Learn about data breaches to protect yourself

data breach 1

data breach 2

data breach 3

Watchdog Nation reveals New Mexico crime ring preying on Texas senior citizens

An identity theft ring based in Albuquerque has stolen the identities of 232 people, most with ties to Tarrant County, Albuquerque police tells Watchdog Nation.

Turns out the thieves got the information from an unlikely place: Tarrant County court records available free online for use by the public.

As readers of the Fort Worth Star-Telegram Dave Lieber Watchdog column first learned, millions of records with sensitive information were on the county website.

Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Courtesy of golocalworcester.com

A member of the criminal ring showed an Albuquerque police detective on a computer how easy it was to pull names, birth dates, and Social Security and driver’s license numbers from county clerk records, according to a police report.

Data miners, part of a drug ring, used the information to steal the identities of Texans and residents of other states who had ties to Tarrant County through court cases, Albuquerque police say. The ring used the information to open lines of credit in the names of some of the victims.

Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Victim Rebecca Watson of Fort Worth says she learned about the ring from Albuquerque police. She says that a detective told her he notified the county clerk’s office in November but that nothing had changed.

The detective was unavailable for comment.

County Clerk Mary Louise Garcia told me that nobody informed her what was happening until early March, when Sheriff Dee Anderson was briefed by Albuquerque police.

Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Mary Louise Garcia

Garcia said she took immediate and unprecedented action when she learned of the criminal investigation in New Mexico.

She said she hired a vendor to audit 12 million court documents in her office’s online repository.

The vendor found that 2 million records on the website listed birth dates or Social Security or driver’s license numbers. Those included divorce records, real estate and family law records, and a dozen other types of court documents.

Garcia ordered that records with sensitive information be removed from online viewing. The vendor is deleting sensitive information before Garcia places the records back online.

– – – – – – – – – – – – – – – – – – – – – – – –

More Watchdog Nation News:

Watchdog Nation Partners with Mike Holmes

America meets Watchdog Nation/Listen to Fun Radio Interview

2012 Book Edition Debuts on Good Morning Texas TV show

– – – – – – – – – – – – – – – – – – – – – – – –

The process, which will cost about $89,000, should take several weeks, she said.

The paper versions of the 2 million documents containing sensitive information are still available for public viewing at the courthouse, as required by law.

Worries that online court records could be an easy source for ID thieves have been voiced for years, but county officials say this is the first major case that has come to their attention.

“It’s one of the vulnerabilities we all face,” Anderson said.

Five years ago, county clerk offices statewide rebelled after an attorney general opinion said they must redact Social Security numbers from court records, including those online. Offices froze in confusion, and some shut down. A week later, the attorney general’s office, citing complaints from legislators, rescinded its opinion.

Then the Legislature enacted a law permitting people to ask that their own Social Security numbers (but no other identifying information) be removed from paper court records as long as the requesters know the document, page and volume number.

County officials say only a few people each year do that, because most don’t know what’s in court records from old cases. The problem is that, for decades, sensitive data have been routinely used in court documents to legally identify the parties involved.

Some, such as County District Clerk Tom Wilder, want state law changed to allow a “sensitive data sheet” to be included in court filings but available for use only by the parties and court officials; it would never see the light of day in public paper files or online.

Because of the grand scope of this criminal investigation, lawmakers may look at requiring online records statewide to be scrubbed in a way similar to what Tarrant County is doing.

The law did not require Garcia to pull records and remove personal information. “It’s something we want to do in our office to protect our constituents,” she said. “The minute I found out [about the investigation], my administration — we moved on it.”

County officials know little about the criminal investigation, but Albuquerque police spokeswoman Tasia Martinez told Watchdog Nation that officers are immersed in writing a report detailing what happened to the 232 victims.

About 40 are thought to live in Tarrant County. The office has sent letters to victims, though some have been returned with bad addresses.

Several New Mexicans have been charged with theft.

Watson says thieves opened accounts in her name and ran up large charges. Her sensitive information, a detective told her, was culled from her 1999 divorce records.

One of the people arrested in the case told police that she searched divorces on the Tarrant County website until she found papers with Social Security numbers, then copied down the information, according to a police report.

Watson filed a redaction form with the county to remove her Social Security number from paper records. With the online cleanup under way, too, anyone who tries to access her divorce records will get the message, “Access is denied to that item.”

That’s all she ever wanted.

# # #

Want to protect yourself from ID theft? Are you tired of fighting the bank, the credit card company, the electric company and the phone company? They can be worse than scammers the way they treat customers. A popular book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, shows you how to fight back — and win! The book is available at WatchdogNation.com as a hardcover, CD audio book, e-book and hey, what else do you need? The author is The Watchdog columnist for the Fort Worth Star-Telegram. Visit our store. Now revised and expanded in a 2012 edition, the book won two national book awards for social change. 

