are many id theft victims who enjoy the peace of mind that the freeze offers them, and are more than willing to put up with any potential inconveniences or out-of-pocket expenses.

The three credit bureaus have more information on security freezes at their websites, www.experian.com, www.transunion.com and www.equifax.com.

Warning: Be on High Alert for Fake FTC Email Containing Virus

2007-10-31T08:25:00.000-07:00

by Heather Wells (Recovery Advocate)

An online article from Reuters dated October 29, 2007, details the latest alarming scam aimed at the unsuspecting public. Reuters reports that an unknown number of consumers may have received a bogus email that appears as though it was sent by the Federal Trade Commission (FTC). The emails are not from the FTC and are instead designed to lure an innocent victim to click on attachments and links that could leave them vulnerable to Identity Theft.

“'The e-mail says it is from ‘frauddep@ftc.gov’ and has the FTC's government seal. But it was not issued by the agency and has attachments and links that will download a virus that could steal passwords and account numbers, the agency said.

'It's a treasure trove for identity theft," said David Torok of the FTC's Bureau of Consumer Protection. ‘We're concerned. The virus that's attached to the e-mail is particularly virulent.’”

Unfortunately, this isn’t the first time the Federal Trade Commission has had to issue a warning regarding bogus emails. In June of 2007, consumers were also under attack from fraudulent emails that looked like legitimate correspondence from the FTC.

The Federal Trade Commission is encouraging consumers to forward the email to spam@uce.gov, an FTC database, for investigation and then to delete the email. For more official information and instructions, go to the FTC website.

Synthetic ID Theft

2007-10-30T16:06:00.000-07:00

by Doug Pollack

The Wall Street Journal this week published an article on synthetic identity theft titled "The Borrower Who Never Was" (Christoper Conkey, October 29, 2007).

It describes how an identity thief named James Rose would create synthetic identities, those that appear real on paper, but were actually used by him in order to trick financial institutions into making loans or issuing credit cards.

"Working with a partner, Mr. Rose tricked the guardians of the credit system -- lenders and the three big credit bureaus -- into treating his fake identities as if they were real, creditworthy consumers. He obtained several hundred credit cards in the names of Mr. Gregory and as many as 500 other fake personas over two years, filching around $750,000 over a two-year period."

Unlike more common identity theft, synthetic identities are used primarily to defraud financial institutions without affecting individuals. Mr. Rose noted that their goal was to "make a lot of money without actually hurting people."

Despite protestations to the contrary, some feel credit bureaus aren't doing enough to deter identity theft. In the case of synthetic identity theft, it is the knowledge of credit bureau procedures that enable criminals to create and exploit synthetic identities. Evan Hendricks, editor of Privacy Times, notes that "the credit bureaus are at the epicenter of identity theft and there's no pressure at this point to force them to make changes."

Business breaches a source of identity fraud

2007-10-23T14:45:00.000-07:00

by Doug Pollack

A recently federally funded study on identity fraud by Utica College's Center for Identity Management and Information Protection "paints a complex portrait of the signature crime of the digital age, one that has been the top consumer fraud complaint to federal authorities for six consecutive years."

As described in a recent article titled In Many Major Cases ID Theft isn't Personal (Joseph Menn, LA Times-Washington Post, 10-22-07), this study challenges a widely held perception that a majority of identity theft cases occur with people that are known to the victim.

Based on 500 individuals arrested by the US Secret Service over the last several years, only 8% were relatives of or acquainted with their victims. The most common tool for identity theft based on this study was any of a variety of technology devices, including credit card encoders, computer printers and telephones, which contributed to 37% of the cases.

This study further reinforces the need for individuals to be very careful with their personal information, and how and when and to whom they disclose it, but also highlights that identity theft can occur even to those people that are consummately careful.

Clark Howard on ID Theft Services

2007-10-18T09:29:00.000-07:00

by Doug Pollack

I've been a long time listener of Clark Howard. It is hard not to appreciate the solid advice on how to save money and not "get ripped off".

With the expansion of competing services targeted at consumers to protect from identity theft, it can be difficult knowing who to trust or what criteria to use in selecting a service. He has commented extensively on identity theft, and provided the following advice to his listeners:

"Clark gets tons of calls about identity theft. It has remained a real aggravation for people, especially when they have been a victim. ...The only time he would recommend paying for a service is if a human being comes with the deal, and that person is going to clean up your credit for you. "

After 4 years in the ID theft protection business, ID Safeguards launched a new consumer identity theft protection service earlier this week called FraudStop. FraudStop is distinctive in that it provides exactly this kind of personal service to victims of identity theft. The company has a team of experienced "recovery advocates" that, if a FraudStop member falls victim to identity theft, will personally take on their case and do everything necessary on their behalf to restore them to pre-theft condition.

While I realize that Clark Howard doesn't endorse products, which is part of his appeal, I am pleased that the FraudStop offering from ID Safeguards is in alignment with the advice that he gives to his listeners.

ID Thieves Steal Medical Services, Cause More Pain

2007-10-13T08:36:00.000-07:00

by Rick Kam

In an article written by Victoria E. Knight on October 11, 2007 in the Wall Street Journal, Escalating Healthcare Costs Fuel Medical ID theft, Victoria explains:

"One of the biggest threats posed by medical identity theft is that victims can receive the wrong medical treatment based on the fraudulent information in their medical records. (You are allergic to penicillin, the impostor isn't.) In addition, theft can cause victims to fail pre-employment medical exams or become uninsurable."

What is Medical ID Theft?

Medical identity theft is when someone uses your name and health insurance without your knowledge or consent to obtain medical treatment, prescription drugs or goods. At least a half-million Americans have been affected, according to Pam Dixon, Executive Director of the World Privacy Forum, a San Diego research group that focuses on privacy issues.

What can be done to protect yourself from Medical ID theft?