Visit Watchdog Nation HeadquartersDave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Like Watchdog Nation on Facebook

Watch Watchdog Nation on YouTube

Twitter @DaveLieber

Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Pharmacy staffers seeking your personal info put you at ID theft risk

My pet peeve: Sometimes when I’m sitting in a car repair shop or a car wash, I hear another customer talking loudly on a cellphone to a pharmacist. The customer orders medicine and blurts out name, address and date of birth.

Why don’t people step outside and talk in private? Don’t they realize that anyone else listening could use that information to engage in identity theft?

Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Apparently, I’m not the only one with this kind of pet peeve. As readers of the Fort Worth Star-Telegram Dave Lieber Watchdog column first learned, for Christopher Dills, a retired high school journalism teacher, his sore spot is standing in line at a Walgreens pharmacy in Mansfield, where he lives, and being asked to give the same information. Recently, he got so upset that he complained to a store manager.

He says he understands the need for such information to make sure people get the right medicine. But he told the manager that he heard the name, address and Social Security numbers of two women in front of him.

“I refused to give my information out loud when I was called,” he said. “I explained firmly but nicely that I and anybody else could be at the homes of the ‘victims’ before they were because Walgreens made it possible.”

He asked the manager why an identification card showing the information wasn’t acceptable. He was told that those cards sometimes contain incorrect information and that answering orally was corporate policy.

He asked Dave Lieber’s Watchdog Nation, “Can you help stop this practice of needlessly putting people at risk?”

– – – – – – – – – – – – – – – – – – – – – – – –

More Watchdog Nation News:

Watchdog Nation Partners with Mike Holmes

America meets Watchdog Nation/Listen to Fun Radio Interview

Watchdog Nation Debuts New e-Book and Multi-CD Audio Book

– – – – – – – – – – – – – – – – – – – – – – – –

I can, but first, let me share Walgreens’ response. It took me 11 days to get an answer from the company, and I had to send five pleading e-mails. But when a spokeswoman wrote back, she said the company had retrained the Mansfield staff in response to the complaint.

“We are committed to patient privacy,” Vivika Panagiotakakos wrote. “If a patient or caregiver would like to pick up medication, we do ask for patient information to help verify that the right prescription is given to the right customer.”

She said patients can ask to move to a private area. “In addition, many of our pharmacies do have signs near the counter to help promote patient privacy so customers can feel comfortable speaking to pharmacy staff.

“We have retrained our Mansfield staff about steps they can take to ensure patient privacy and making sure that only one customer is near the counter at a time.”

Another Walgreens pharmacy customer, Paul Diviney of Fort Worth, tells me he is so concerned about keeping his information private that he uses only the drive-through lane closest to the window so that when he speaks to the staff, other drivers can’t hear him.

CVS spokesman Mike DeAngelis told me corporate policy for CVS stores is to ask for private information softly so others can’t hear. He says the information is sought at a separate window, which is not in the immediate pickup area. “Privacy is one reason we set it up like that,” he said.

Jay Foley, a founder of the Identity Theft Resource Center, said information as simple as a name, address and date of birth is “enough to get the ball rolling” for an identity thief.

He told the story of a case in a California pharmacy several years ago involving a woman who regularly roamed the aisles. Pharmacy staffers thought she was lonely. “She’d talk to people and seemed like a pretty harmless lady,” he said.

Turns out she wasn’t so harmless. When she was arrested on charges of identity theft, police found her carrying the names of 18 people and their Social Security numbers, all of whom were customers of that pharmacy.

Foley’s solution: “If I were a customer, what I would do is take a slip of paper and write the answers down and show it to the clerk. Then I’d take that piece of paper home and shred it.”

Panagiotakakos said that would work in Walgreens stores.

Visit Watchdog Nation HeadquartersDave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Like Watchdog Nation on Facebook

Watch Watchdog Nation on YouTube

Twitter @DaveLieber

Are you tired of fighting the bank, the credit card company, the electric company and the phone company? They can be worse than scammers the way they treat customers. A popular book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, shows you how to fight back — and win! The book is available at WatchdogNation.com as a hardcover, CD audio book, e-book and hey, what else do you need? The author is The Watchdog columnist for the Fort Worth Star-Telegram. Visit our store. Now revised and expanded, the book won two national book awards for social change. Twitter @DaveLieber

Governments are cause of half the records lost in data breaches this year

Let’s all stand and cheer for Judy Yacio, a retired Texas school principal who struck a blow to stop identity theft. She exposed a flaw in the Teacher Retirement System of Texas that could make it easy for identity thieves to steal her personal banking information.

Government data breaches, in which personal information is accidentally released or stolen, are growing. This year, ineptitude on the part of federal, state and local governments was responsible for nearly half of all personal records lost in data breaches, according to statistics kept by the Identity Theft Resource Center. The rest happened in businesses, especially in the banking and medical communities.

In the spring of 2011, the Texas comptroller’s office announced that, for about a year, it had inadvertently exposed Social Security numbers and other data about 3.5 million Texans on a state website accessible to the public. The breach, probably the largest in Texas history, included names and addresses, and sometimes birth dates and driver’s license information. That’s enough for any ID thief to wipe some out financially.

The Texas attorney general’s office and the FBI launched a criminal investigation. Several employees in the comptroller’s office were fired.

In June 2011, 4,900 current and former workers at the state Department of Assistive and Rehabilitative Services were told that their personal information was exposed.

“Government has to be more careful,” Yacio says.

Ridiculous picture courtesy of identitytheftprotection.net

She knows. As readers of the Dave Lieber Watchdog column in the Fort Worth Star-Telegram first learned, after Yacio switched the bank account to which her retirement check was to be directly deposited, she got a call from her credit union telling her that it had received a letter from TRS to confirm the change. But her personal information, the credit union told her, was clearly visible through the TRS envelope.

TRS had used a window-style envelope. Yacio’s name, address and account number were visible through the front window. Anyone who handled the letter could use that information to steal from her.

Yacio flipped out. She contacted the state comptroller’s office, which directed her to TRS. She also complained to state Sen. Wendy Davis, D-Fort Worth. A staffer contacted TRS on her behalf, too.

“Window envelopes are a bad idea when sending sensitive information, as some things show that we don’t want others to see,” the former principal scolds. “People are getting sloppier and sloppier in protecting our personal information. And we wonder why identity theft has increased. The state needs to be more careful. Period!”

Her plan was to push the issue: “I rightly raised a ruckus,” she says. “People need not sit back and accept what is being done.”

She told TRS leaders on the phone, “Guys, you’ve got to quit using window envelopes. Window envelopes are very dangerous with this kind of information.”

TRS officials did something she did not expect: They listened to her.

TRS spokeswoman Rhonda Price told Watchdog Nation: “We can confirm that we have changed our procedures.” Letters with personal information to banks and credit unions “will now be mailed utilizing mailing labels so that the content of the envelope cannot be seen.

“Our longer-term solution will be to have the sensitive information taken off [the letters], but that will require programming changes. We believe our interim solution will resolve the issue until the programming changes can be made.”

Yacio praises TRS for its quick recovery.

Jay Foley, executive director of the Identity Theft Resource Center, says breaches caused by government are worse than those caused by private businesses.

“As a consumer, I chose which businesses I will share my personal information with. I don’t have that luxury with government.

“If I want a driver’s license, I have to give my Social Security number. I pay taxes, and I have to use my Social Security number. If I want unemployment, I have to give my Social Security number.

“Government for a long time has allowed the Social Security number to be the de facto piece of identifying information about each of us. The downside is that government has never really learned how to control the information.”

That’s why Yacio’s battle cry is noteworthy. When any vulnerability is found in the protection of personal data, raise a ruckus.

# # #

Dave Lieber shows Americans how to fight back against corporate deceptions in his wonderful book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong.

The book focuses sharply on how to protect against identity theft and defend yourself if you’ve fallen victim to this. Are you tired of losing time, money and aggravation to all the assaults on our wallets? Learn how to fight back with ease — and win. Get the book here.

Read The Watchdog Nation manifesto here!

Open Letter to the U.S. Chief Postal Inspector

Memo to: Guy Cottrell

U.S. Chief Postal Inspector

The recipient: Guy Cottrell

From: Watchdog Nation

The sender: Newspaper columnist Dave Lieber

Dear Chief Inspector:

I write on behalf of thousands of people whose mail has been stolen from blue postal collection boxes in North Texas. My city, Fort Worth, leads the nation in mailbox thefts, according to records I obtained through the Freedom of Information Act.

Sir, an incident last month shows how the crime-reporting system, such as it is, is faulty — and how innocent people are unnecessarily hurt because of a lack of information. You’re the leader of the U.S. Postal Inspection Service. You can easily fix this.

As readers of the Fort Worth Star-Telegram // Dave Lieber Watchdog column already know, for more than two years, I have publicly shared information about mailbox thefts in the region, mostly because authorities refuse to do so. The postal inspectors who work for you say they cannot release date-and-place details of mail thefts from public boxes, at the request of the U.S. attorney’s office. Providing such information, they say, would jeopardize their criminal investigations.

Others, including me, believe that people have a right to know when something as important as their mail may have been stolen so they can work quickly to prevent identity theft.

– – – – – – – – – – – – – – – – – – – – – – – –

More Watchdog Nation News:

Watchdog Nation Partners with Mike Holmes

America meets Watchdog Nation/Listen to Fun Radio Interview

Watchdog Nation Debuts New e-Book and Multi-CD Audio Book

– – – – – – – – – – – – – – – – – – – – – – – –

Case in point: a June 3 incident at the Trinity River post office on Oak Park Lane in Fort Worth.

A reader tipped me that the two outdoor blue boxes were missing. Where did they go?

When I called the post office, an employee who answered the phone told me that nothing had happened.

Then I called the U.S. Postal Service, and spokesman Sam Bolen told me that the mailboxes were defaced and taken out for repainting.

“We have nothing to indicate mail was stolen from these collection boxes,” Bolen said.

Well, I do.

Watchdog Nation took this photo in late 2009 of a mailbox break-in outside the Haltom City, Texas post office.