Like protecting yourself other forms of ID theft, we suggest being aware of potential misuse of your personal data. Check those explanation of benefits statements you get after visiting the doctor to make sure the medical services you received are accurate, and that you were the one that received them.

There are new identity monitoring solutions in the market that detect both financial and non-financial fraud (i.e. medical ID Theft). Credit monitoring is not effective in detecting this issue or many other issues involving non-financial crimes.

Would You Notice $400,000 Missing From Your Checking Account?

2007-10-09T17:30:00.000-07:00

by Rick Kam

In an article published in the New York Times by Sewell Chan on October 2, 2007, Chan reports that Mayor Bloomberg fell victim to Identity Theft.

"In early June, Mr. Bostic deposited a $190,000 forged check into the Sovereign account and a $230,000 forged check into PNC account, according to prosecutors. Both of the forged checks were drawn on Mr. Bloomberg’s personal account at the Bank of America and were issued in the name of the mayor’s financial manager, Geller & Company."

You might ask could this happen to me?

The answer is yes. There are many types of financial and non-financial ID theft. Credit card fraud and someone withdrawing money from your checking account happens a lot.

You might say, "I have a service that freezes my credit or automatically sets fraud alerts to guarantee against ID theft". The answer is, these solutions will prevent the issue that happened to Bloomberg - an ID thief stealing money being taken from his checking account.

There are new services on the horizon that monitor credit, checking, and other forms of financial and non-financial personal data to detect misuse of your information and provide 360 degree protection. You will see these new services become available in the market and be more effective, but cost roughly what consumers pay today for less effective solutions. More on this in a future post....

Gap Reports Theft of Laptop Containing Personal Information

2007-10-03T16:26:00.000-07:00

by Heather Wells (Recovery Advocate)

800,000 applicants for employment with the Gap may have had their personal information compromised, according to a September 29, 2007 article in SFGate.com written by Carolyn Said.

“The San Francisco retailer on Friday reported the theft of a laptop containing unencrypted personal information for 800,000 job applicants. The data, stolen from the offices of a third-party vendor, covered job seekers in the United States, Canada and Puerto Rico who applied online or by phone between July 2006 and June 2007. Most of the applicants were seeking jobs at Old Navy, although some applied for jobs at Gap, Banana Republic and Outlet stores."

A majority of people think that it’s required to put their social security number, date of birth, and other personal data on an application for employment or on a resume. This is a common misperception that makes job applicants extremely vulnerable to Identity Theft. So, what are some items that DO NOT belong on a resume or job application?

1) Your Social Security Number
2) Date of Birth
3) Driver’s License Number

If a company requests any of this information simply write “see below” and then add a note at the bottom of the application stating that you would “be happy to give this information during the interview process.” Explain to your potential employer that you are simply protecting yourself from the threat of Identity Theft.

In general, employers do not make a hiring decision based solely on looking at an application or resume and they do not need this info unless they are truly interested in hiring you. The same goes applying for a job over the phone. Explain to the person taking down your name and work experience that you don't feel comfortable giving up so many other personal details on the telephone. You never know where your information could end up, on an unsecured computer or desktop, in a trashcan, or even worse, in the hands of an id thief!

Lose Your Customer or Employee Data?

2007-09-28T15:39:00.000-07:00

by Rick Kam

Eric McNulty authored a Harvard Business Review case study September 2007 called "Boss, I Think Someone Stole Our Customer Data".

In this HBR case study, McNulty illustrates how a small business called Flayton Electronics learns that the security of its customer data has been compromised—and faces tough decisions about what to do next.

90% of organizations lose or have customer data stolen each year (see related blog). If you are one of the 65 million business in America and have this happen to you, how would you respond?

The most important decision a CEO and/or Chief Security Officer will make is what to do once you find out this has happened to their organization.

Remain calm. Just because personal protected information may be lost or stolen doesn't mean that the information will be misused by perpetrators to commit ID theft of financial fraud. In many cases, the perpetrator was targeting the laptop to resell it to a pawn shop for a few bucks to buy drugs. But, you still have to act quickly to determine if the information was compromised and do a risk assessment of whether or not the information may cause harm if it were misused.

There are several questions you have to ask. Here are a few of the key questions:

1. was the information encrypted or not?
2. if it was encrypted, was the encryption key protected?
3. when did we discover the information was missing or stolen?
4. what information was lost (name, SSN, account numbers, etc.)
5. was there evidence to believe there was criminal intent?
6. did we contact law enforcement?
7. who knows about the issue?
8. how many records were compromised?

Once you have an initial assessment of the issue, you make a risk assessment, develop a risk mitigation plan, and implement your incident response plan. If all of these sound foreign to you, ask your privacy or compliance officer to do a review of your ability to respond to a data breach.

Credit Bureaus Offer Credit Freeze

2007-09-26T08:39:00.000-07:00

by Rick Kam

TransUnion and Equifax to offer credit freeze services according to a September 22, 2007 article in ConsumerAffairs.com by Martin Bosworth.

"offer consumers the ability to "freeze" their credit files in all 50 states in order to protect themselves against identity theft and fraud. The service will be available in the 11 states that do not already have credit-freeze laws, costing consumers $10 to set the freeze and $10 to unlock it, and will "meet or exceed the requirements" of states with existing freeze laws. The freeze service will be free to victims of identity theft, and is scheduled to roll out Oct. 15."

This means that you can instruct these two credit bureaus to freeze your credit making it more difficult for an ID thief to set up a new fraudulent credit card or take out a loan using your personal information. Experian is the other major credit bureau. They have not indicated whether or not they will also offer this service.

The question is whether or not this is a good solution to protect you from ID theft? There is a $10 cost to freeze and unfreeze your credit. If you are a victim of ID theft, the cost to freeze your credit is $0.

Our suggestion is to look at using this tool if you are a victim of ID theft versus a preventative measure. There are several reasons for this.

1. If you are a victim of ID theft, it can prevent more fraudulent accounts being set up by the thief

2. If you are not a victim of ID theft, this tool requires you to take an action each time you want to open a new credit line.

3. A credit freeze only protects you against credit fraud. There are many more ways ID theft can occur that this tool will not address including debit fraud, medical ID theft, criminal misuse of your ID etc.

The good news is there are new preventative tools entering the market that provide a 360 degree protection against all of these issues and provide better protection. These services scan both financial and non-financial data sources and do a much better job of protecting your identity. I will discuss more on this topic in future blogs.

Free Credit Reports?

2007-09-21T12:49:00.000-07:00

by Heather Wells (Recovery Advocate)

Everyone should check their credit reports at least once a year to make sure that all of the information contained in them is accurate and up to date. You should also check your reports for any information that is fraudulent, which could signal that you are the victim of Identity Theft. This includes accounts as well as personal information such as addresses and phone numbers.

There’s only one legitimate source where you can obtain your FREE credit reports and that’s http://www.annualcreditreport.com/. The law requires that each of the major credit reporting agencies-Equifax, Experian, and TransUnion-give you a copy of your credit report every year at no charge.

If you are ever online and are asked to enter a credit card number in order to obtain a copy of your credit report, DON’T DO IT. Many of the companies that advertise free credit reports and credit scores will enroll you in services that you don’t want or need. Cancelling these services once you’ve given over your billing information can be difficult or downright impossible.

So, before you give over your credit card number for something that is supposed to be “free,” don’t do it. Go to http://www.annualcreditreport.com/.

Share Your SSN with Anyone?

2007-09-17T18:13:00.000-07:00

by Rick Kam

When is it OK to give someone your SSN, if ever?

The answer is ...

NEVER give out your SSN to an organization or person you don't know.

There are only a few reasons organizations need your SSN. One is if you are applying for credit. Say, you walk into your local car dealer and decide to buy a new/used car. The dealer will ask you for a copy of your drivers license and will check your credit report to see if you are an able buyer.

Another good reason an organization will ask for your SSN is if you are applying for a job. The employer will do some background and credit checking depending on the position you are applying for. If you are not comfortable with the organization having your personal information to do this background check, you may want to reconsider working for them.

The other reason is to pay taxes. The IRS will require your SSN on your tax returns. Many of us may ask why the IRS needs your SSN? Well, it is so they can identify that you submitted and paid any taxes due. Unless you want the IRS coming after you, it is probably a good idea to provide your SSN on your return.

If others ask you for your SSN, make sure you ask why they need it and ask how they plan to protect and destroy the information once they are done with it. It is incumbent on organizations to protect your personal information, especially with recent privacy legislation (i.e. HIPAA or GLBA).

New Data Protection Bill in California

2007-09-10T09:21:00.000-07:00

by Rick Kam

K.C. Jones authored an article on September 7, 2007 in InformationWeek called "California Data Protection Bill Moves Forward".

Once the Bill is ratified it will provide several new consumer protections. The TJ Max issue, where 40+ million credit card numbers were lost/stolen is an example of where this legislation would apply.

"The bill would provide notice to consumers, telling them which retailers lost their credit or debit card information, and when the information was lost. It would require retailers responsible for data breaches to assume all costs of consumer notification and card replacement."

California has led the nation in several pieces of ID Theft legislation. I expect other States will also put consumer protections like this in place soon.

Can Sharing Music on the Web Expose You to ID Theft?

2007-09-10T08:52:00.000-07:00

by Rick Kam

According to Brian Koemer who authored an article on September 10, 2007 titled "Peer-to-Peer Networks Used to Steal Identities", the answer is YES!

"In what federal authorities are calling the first of its kind, the arrest of Gregory Thomas Kopiloff of Seattle, who allegedly used P2P Software to steal the personally identifiable information (PII) of at least 83 people."

How many of you use P2P file sharing software like Kazaa or LimeWire?

If you have teenagers in the house, are they using these tools to share their favorite songs with friends?

There is a good chance that one of your computers have this tools installed. If you do, Brian Koemer provides tips on how to protect yourself online. Besides, these tips from Brian, We also suggest the following:

1. Make sure your computer has the firewalls enabled. A firewall will help reduce the risk of someone getting unauthorized access to your computer. If you bought a computer recently, most will come out of the box with the firewalls enabled (i.e. Windows Vista or MAC OSX).

2. Scan your computer regularly for viruses. You can schedule this function to run every week or once a month when you are not using it.

3. Make sure you obtain files from known sources (i.e. iTunes). Many versions of music files exist on the web. You can tell they are different because the file sizes differ. Some of these variations are legitimate and accommodate for various media players. Others contain viruses and other malware.

If you suspect any issues with files, just don't put it on your computer...

Another One Bites The Dust: Warranty Hard Drive Replacement

2007-09-04T16:01:00.000-07:00

By: D. Jones, Recovery Advocate

Enjoying your computer but one or more of the drives bites the dust? Realizing that it’s still under warranty solves only half the problem. What happens to that old, dead drive once your warranty service visits your home to replace it? Worse yet, what about when you ship your computer to the manufacturer for them to replace the drive at their facility? Both of these scenarios can be rife with identity theft opportunities.

As noted in a recent post on whatsnextblog, it has been shown that hard drive replacement could lead to data compromise. Manufacturers are supposed to wipe the drives with an industrial magnet, a technique called “degaussing”, before resale or render them unusable but that often doesn’t happen the way it should. One of our recovery advocates recalls a Dell computer drive that failed. The system was under warranty so a contractor made a house call to replace the drive. She asked if she could keep the old drive for security reasons and was told it was Dell’s policy to return the used drive. Daunted, but secure in the fact that the drive was new and therefore free from sensitive information, she watched as the drive was taken from her computer and removed from her home. Who knows what happened after that point? Its common knowledge now that the drives are repaired and resold but what happens to the info stored on the drives?