After I reported the conflicting statements by postal employees, I heard from two people who placed mail in Trinity River post office collection boxes June 3. They say their mail never arrived.

Both told me that they, like me, had tried to learn what happened and couldn’t get a straight answer.

Elaine Stoltz says checks she mailed were stolen from the box. She figured it out when the checks didn’t arrive at their destinations. Then someone walked into her bank with a temporary driver’s license in her name and withdrew $1,500 from her bank account. Stoltz believes that the thief used information from the stolen mail. Her bank covered the loss.

A Fort Worth man told me that his mailed checks also never arrived. Then someone used a fake check with his name to buy $290 worth of merchandise from Walmart.

The man said that when he called the postal inspector’s office to complain, an employee “tells me on the phone that as far as they could determine, no mail was missing.”

I must ask: How do they know? (Apparently, they don’t.)

That same man then stopped a mail carrier on his route. When asked, the carrier said, “We’re really not supposed to talk about it, but something did happen.”

Chief Inspector Cottrell, the solution is one that is used in other parts of the country. I’ve found that in other areas, authorities do release details of mailbox thefts. This helps victims begin cleaning up identity theft problems sooner rather than later.

Please change the policy in North Texas. Allow all public mailbox thefts to be reported. Be more forthcoming.

There’s no doubt that the postal inspectors in our region are good at what they do. In fiscal 2010, the Fort Worth office reported 195 arrests and 192 convictions related to mail and identity theft. That’s among the best in the nation, but then again, they have a lot to work with.

Tarrant County had 60 thefts in 2009 and more than 80 last year (and those don’t include thefts from private mailboxes).

Certainly, we have a special problem here and things are getting worse before they get better.

Thank you,

Dave Lieber

On behalf of Watchdog Nation

# # #

Dave Lieber, The Watchdog columnist for The Fort Worth Star-Telegram, is the founder of Watchdog Nation.

Are you tired of fighting the bank, the credit card company, the electric company and the phone company? They can be worse than scammers the way they treat customers. A popular book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, shows you how to fight back — and win! The book is available at WatchdogNation.com as a hardcover, CD audio book, e-book and hey, what else do you need? The author is The Watchdog columnist for the Fort Worth Star-Telegram. Visit our store. Now revised and expanded, the book won two national book awards for social change. Twitter @DaveLieber

Visit Watchdog Nation HeadquartersDave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Like Watchdog Nation on Facebook

Watch Watchdog Nation on YouTube

Twitter @DaveLieber

How to protect yourself from mailbox theft

Those blue postal collection boxes outside of post offices are sitting ducks for identity thieves. Getting mail out of them is as easy as licking an envelope.

Crimes occur but information is scarce

Yet the U.S. Postal Service and the U.S. Postal Inspection service don’t easily release the information about mailbox break-ins to the public. Rarely, do you see these break-ins listed in police crime reports. The only way to get the information is through the U.S. Freedom of Information Act.

As readers of the Fort Worth Star-Telegram Dave Lieber Watchdog column first learned, the problem of thefts from blue U.S. Postal Service collection boxes apparently hasn’t gotten any better in the past year. Watchdog Nation took a sample of its home Fort Worth postal district.

Mostly unreported crimes

A year ago, the Fort Worth postal district reported 60 mailbox thefts in 13 months. But in the past 11 months, there have been more than 80 incidents in the district, which includes Amarillo, Lubbock, Abilene and Decatur, too.

Most of the thefts are in Fort Worth and Arlington. (See the 3-page government release here.)

Fort Worth boxes were hit almost 40 times, with the crimes scattered throughout the city.

Arlington had 28 reported incidents. One blue collection box at 300 E. South St. was apparently hit eight times.

Other cities hit: Amarillo with five, Abilene with three, River Oaks and Euless with two each, and one each in Haslet, Haltom City, Watauga, Grand Prairie, Lubbock and Decatur.


Watchdog Nation took this photo in late 2009 of a mailbox break-in outside the Haltom City, Texas post office.


Watchdog Nation methodology

I asked for a list of all reported incidents of theft, vandalism and tampering involving the blue collection boxes in the last 11 months of 2010.

The Postal Inspection Service cautioned me about the data it sent me:

“These reports are the raw, unverified data provided by USPS employees. Some of the entries provided contain duplicate reports of possible thefts or vandalism, as well as unverified dates of possible thefts or vandalism.” (I eliminated the obvious duplicates.)

I asked for vandalism and tampering crimes, too, because it’s often hard to prove any mail was stolen, but a good indicator is whether a mailbox was vandalized or tampered with.

The data matches anecdotal evidence gleaned from readers in recent months. An Arlington man notified the Star-Telegram in December that mailbox break-ins in his city were “rampant.” A Fort Worth man contacted me in November about thefts at a collection box at the post office near South Hulen Street at 4450 Oak Park Lane (the list includes two incidents there in October).