The auto mechanic industry has learned to honor our right to the broken, damaged parts that are replaced – why not the computer technician field? If we’ve paid for it, we should be able to keep the old part or be assured that our information is removed or the drive destroyed so that others can’t access it. Dell now has a policy that allows the consumer to purchase the damaged drive for an additional fee. As the article in the link states, at the very least, new manufacturers should revisit current policy on replacing dead drives or perhaps current laws need to be restructured to ensure corporate protection of consumer privacy.

Gone in 4 Seconds

2007-09-03T12:31:00.000-07:00

by Rick Kam

Have you thought about how a perpetrator might steal your personal information? I came across this video called "Gone in Four Seconds." In this video, crooks prey on unsuspecting victims at a gas station, stealing their personal information while they are not looking.

Have you been a victim of ID theft? Share with our readers how this happened and any suggestions you have to help them avoid the crime.

90% of Businesses at Risk of Losing Your ID

2007-08-27T15:59:00.000-07:00

by Rick Kam

Should business be responsible for protecting your identity and paying to restore it if crooks misuse it? There is an article in InfoWorld dated July 16, 2007 that says 90 percent of businesses at risk of losing your personal information:

"A new report by the IT Policy Compliance Group finds that the vast majority of businesses do not meet data-handling regulations, increasing the risk of a data breach".

As of this posting, there are 36 States and existing Federal laws that require businesses to safeguard your personal information and notify you if they lose it. Essentially, if a business requires your personal information as a prerequisite to doing business with you, they are required to protect it. So, why are so many business not compliant with current legislation and unprepared to react if they have a data breach?

Security experts say the cost of securing a business from every potential threat is unrealistic. Good information security practices suggest protecting mission critical or high risk information. Unfortunately this means that many systems and information sources may be left at risk. This seems to be where most information crimes occur (i.e. stolen laptops, compromised employees, lost paper documentation, missing back up computer media, etc.). Privacy Rights Clearing House is a good resource for businesses and individuals on data breaches.

Individuals can take action by voicing their opinion, asking questions of the business they frequent, or voting where they spend their money. Several legislators including Senators Gordon Smith, Darlene Hooley, David Wu, and Representative Greg Walden are supporting legislation to require businesses do a better job at protecting personal information. Write your State legislators voicing your concern. The next time a business asks you for your social security number, ask them why they need it. If they do require it, ask them how they protect it. And remember, in most cases you have the final vote as to whether or not you do business with them (vote with your dollars).

Dave Ramsey on ID Theft Among College Students

2007-08-21T17:47:00.000-07:00

by Doug Pollack

Prominent talk show host Dave Ramsey discussed the prevalence of identity theft among college students in an interview earlier today on the CBS News Early Show.

He stated that:

"Identity thieves zero in on college students much of the time. They're deemed particularly vulnerable to ID theft, and people aged 18-29 make up the group most commonly victimized by it."

Strangely enough, young people might seem to have the least to lose from identity theft, which may be why they are specifically targeted, because that they don't feel vulnerable, they can be very cavalier with their personal information, and because they're consumed by school activities. Most college students not only haven't ever checked their credit reports, most of them probably don't even know what a credit report is (I know mine don't).

One of his listeners wrote to him saying:

"My third day at college, I applied for several credit cards on campus. Five years later, I found out that all my personal information was posted on a Web site. I had cars bought in my name and credit accounts across the country. A college student who ran one of the credit card booths was responsible for posting my information. Even though I now have a new Social Security number, I constantly have to monitor my credit reports. I have had to explain all of this to employers who run background checks on me. Those free T-shirts wound up costing me $150,000!"

Obviously, you're never too young to be careful with your personal information.

Counterfeiting for the 21st Century

2007-08-20T19:00:00.000-07:00

by Heather Wells (Recovery Advocate)

One of the most common forms of identity theft and fraud is what is known of as “skimming”. This method of stealing someone’s credit card or ATM card information by using a portable reader is easy to do and difficult to trace. It also can pay off big time for the id thief who chooses to steal using this method.

Skimming can happen to you anytime your credit/ATM card is out of your possession. Restaurants, gas stations, and bars are common places that a less than forthright employee can obtain all the information they need to make online purchases or create a copycat card. The out of sight id thief will also make sure to take note of the 3 digit security code on the back of the card.

Skimming can also happen at an ATM that has a skimming device affixed to the card slot. The device will pick up the information from the magnetic strip and store it for later use. A small camera is often used in conjunction with the skimmer to get the ATM users PIN so the id thief can drain the unsuspecting victim’s bank account later on.

The magnetic stripe readers go for around $200-$300 dollars on EBay last time I checked, (do a search for portable magnetic credit card reader to see for yourself). The mini ones are kind of cute, and come in various shades of gray, black, white, and tan.

So, what should you do to avoid being “skimmed?” Obviously we can’t follow employees around and look over their shoulder when we hand off our credit card for payment. Just be AWARE of your surroundings. Making sure that your ATM transactions are secure and that there is not a device attached to the card slot is a start. But really, the best defense in this situation is a good offense. Check your credit card and bank statements as regularly as you can. If you see any transactions that you are not responsible for, let the company or bank know RIGHT AWAY.

The Fair Credit Billing Act (FCBA) limits consumer liability for unauthorized or fraudulent charges on credit cards, with a liability limit of $50.00 per card. The Electronic Fund Transfer Act (EFTA) that provides consumer protection states that if the loss or unauthorized ATM/debit card transaction is reported within two (2) business days, the consumer’s liability for losses is limited to $50.00.

If reported quickly, your bank should refund the entire amount. If they don’t, or try to hassle you, be firm with them and escalate the situation to a manager or branch manager if that’s what it takes. They should also assign you a new debit card number and PIN. If your credit card company gives you a hard time, ask to speak with someone in the fraud department and request an affidavit/affirmation to sign and deny responsibility for all fraudulent charges. They should close your existing account and open a new one with a new account number. You also should notify your local police department to report the incident. This will help to protect your rights as a victim in case the situation escalates.

More ID Theft Protection Offered By State of Ohio

2007-08-20T17:46:00.000-07:00

by Rick Kam

On July 24, 2007 the State of Ohio announces additional identity theft protection offered to help hearing impaired.

"The Ohio Department of Administrative Services announced Tuesday that it has contracted with Identity Safeguards, a respected national leader in identity protection and restoration services, to provide a one-year membership to the deaf community affected by the recent theft of a state accounting and financial system backup tape."

Over 350 institutions have been in the news since ChoicePoint went public with their data breach in February 2005. Many public and private organizations have to comply with recent privacy notification laws. 36 States have enacted similar legislation today that require an organization to notify affected individuals if information they lose or is stolen may be misused. State and Federal legislators struggle with whether it is better to notify or not.

On side of the argument says that people will become complacent if they receive lots of notification letters -- "over notification". For example, if you are a VA, accountant, and have a B of A account, you could have received three notification letters last year. The other side says, it is better for you to know what happened so that you can assess your risk and take appropriate action to protect your identity. This is what we believe is most appropriate.

What do you think? Vote.

Connection between Cyber Terror and ID Theft?

2007-08-17T10:44:00.000-07:00

by Rick Kam

Is there a connection between Cyber Terror and ID Theft? According to a July 5, 2007 article by MSNBC, the answer is yes.

"Authorities say the terrorists used phishing e-mails to trick recipients into divulging personal information, thereby making Westerners unwitting donors to al-Qaeda."

We have seen trends during the past two years where more and more identity theft victims fall prey to organized crime and potentially cyber terrorist. What does this mean for the average American looking to protect themselves from this new emerging form of identity theft?

The good news is you can still take proactive steps to reduce your risk of falling victim to identity theft. It doesn't necessarily matter who is trying to steal your personal information -- meth gang, organized crime unit, or cyber terrorist. They all use similar techniques and methods to steal your ID.

I do believe it is more difficult to recover from some of these more complex identity theft crimes where your personal information is used not only to generate cash for illegal purposes, but to impersonate you, or use your identity to commit a crime. It is more difficult to clear your good name if you are accused of crime (i.e. being a sexual predator) or have crimes your "cyber double" has committed associated with your criminal records in National and State law enforcement databases.

The best situation is avoid falling victim in the first place by taking steps to reduce your risk. If you do fall victim to one of these complex ID theft, get professional help to resolve it quickly and effectively.

Support for the Illinois Troops

2007-08-17T09:19:00.000-07:00

by Heather Wells (Recovery Advocate)

This month, Governor Rod Blagojevich of Illinois signed a bill that will increase penalties for identity theft committed against members of the military who reside in Illinois and are serving abroad. House Bill 1236 is sponsored by State Representative Jil Tracy and State Senator John O. Jones.

This bill increases the penalties for identity theft by one class if the Illinois victim is an active duty member of the armed services, reserve forces of the US or of the Illinois National Guard serving in a foreign country. Each identity theft offense increases the penalty by one class. This new bill goes into affect on January 1st 2008.

Military personnel serving overseas are often victims or potential victims of identity theft. Thieves target service members when they have been deployed because it is harder for them to monitor their finances. Recently, a marine from Iowa had his good credit ruined by an identity thief while he was stationed in Iraq. According to this news story, the marine returned to the States and was turned down for a VA home loan.

Stories like this are extremely disheartening, but there is something that can be done for military personnel to decrease their chances of becoming victims of identity theft. It is advisable that all deployed military personnel place an “active duty” alert on their credit files to decrease the chances of their social security number being used fraudulently. This special alert is good for one year, as opposed to the 90-day initial alert available to all consumers. Both of these types of alerts are free and easy to place.

To place an “active duty” alert, or to have it removed, call one of the three credit bureaus (Equifax, TransUnion, Experian) and follow the appropriate voice prompts. Individuals will need to provide personal information including social security number, date of birth, address, and a phone number for notification purposes. The phone number provided to the bureaus will be the one a business may use for verification purposes if someone tries to apply for an account. A personal representative of the individual in the military may place or remove the alert.

Equifax: 1-800-525-6285; http://www.equifax.com/
Experian: 1-888-EXPERIAN (397-3742); http://www.experian.com/
TransUnion: 1-800-680-7289; http://www.transunion.com/

Contact only one of the three credit bureaus to place an alert – that bureau is required to contact the other two bureaus, who will also place fraud alerts on their files. If the contact information changes before the alert expires, remember to update it.

Force an Identity Thief to Confess or Not?

2007-08-15T08:19:00.000-07:00

by Rick Kam

In a July 26, 2007 article titled Dumb, dumber and Davis, InfoWorld's Robert X. Cringely points out the drawback of forcing an ID thief to confess to a crime using coercion. The story notes that Todd Davis, CEO of LifeLock, would put his social security number on company web sites and in advertising (see related post on why this is not a good idea). Turns out he fell victim to ID theft.

"After authorities identified the man who misappropriated Davis's identity, the idiot sent employees to the guy's house with a typed confession and a video camera. Yes, they got the confession they sought. And then the local DA dropped the case, because that confession would never stand up in court."

Replacing your computer hard drive? A few precautions…

2007-08-13T09:39:00.000-07:00

By: D. Jones, Recovery Advocate

Tired of that old computer and ready to get a bigger, better, faster model? Let’s face it, we all use computers and most households have at least one. The way current technology moves so quickly our systems are outdated by the time we finish paying them off. If you’re thinking of purchasing a new computer or trading one in here are a few things to consider:

Back up all your data from the old system and then wipe the drive

Purchase a drive wiper program that removes all sensitive data from your hard drive and gets it ready for it’s new owner

Purchase software that transfers data from your old computer to your new one

Maybe you remember hearing the story, a while back, about the cell phone users that bumped up to a new plan and changed phones. All of those phones were supposed to be wiped before resale but some of them were not, leaving the previous owner’s personal information in the hands of the new owner. Or perhaps you heard about the more recent snafu with Loyola University where a computer containing SSNs of 5800 students was scrapped. You guessed it - the computer's hard drive wasn't erased.