– – – – – – – – – – – – – – – – – – – – – – – –

More Watchdog Nation News:

Watchdog Nation Partners with Mike Holmes

America meets Watchdog Nation/Listen to Fun Radio Interview

Watchdog Nation Debuts New e-Book and Multi-CD Audio Book

– – – – – – – – – – – – – – – – – – – – – – – –

How bad is the problem?

John Breyault of the National Consumer League suggests that before you mail anything, you check the condition of a mailbox. “Is it in good repair? Is the lock on it secure? Does it look like it’s been tampered with somehow?”

He also offers an excellent idea: Check periodically with your residential carrier about mailbox thefts in your area.

A mailbox security expert tells me that along with thefts from mailboxes at homes, thefts at collection boxes remain a major problem nationwide.

Background

“It’s basically a crime that’s not being prosecuted because there’s too much of it to deal with,” says Michael Johnston, owner of USMailboxes. “The way I see it and experience it, it has increased tremendously in the last few years. It started out as a way for thieves to get drug money. Now the recession has made it worse.”

Ten years ago, Johnston was hired by the post office to strengthen the blue collection boxes in his home state of Oregon. “We went around and put those security bars on to help make it harder to break into without a key,” he said. “We also put a heavier lock that was harder to pick. And they put special locking nuts on the bolts in the ground so they couldn’t easily be taken off.

“I don’t know how to make them stronger. I don’t think they know either. The biggest problem up here now is they throw a chain around it and yank it out of the ground.”

The blue collection boxes are especially popular, he says, because they contain more mail, especially bill payments containing individual checks. Thieves can use the name, address, account and bank routing numbers on the checks for identity theft.

“The post office would like to remove the blue boxes,” Johnston says. “They would like to take them all off the streets and make people go to the post office or use their own mailbox to send mail out.”

What should you do?

If that’s true, the post office won’t state that publicly. In a statement to The Watchdog this week, Postal Inspection Service spokesman Michael J. Romano writes, “The Postal Service employs crime prevention countermeasures for collection box thefts, but for obvious reasons, this information is law enforcement sensitive and is not released to the public.

“We maintain that the U.S. mail is a very safe and secure way of conducting commerce with close to 600 million pieces of mail and packages successfully delivered daily.”

Still, the post office warns, “When possible, customers should avoid placing mail in a blue collection box after the last posted collection time or on a day mail is not scheduled to be picked up. If they must deposit mail during that time, they should use the lobby drop inside a post office.”

The boxes do not provide this information to consumers. But probably they should with signs. If the boxes are not completely safe, the people using them should know. Mail inside is a sitting target. That’s what the numbers show.

File your own request

If you want to file a freedom of information act request, here’s how you do it:

CHIEF POSTAL INSPECTOR
US POSTAL SERVICE
475 L’ENFANT PLAZA SW RM 3100
WASHINGTON DC 20260-2100

[Date]

FOIA REQUEST

Dear FOIA Officer:

Pursuant to the federal Freedom of Information Act, 5 U.S.C. § 552, I request access to and copies of a listing of all reported incidents of:

– theft of mail from…

– vandalism of mailbox…

– tampering with ….

the blue collection mailboxes located outside all post offices, stations, substations, etc. in the [YOUR DISTRICT] from [GIVE DATES] to the date of this letter, Dec. 31, 2010.

I agree to pay reasonable duplication fees for the processing of this request, but ask that you first alert me to the charges so I may know before any work is done. You may call me about this at xxx-xxx-xxxx or e-mail to xxxxx@xxxxx.xxx.

If my request is denied in whole or part, I ask that you justify all deletions by reference to specific exemptions of the act. I will also expect you to release all segregable portions of otherwise exempt material. I, of course, reserve the right to appeal your decision to withhold any information or to deny a waiver of fees.

I look forward to your reply within 20 business days, as the statute requires.  Thank you for your assistance.

Sincerely,

# # #

Visit Watchdog Nation HeadquartersDave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Like Watchdog Nation on Facebook

Watch Watchdog Nation on YouTube

Twitter @DaveLieber

# # #

Dave Lieber, The Watchdog columnist for The Fort Worth Star-Telegram, is the founder of Watchdog Nation. The new edition of his book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, is available in hardcover, as a CD audio book, ebook and hey, what else do you need. Visit our store. Now revised and expanded, the book won two national book awards in 2009 for social change. Twitter @DaveLieber

Dave Lieber book that won two national awards for social change.

Free Document Destruction Leaves Watchdog Nation Founder Happy

Watchdog Nation is all about protecting yourself for free and in just seconds.

That’s how I try to operate my life — free and fast. And I bet you do, too.

Sometimes, though, that can clutter things up.

Do you shred your documents that contain your personal information before throwing them away? I’ve bought three different shredders from office supply stores — and returned them all. They stink.

Instead, I’ve been waiting for a free, local shredding service to take my receipts, bank statements and paper bills and ground them into pulp. Unfortunately, it can cost a homeowner around $100 for such a service to come to your door or for you to bring it to them.

That’s not Watchdog Nation’s way. We want it done free and in just seconds.

My last big shredding was in June 2007 in Addison, Texas. I remember because I attended an anti-fraud conference that day. Free shredding was one of the lures.