Keeping these precautions in mind when buying a new computer can really help protect your information from falling into the hands of identity thieves.

Go Green--Opt-Out from receiving Pre-Approved offers of credit

2007-08-08T11:17:00.000-07:00

by Heather Wells (Recovery Advocate)

What do you do with all of those pre-approved offers from Capital One, Chase, and Citibank that you receive in the mail everyday? All of those tempting offers for shiny new credit cards…. Well, if you’re lucky, you actually see them and they didn’t get stolen from your mailbox by an ID thief and turned into actual lines of credit. Identity thieves often wander through neighborhoods looking for unattended mailboxes where they can easily find a treasure trove of people’s personal information. If the thieves intercept some pre-approved credit offers they can spend the rest of their time wandering through a shopping mall (at the expense of your good name and credit).

Check out this video from a local Colorado news report:

But there’s another reason besides ID Theft that those pre-approved offers of credit are bad for all of us. According the US Postal Department, over 1 million pieces of standard mail (bulk-advertisements) were processed last year alone. That’s a lot of junk mail!! That’s a lot of trees, too!!

To opt-out of receiving offers of credit in the mail for five years call 1-888-5OPTOUT (1-888-567-8688). It will take about 5 minutes of your time to do it. You will be asked to provide your Social Security Number and other identifying personal information. When calling, you will also be given the option to opt-out permanently or to opt-in (if you are so inclined). Even though your request becomes effective within five days, you may not see an immediate reduction in the amount of offers you receive. This is because your name may have already been provided to some companies that have not yet mailed their offers to you. If you continue to see the offers pour in even after several months, call and opt-out again. I would recommend calling to opt-out rather than doing it online for security reasons. It will reduce your chances of ending up at a fake website set up in order to obtain your personal information and use it for fraudulent purposes.

So, go green AND reduce your risk of becoming a victim of Identity Theft by making one simple phone call to 1-888-5OPTOUT.

Costly Free Credit Reports

2007-07-25T16:14:00.000-07:00

By Heather Wells (Recovery Advocate)

Do an online search for “free credit report” and you’ll end up with a dozen or more websites promising online credit reports (and often credit scores) for FREE. Most of these companies even have the word “free” in their name, but don’t be fooled, there’s nothing FREE about their services. Many will entice people to sign up for a product that comes with strings attached. Most will request a credit card number to enroll and then will charge you if you do not cancel the service within a specific grace period.

A recent post (July 24, 2007) on the blogsite The Red Tape Chronicles written by Bob Sullivan explains that “one site, for instance, requires enrollment in pricey credit monitoring service, which can only be canceled online after precisely 23 days. Another automatically enrolls users in a discount travel service. And some hint that the real free credit report site established by Congress -- AnnualCreditReport.com -- isn’t all it’s cracked up to be.” He goes on to say that many of these sites actually can be traced back to the credit bureaus either directly or by affiliation.

There’s only one legitimate source where you can obtain your FREE credit reports and that’s http://www.annualcreditreport.com/. The law requires that each of the major credit reporting agencies-Equifax, Experian, and TransUnion-give you a copy of your credit report every year at no charge. This law was passed as part of the Fair and Accurate Credit Transactions Act (FACTA) and was a real milestone for consumer rights.

Increased consumer awareness and knowledge is a good thing. It’s a positive sign that more folks are interested in what’s being reported in their credit files. Everyone should check their credit reports at least once a year to make sure that all of the information contained in them is accurate and up to date. You should also check your reports for any information that is fraudulent, which could signal that you are the victim of Identity Theft. This includes accounts as well as personal information such as addresses and phone numbers.

So, before you give over your credit card number for something that is supposed to be “free,” don’t do it. Go to http://www.annualcreditreport.com/.

Freezing your Credit Report not a Panacea

2007-07-24T15:06:00.000-07:00

by Doug Pollack

This week Terri Cullen of the Wall Street Journal (July 18, 2007) reported on how to use your credit report to protect against identity theft.

The article includes a lot of useful information on how to "interpret" your credit report and how to correct errors in your credit report. But it also touches on the option that is available in some number of states of "freezing" your credit report.

"As an additional barrier to identity theft, several states allow consumers to issue a "freeze" on their credit reports, meaning that the credit bureau cannot release your credit report to anyone without your approval. Very few lenders are willing to extend credit without seeing a copy of an applicant's credit report, so the freeze generally stops an identity thief from using your information to obtain a loan. If you live in a state that requires a credit bureau to honor your request for a freeze, you still have to initiate the freeze with each credit bureau independently."

While the idea of freezing your credit sounds like a failsafe way to avert identity theft, unfortunately this isn't the case. Identity thieves have become very clever and found ways to misappropriate your identity even with a frozen credit report. There are also a number of "inconveniences" that come into play when you choose to freeze your credit. As Mr. Cullen goes on to state:

"First, it's probably going to cost you unless you've already been a victim of identity fraud. Florida, for instance, allows a credit bureau to assess a $10 fee to place, temporarily lift or permanently remove a credit freeze. And you'll be incurring that fee each time you want to apply for new credit. It also takes a few days to get the freeze temporarily lifted, so no more impulse purchases using a retailer's offer of discounts in exchange for signing up for the store's revolving charge card. And there's the inconvenience of keeping track of the PIN that the credit bureau issues you when you first place the freeze. You'll need that PIN each time you want to lift the freeze."

And while a credit freeze can help keep an identity thief from opening most new accounts in your name, it’s not a means of protection from all types of identity theft. It will not protect you, for example, from an identity thief who uses your existing credit cards or other accounts. There are also new accounts, such as telephone, wireless, and bank accounts, which an ID thief can open without a credit check. In addition, some creditors might open an account without first getting your credit report. And if there’s identity theft already going on when you place the credit freeze, the freeze itself won’t be able to stop it. While a credit freeze may not protect you in these kinds of cases, it can protect you from the vast majority of identity theft that involves opening a new line of credit.

Can They Really Do That? Know Your Rights Regarding Debt Collection

2007-07-20T18:59:00.000-07:00

by Heather Wells (Recovery Advocate)

How many people have experienced this scenario? You’re just about to sit down to dinner when the phone rings. The voice on the other end of the line sounds threatening, telling you that “this is an attempt to collect a debt.” You explain that this must be a mistake, that you check your credit reports regularly and pay all of your bills on time. However, “Mr. Smith” tells you that you are obviously a no good, worthless, cheap, despicable, sorry excuse for a human being who will pay up or else! This clip from the recent film Maxed Out is a perfect example of the unscrupulous practices that are common to many collection agencies.

Obviously, debt happens. It’s a huge problem for many consumers who legitimately have incurred debt that they were not able to manage. But, then there’s the other folks who are victims of identity theft who, before their dinner was so rudely interrupted, had no clue that their social security number had been used to open up an account that was subsequently ignored and not paid on. For both of these groups of individuals there are some laws to protect them when “Mr. Smith” calls in order to harass and belittle.

According to the Fair Debt Collection Practices Act (FDCPA) collectors are not allowed to use unfair or deceptive practices to collect on debts. Here are some things they can and can’t do:

1) Collection agencies must provide you with written documentation regarding the debt, including how much is owed, the name of the original credit grantor, and how to dispute the debt. This documentation is especially crucial for victims of identity theft who will need to submit a written dispute to the collection agency.
2) They cannot contact you before 8:00am or after 9:00pm unless you tell them it’s OK.
3) They cannot contact you at your workplace unless you give them permission.
4) Collectors may not threaten you or use obscene or profane language.
5) They cannot call you over and over again just to annoy and harass you.

So, the next time you get that call from “Mr. Smith” trying to collect, remain calm and tell him that you know your rights. It’s amazing how docile they can become once they realize they can’t bully you.

For more information on the Fair Debt Collection Practices Act go to the FTC website.

NBC's "To Catch An ID Thief" on Sunday

2007-07-19T22:12:00.000-07:00

by Rick Kam
NBC's Dateline is doing a show Sunday, July 22, 2007 on ID Theft, based on the current series of "To Catch a Predator". Chris Hansen continues his mission to put a face on the crime of identity theft, working with CardCops, an organization specializing in monitoring ID thieves.

Date: Sun., July 22, 2007
Time: 7:00PM
Channel: 4, WNBC
Descriptor: New Episode, Stereo, CC

Lifelock Says You Can’t Stop All Forms of ID Theft

2007-07-19T19:00:00.000-07:00

by Rick Kam

On June 11, 2007 an article in Wired Blog Network reports CEO of Lifelock, Todd Davis’ identity being stolen. Mike Prusinski, spokesman for Lifelock is quoted as saying,

“…there's no way to prevent all identity theft -- especially in cases in which a business (such as the check-cashing operation) doesn't run a credit report before providing someone with a loan or new credit card. It's a loophole," Prusinksi said. "We tell people that you can't stop every form of identity theft."”

Todd Davis was so confident in Lifelock’s identity theft protection solution, he regularly displayed his social security number on the company website. It was only a matter of time before an identity thief would use his social security number.

The Federal Trade Commission, Better Business Bureau, AARP, and law enforcement, as well as Identity Safeguards, all suggest protecting your social security number to reduce the risk of identity theft. It is the “key” to your identity. The ability to “freeze” or lock your credit will reduce the risk that an identity thief will be able to open fraudulent credit accounts, but it is not “fool proof” in stopping other growing forms of identity theft.

So how was Todd Davis’ identity stolen?

A plausible scenario would be that an identity thief saw Todd Davis’ social security number on the LifeLock website and decided to use it to commit the crime. There are many other ways an identity thief can access and use your personal information. For many individuals today, a government agency or company who has their information may lose it or have it stolen by identity thieves potentially exposing them to misuse.

While setting up fraudulent checking accounts or credit lines are the likely ways an identity thief will use stolen personal information, it is not the only way. Identity thieves also can set up cell phone accounts, obtain fraudulent driver’s licenses, or access medical services (note that medical ID theft is one of the fastest growing issues today). A credit freeze or fraud alert set by the credit bureaus (or Lifelock in Mr. Davis’s case) won’t necessarily protect them from these forms of identity theft.

The good news is you can reduce their risk of falling victim to many forms of identity theft by taking a few simple steps to protect your good name. The FTC offers good suggestions to reduce the risk and is a great consumer resource. My suggestion, consistent with that of many other security experts, is carefully protect your social security number in order to reduce your risk of identity theft.

Does Credit Monitoring Prevent Identity Theft?

2007-07-19T17:46:00.000-07:00

by Rick Kam

Credit monitoring is an important tool in today's fight against identity theft. Many individuals subscribe to a service provided by all three of the major credit bureaus and their affiliates.

Is this an effective tool that prevents identity theft?

Unfortunately, the answer is no. Credit monitoring provides a useful tool to determine if there is an unauthorized change to your credit profile which may indicate misuse by an identity thief.

It does not prevent an identity thief from setting up fraudulent credit lines, changing your address, getting a job in your name, declaring bankruptcy, or committing crimes that become part of your records. All monitoring services will send you an alert when they detect a change to your credit profile. Only you can determine if that change was one you initiated or not. The assumption is if you didn't do it, you may be a victim of identity theft.