In the past three years, I accumulated more than a hundred pounds of paper. I had boxes stacked in the attic marked “To Be Shredded.” Trash bags were piled high in a spare bedroom.

Then yesterday, they all vanished.

I’ve kept searching the Internet and asking about free shredding. Then I heard about Legend Bank in Fort Worth, Texas that was staging a “Free Shred Day.” I’m not a customer, but the event was open to everybody. I told a lot of my friends and many of them showed up, too.

Legend Bank is getting a reputation for offering checking that pays 4 percent in monthly interest if certain conditions are followed. The shred day was a great way to get people to visit the bank.

Mike Monroe, executive vice president and regional president, also passed along shredding guidelines to his customers — a story by Steven Hastert at www.shrednations.com. You can read it here.

Watchdog Nation hopes you are shredding your documents for free and in seconds. No need to wait three years as I did.



Mike Monroe of Legend Bank (left), Dave Lieber (center) and Michael Morris of instantshredding.com -- and the star of the show, all the stuff of Dave's about to get destroyed.



No need for me to repeat the latest identity theft stats here. You know the drill. Suffice it to say that I have written stories in my newspaper about dumpster divers who pull the unshredded stuff out and resell it to drug rings that also engage in identity theft. That’s incentive enough for me to do it right.



Dave Lieber's Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong

Three years of Watchdog Nation founder Dave Lieber's personal documents waiting to be shredded. Almost filled up a large trash cart.



We advise you to search the Internet regularly for “free shredding” and the name of your community. These events are almost always held on Saturdays. Often, the sponsors are private businesses, law enforcement authorities and neighborhood associations. You can even call your local shredding companies (easy to find on the Internet) and ask if they are scheduled to offer a free service with any community sponsors in the coming months.

###

Dave Lieber, The Watchdog columnist for The Fort Worth Star-Telegram, is the founder of Watchdog Nation. The new 2010 edition of his book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, is out. Revised and expanded, the book won two national book awards in 2009 for social change. Twitter @DaveLieber

Dave Lieber book that won two national awards for social change.

If your ID theft protection deceives you, who’s left to trust?

LifeLock Settles Advertising Dispute With FTC, 35 States

By Dave Lieber

Nobody advertises more than LifeLock.com.

You hear their ads on the Rush Limbaugh radio show, done by Rush himself.

You know company founder Todd Davis’ Social Security number (457-55-5462) because he broadcasts it everywhere to show he’s not worried about someone stealing it (even though a Fort Worth man did just that a few years ago here).

Dave Lieber covers the consumer revolution for his readers and viewers.

But some of that advertising might have gone a little too far, according to legal documents filed in a settlement announced March 9 by Texas Attorney General Greg Abbott and 34 other states.

Under the terms of the agreement, LifeLock Inc. “agreed to more accurately describe its ID theft protection services.” The company also agreed to pay $11 million in restitution to eligible customers.

As part of a joint investigation by the Federal Trade Commission and the states, LifeLock “unlawfully exaggerated its range of services and ability to prevent ID theft.”LifeLock is NOT allowed to state that its products:

– provide “complete protection” against ID theft

– prevent unauthrorized changes to customers’ address information

– constantly monitors activity on its customers’ credit reports

– ensure a customer will always receive a phone call from a creditor before a new account is opened.

Watchdog Bytes contacted LifeLock after the settlement was announced. Spokeswoman Cortney Lanik released this statement from Davis:

“LifeLock is pleased with this agreement, which works to set advertising standards for the entire identity theft protection industry. As FTC Chairman Jon Leibowitz stated … the FTC has ensured that LifeLock has a legitimate business model going forward with honest advertising.  Notably, as part of its just-concluded investigation, the FTC reviewed both the LifeLock service and LifeLock’s current advertising to confirm that LifeLock is in compliance with all applicable legal requirements. We will abide by the terms of this consent decree because we intend to continue to be true to our core mission — to help protect you, your family and your friends from identity theft.

“We welcome federal and state efforts to regulate our industry because, at the end of the day, doing so helps to protect consumers from the risks of identity theft. Because of LifeLock’s marketing efforts, many more Americans now know of the risks of identity theft and the need to take effective action to protect themselves. LifeLock is committed to developing and applying the most advanced technologies available to help protect consumers from the consequences of identity theft. We will continue to work very closely with federal and state regulators on regulatory and best practices to protect individual consumers.

“Nothing changes as a result of this settlement because it was based on activities from over two years ago. We agreed to settle this matter in order to quickly put this behind us so we can get back to doing what we do best – helping to protect our members from identity theft.”

Some of LifeLock’s advertising claims were “unlawfully exaggerated” according to a legal settlement in which the company agrees to pay $11 million in restitution. Hey, if you can’t trust your ID theft protection company to be straight with you, who can you trust?