There are a couple of other drawbacks to credit monitoring. The first is it does not monitor other types of accounts for potential fraudulent activity. For example, it does not monitor your checking account. Many forms of identity theft go undetected (see my related posting on Lifelock). The other drawback is if you believe there is misuse of your personal information, all of the services provided by credit bureaus make you fix this yourself. Although many offer assistance ---this really translates to "do it yourself". The other issue is that it reports changes to your credit profile as opposed to being an early detection tool of identity theft.

So while credit monitoring is not perfect, it is one of the most prevalent tools consumers use today to protect themselves from ID theft.

You might ask, are there better tools on the horizon? Stay tuned for my next post on Identity monitoring.

Children are Victims of Identity Theft Too

2007-07-19T08:45:00.000-07:00

by Doug Pollack

This excerpt from an MSN Money article titled "Your 5-minute guide to protecting your identity" published July 6, 2007 demonstrates the time consuming nature of dealing with an identity theft problem.

"Thieves may sell your information on the black market or use it to obtain money, credit or even expensive medical procedures. Unless you're vigilant in protecting your records, you'll have to work even harder to repair the damage to your credit. The average victim spends 30 to 40 hours rectifying the problem.

The article outlines numerous helpful tips for helping prevent the theft of one's identity. But something that is less "obvious" is that around 5% of identity theft cases involve children. They make particularly lucrative targets because it can take many years before they come of age and the identity theft becomes recognized.

A related Bankrate article notes that "...children's identities are used to obtain credit cards, get driver's licenses or open accounts. Often the information is sold for use by illegal immigrants or individuals attempting to restart their lives and avoid arrest." This makes it doubly important for families to protect not only their breadwinners but also their kids.

What is an identity theft “Recovery Advocate”?

2007-07-12T09:57:00.000-07:00

By Heather Wells

As head of the recovery department at Identity Safeguards, my group and I provide assistance to thousands of victims of identity theft. We are made up of a collaborative team of Intake Specialists and Recovery Advocates who are dedicated to the recovery and restoration of our victim’s identities. We take on the hard work of identity restoration every day so our victims don’t have to.

This includes performing the core of our duties: restoring a victim’s good name and credit back to pre-theft status after an ID theft incident. From the smallest compromise to the most complicated of cases, we have pretty much seen it all. We have established connections with the Fraud Departments of many major creditors and are privy to the specific requirements and procedures they have for their fraud investigations. This is time-saving knowledge that victims working on their own or even those working with a recovery “advice” service cannot claim.

Our job also encompasses providing education about victims’ rights and offering information regarding preventative measures. Identity theft is constantly evolving and growing in complexity, so part of our responsibility to our victims is to be informed about the latest scams, procedures, and legislation. You’d be hard-pressed to find a more knowledgeable group of people!

But most importantly, as Recovery Advocates we provide our victims with support and reassurance throughout the recovery process. Having personal, one-on-one interaction with the same Advocate for the duration of their cases is one of the things the victims we work with appreciate more than anything.

We are hoping that this blog will educate, inform, and entertain!

Identity Safeguards Joins Blog World

2007-07-10T15:17:00.000-07:00

I’m Rick Kam, president of Identity Safeguards. I’d like to welcome you to the Identity Theft Protection blog.

I founded Identity Safeguards with John Davidson in 2003 in order to help Americans protect themselves from identity theft. We are proud to be a pioneer and leader in this industry, delivering quality services, and doing so with integrity.

Combined with John’s 26 years in employee benefits consulting, I bring to Identity Safeguards over 25 years of experience both at IBM and management consulting. We joined our business skills and passion to address the problem of identity theft.

Our purpose in creating this blog is to provide you with a central location to learn about and discuss issues in identity theft protection, relevant legislation, and new identity protection tools. Our mission at Identity Safeguards is to be the voice for victims of identity theft while driving innovation in identity management and protection services. This blog will include posts from experts on our staff as well as guest experts from the ID theft prevention community at large.

We founded Identity Safeguards on the promise of protecting you and your good name. Having pioneered the market for identity theft solutions, today we are honored to provide over 2,000,000 American citizens with identity theft protection services. Identity Safeguards is proud to serve as a beacon for the victims of identity theft and has grown into the leader in identity theft prevention and recovery services.

Why Choose Identity Safeguards?

2007-07-02T09:57:00.000-07:00

Identity Safeguards began when a few frustrated identity theft victims decided to educate and assist other victims in restoring themselves to pre-identity theft status. Now a national leader in corporate identity security, Identity Safeguards provides fully-managed identity protection and identity theft recovery services to individuals and businesses of all sizes throughout the nation. Identity Safeguards offers businesses proactive and response solutions both to manage the risk of a confidential data breach and to respond effectively by offering the appropriate remedies to businesses and consumers in the event such a breach occurs. In the event of a data breach turned Identity Theft Event, highly trained in-house “Recovery Advocates” fully manage Identity Safeguards' member victim cases in order to successfully restore victim's credit and life back to pre-event status. This highly specialized service, along with Identity Safeguards' Confidential Identity Protection Solution (CIPS) and Emergency Incident Response Service (EIRS), is what separates Identity Safeguards from those who offer less complete solutions. Identity Safeguards provides restoration services to millions of citizens in the United States. Hundreds of corporate entities, government agencies and non-profit organizations nationwide offer Identity Safeguards' proactive and response solution to a confidential data breach and employee benefits or consumer protection programs. Contact a representative to learn how Identity Safeguards can help you and your business plan for, protect against, and react to a data breach.

With hundreds of programs already in place, Identity Safeguards covers millions of Americans from the hardships of identity theft and fraud. Having already served hundreds of companies, we are able to leverage significant relationships to provide your company with an unparalleled level of service. After taking the time to learn about the services that Identity Safeguards has to offer, contact a representative to request more information in order to learn about what Identity Safeguards can do for your company.