Dave Lieber, The Watchdog columnist for The Fort Worth Star-Telegram, is the founder of Watchdog Nation. The new 2010 edition of his book, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong, is out. Revised and expanded, the book won two national book awards in 2009 for social change. Twitter @DaveLieber

On Facebook, your friends could be your enemies

On Facebook, which last week bragged about its 300th million user and first-time profitability, you have “Friends.” You don’t have “Enemies.”

Or do you?

WatchdogNation.com wants everyone to learn some new Facebook terms that don’t necessarily show up in the company’s amazing corporate history.

Compromised account.Dave Lieber Facebook identity theft

Account takeover.

Account hijack.

Definition: term used to describe when an unknown scamster gains control of your account, often resulting in a fairly believable plea to your friends for money to rescue you from disaster.

That’s my definition. Feel free to rewrite in the comments.

Let me show you how it works. This research first appeared in the September 20, 2009 Fort Worth Star-Telegram, the best paper in Texas, in the Dave Lieber column.

* * *

While on Facebook recently, Gary Rifkin received an instant message from his friend Karen Cortell Reisman.

“Hey Kar, how’s it going?” he typed back.

“Not too good at the moment,” she answered.

“What’s going on?” he asked.

“I’m in a deep mess as we speak and I need your financial assistance,” she answered.

She explained that she was in London “and we got mugged at gunpoint.”

“Oh my God,” Rifkin said. “Are you okay?”

“Yes. Cash, credit card and phone got stolen. It was a brutal experience.”

“How are you going to get home?” he asked.

“That is the main problem now. I need your financial assistance.”

“How much do you need?” he asked.

“All I need is $1,300.”

“Where should I send it?”

The address was in London.

“Hang in there,” he advised, a transcript of the conversation shows.

Rifkin never sent the money. He knew he wasn’t talking to his friend but someone pretending to be her. He knew his friend was at home in Dallas.

Reisman, meanwhile, started getting frantic phone calls from friends asking, “Are you OK?”

As she told me later, “It was stunning to see how fast this grew over the course of one day.”

She calls the whole experience “the day I got hijacked on Facebook.”

Reisman uses Facebook as part of her speaking and coaching business. But she couldn’t get into her account because her password no longer worked. She tried to call Facebook’s corporate office in Palo Alto, Calif., but she couldn’t find the phone number. (Note: 650-543-4800)

She found the help page on Facebook that led to a contact form that put her in touch with the security team.

When Facebook e-mailed her a new password, she worried that it, too, was a hoax. But it wasn’t. She got her Facebook page back.

None of her friends sent money, but most called to see whether she was OK. “I was so touched by the concern of so many people,” she said.

In Facebook lingo, her account was compromised, company spokesman Simon Axten said.

Reisman has no idea how it happened. In all probability, Axten said, scammers learned her password through phishing.

That’s when a user goes to a fraudulent Web site that looks like the real thing. The person enters his or her login information, and then the crooks have what they need.

I can see how this happens. Sometimes I get an e-mail on an account that Facebook doesn’t know about. The e-mail asks me to look at Facebook photos. But I’d have to log in to Facebook. I ignore it.

The Facebook spokesman says scammers re-create e-mails that look like ones Facebook sends out. They might say that a friend has commented on your link or that you were tagged in a photo.

“We advise people to be careful when they’re clicking on e-mails, and especially links,” Axten said. “And when they do click on a link, check the URL [Web address]. If it’s not www.Facebook.com and it’s something else, most likely it’s a phishing site. Be careful.”

He suggests that when a friend claims to be in trouble, test the friend’s identity by asking key questions (“Where did we have lunch together last week?”).

The number of accounts compromised is very low, Axten said, considering that Facebook has 300 million worldwide.

“But obviously the consequences are pretty severe if someone ends up sending money. That’s a significant loss. As a result, we’re taking it very seriously, as we do any security threats.”

How?

Facebook monitors users who start sending out lots of messages or making “wall” posts. Facebook may block or disable the account until the mystery can be solved, he said.

Passwords should be complex, with a variety of letters and numbers.

Reisman changed all her passwords after her experience – for Facebook and for her bank, e-mail, other social media sites and credit cards.

Previously, she said, “I used the same password for everything because life is short and I can’t remember everything.”

Now she keeps a separate list of passwords.

Facebook isn’t as much fun for her now.

“It’s left a bit of a bad taste in my mouth,” she said. “But Facebook came through, in my opinion, because they really did react to the problem in a fairly quick manner.”

Do you use the same password for multiple accounts? Or simple passwords, easy to figure out, like the name of your dog?

Remember that the best password is a combination of letters, numbers and punctuation marks. Always be careful when entering it into any e-mail that is sent to you.

And please feel free to share your detailed stories about similar problems – along with suggestions about how we can protect ourselves in the comments below.

* * *

Learn more about protecting yourself in the national-award winning book about social change, Dave Lieber’s Watchdog Nation: Bite Back When Businesses and Scammers Do You Wrong. Visit www.WatchdogNation.com.


Facebook Protection TIPS


– Be suspicious of friends who ask for money. Test their identity. Ask others who know them to verify any questionable situations that arise.

– If you see something suspicious on a friend’s account, go to the help link on the lower-right corner of a Facebook page and report it to the Help Center.

– Learn about security tips at www.facebook.com/security.

– Choose a strong password and don’t use it for other Web accounts.

– Use an up-to-date Web browser that offers anti-phishing features.

– Run anti-virus software on your computer.

– Reset your Facebook password if you suspect that your account has been compromised.

– Become a fan of Facebook at www.facebook.com/facebook to get the latest security announcements.

Source: Facebook

My identity disappears … again

Like many of you, The Watchdog recently shopped for lower credit card rates. But I ran into an unexpected problem.

I got rejected for a new credit card.

Not because of my credit score. Instead, I was rejected because I hadn’t bought anything on credit since 2003.

Only that’s not true.missing-identity

As I first reported in the Aug. 7 Fort Worth Star-Telegram,  a credit card company told me to take a hike because I had “insufficient credit history.” The company learned this from Equifax, one of the three major credit bureaus.

When I protested that I have a mortgage, have made regular car payments and pay regularly on other credit accounts, the company told me to take it up with Equifax.

So I ordered my credit report from Equifax and braced myself. As a victim of identity theft in December, I’m not surprised by anything.

Sure enough, the Equifax report showed that I had stopped engaging in any financial activity whatsoever after 2003. Ridiculous.

Mine is what a credit report must look like for someone who dies, goes to prison, or swears off credit forever and now lives under a bridge somewhere.

Whatever the problem, until it was fixed, I couldn’t open a new credit line with any borrower who relies on Equifax for information. (The two other major credit bureaus, TransUnion and Experian, did have accurate information about me.)

I’m not alone.

Consumer groups say credit reports are rife with inaccuracies, and these mistakes are hard to correct.

“When consumers have a problem with credit reporting agencies, good luck getting it fixed,” said Ira Reingold of the National Association of Consumer Advocates.

The reason, according to a report by the National Consumer Law Center: “Workers [for credit bureaus] don’t examine documents, contact consumers by phone or e-mail, or exercise any form of human discretion in resolving disputes.”

The law requires credit bureaus to provide the maximum level of accuracy for consumers, but that doesn’t always happen, Reingold says. Consumers sometimes have to sue the bureaus to clean up their reports.

What is the accuracy rate? Nobody knows. The leader of the trade association for credit bureaus, the Consumer Data Industry Association, told Congress two years ago that the industry has about a 2 percent error rate.

The National Consumer Law Center says the inaccuracy rate could be as high as 25 percent.

Bad information hurts people. Credit reports are widely used to check a consumer’s eligibility for credit, employment, insurance and rental housing. Errors in a consumer’s report can result in a denial of those benefits or higher costs, the Federal Trade Commission says.

A new FTC rule, announced last month, will require companies that provide information to credit bureaus to investigate complaints about incorrect information. The rule goes into effect in July 2010. Until then, credit bureaus are supposed to investigate.

A pilot study conducted by the federal government showed that most consumers who found errors were able to get them fixed, says Rebecca Kuehn, assistant director for the FTC’s Division of Privacy and Identity Protection.

The FTC is going to sponsor another study and, ultimately, make recommendations to Congress about how to ensure greater accuracy, she told me.

Rather than contact Equifax myself, I decided to test the identity theft protection service I had hired after my ID theft problem last year. Debix.com promises to restore your credit in the event of any problems. The Austin-based company charges $9.95 a month and has 400,000 customers.

“We’ve never seen anything like this before,” Debix Vice President Julie Ferguson said of my case. Paul Rendsland, a licensed private investigator with Debix, was assigned to my case. He collected my paperwork and sent it to Equifax. But the problem wasn’t resolved immediately, so Debix stepped it up.

“We have a good relationship with all three credit bureaus,” Ferguson said. “So we called one of the executives at Equifax and asked them to call you.”

Dinah Watson of Equifax’s consumer affairs office called me and said she fixed the problem. When I asked her what happened, she explained that I had used my full middle name on some credit applications and only my middle initial on others. Equifax, she said, split my credit history into multiple files and didn’t provide all of them to the credit card company. She made it sound like it was my fault.

That sounded peculiar. What about my Social Security number? And my address? My date of birth?

“That’s not a good explanation,” Atlanta lawyer Steven H. Koval said when I told him about it. Koval sued Equifax on behalf of a client who spent two years unsuccessfully trying to correct her credit report.

Jennifer Costello, an Equifax spokeswoman, later told me that customers should contact the credit bureau and work to resolve problems. Equifax is sending me a credit report and my credit score as a consolation.

When that report arrives, I’m going to hunt for more errors.

Action plan

Order a free credit report each year from annualcreditreport.com.

When errors are found, request an investigation by the credit bureau in writing – not by phone or online. Send along documentation by certified mail, return receipt requested.

Notify the company that furnished the incorrect information as well.

If unsuccessful, consider hiring a lawyer who specializes in credit report errors. Go to www.naca.net to find them.

Learn your rights by reading the Fair Credit Reporting Act.