Warning! Watch Out for Alleged IRS Emails Related to Economic Stimulus Checks

The FBI is warning consumers about recent spam e-mails allegedly from the IRS regarding Economic Stimulus Checks. These emails are actually phising attempts to get your personal information. The emails are suggesting that the fastest way to obtain your check is by direct deposit and then requests you to fill in your personal information, including your bank account information.   

The FBI warning included parts of the email:

“Over 130 million Americans will receive refunds as part of President Bush’s program to jumpstart the economy. Our records indicate that you are qualified to receive the 2008 Economic Stimulus Refund. The fastest and easiest way to receive your refund is by direct deposit to your checking/savings account. Please follow the link and fill out the form and submit before May 10th, 2008 to ensure that your refund will be processed as soon as possible. Submitting your form on May 10th, 2008 or later means that your refund will be delayed due to the volume of requests we anticipate for the Economic Stimulus Refund.

To access Economic Stimulus refund, please click here.”     

Of course, if you then clicked there, it would take you to a site that may have looked like it was the IRS, but would just capture your personal information, and soon your bank account could be emptied!

Be careful of any emails allegedly from the IRS, even if they look official. The IRS does NOT send citizens emails, especial emails requesting personal information.

http://www.fbi.gov/pressrel/pressrel08/irsalert050808.htm

Makes You Think…What am I Not Thinking About?

This is a story out of the UK to make you think.  A traveler discarded his British Airways boarding-pass stub in the trash. It only showed his name, flight,  seat number and frequent-flyer number.  Unfortunately, that was plenty enough information to commit Identity Theft. 

Luckily, the person who picked it out of the trash was just testing to see how easy it was to find out information on the traveler. With the help of a computer expert, they logged onto the British Airways website, bought a ticket in the traveler’s name and entered the frequent flyer number from the discarded airline stub which gave them full access to all his personal details- including his passport number, date of expiration, his nationality and DOB. They never had to even guess at a password. 

Using this information, they then surfed the web of all the publicly available databases available and, within 15 minutes, found out where he lived, who he lived with, where he worked, which schools he went to and how much his house was worth.  They were able to get full access to all his personal details- just from a discarded boarding-pass stub.  Makes you think, doesn’t it? Are you protected for those things you don’t even think about?  http://www.myidentitytheftshieldsite.com 

http://news.carrentals.co.uk/boarding-passes-and-identity-theft-3422122.html

 

What Personal Information am I Required to Give to Merchants When Paying by Credit Card?

You know the situation. You are purchasing an item in a store and you give the sales clerk your credit card. The sales clerk now wants to see your driver’s license to prove that you are you and writes down your DOB and driver’s license number. Do you have to give them that information? After all, the clerk now has your credit card number and with the information on your driver’s license, they probably have enough information to perpetrate an identity theft. 

If asked, you can refuse to provide additional information. If a merchant asks you for information and you refuse, they can not deny you the sale just because you do not want to produce your personal information. (Sorry, if you are under 21, you can’t use this rule to get around producing ID for alcohol purchases…). So, you have every right to just produce your credit card and not produce any further identity. There are a few exceptions (like if your card is unsigned) but this is basically the rule. (See  section 9.11.2 for Mastercard’s policy: http://www.mastercard.com/us/wce/PDF/MERC-Entire_Manual.pdf, and page 29 for Visa’s policy: http://usa.visa.com/download/merchants/rules_for_visa_merchants.pdf

On the other hand, I personally want the merchant to see my ID so that someone can’t use my credit card without further proof. I have signed all my credit cards (ALWAYS sign your cards whether you add this or not), and added “See ID” on the back. While the merchant is not required to comply with my request, to me, as long as they are not writing down the information, I would rather have them see a picture of ME (and not the ID thief) with the comparisons of names. But the choice is up to you! 

 

What Do You Do If Your Identity Is Stolen?

If you do not have an Identity Theft protection plan in place and you find out your identity has been stolen, there are several steps that you should take immediately.

Remember, it is very important that you keep records of the time and date of all the steps you take, details of any conversations you have, and copies of any letters you write or forms you file, because you may need to produce them later.

1. Place a Fraud Alert on Your Credit Reports. Review Your Credit Reports.

To help prevent any further new accounts from being opened in your name, call any one of the three consumer repositories below–you only need to call one; they are required to call the other two–to place a fraud alert (good for 90 days, although under certain circumstances you can file an extended fraud alert which lasts 7 years). Make sure you receive a confirmation from the company. This fraud alert requires creditors to follow certain rules before they extend new credit or change existing credit.

Equifax: 1-800-525-6285; www.equifax.com
Experian: 1-888-397-3742; www.experian.com
TransUnion: 1-800-680-7289; www.transunion.com

After you have placed a fraud alert on your file, you are entitled to order one free copy of your credit report from each repository (different from the one free credit report you get annually). Check these reports very carefully for new accounts, or inquiries from companies you never contacted, or debts that are not yours. You will need to deal with any incorrect information immediately.

Some states allow you to place a credit freeze that will prevent third parties from accessing your credit report. However, a freeze does not protect current accounts from being accessing by thieves or from someone opening a new account where a credit check is not done before hand.

2. Close out Your Accounts that Have Been Improperly Accessed.

Call the fraud departments of each company where there are new or changed accounts and ask them to close these accounts. Make sure you follow up with a written confirmation and supporting documentations (police report or FTC complaint). Request that the companies send you confirmation that the accounts have been closed and that the fraudulent debts have been cleared.

3. File a Complaint with The Federal Trade Commission (FTC).

Call the FTC’s Identity Theft Hotline [1-877-IDTHEFT] or access the online complaint form at https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03 to file a complaint with the FTC. When you go and file a report with your local police department (see #4), bring a copy of this complaint and have them attach it to the police report. You can now use this report to help you clean up your credit report and stop the debts from reappearing, help get companies off your back when they continue to try to collect fraudulent debts, and help place an extended fraud alert on your credit report.

4. File a Report with Your Local Police Department.

Either call or go to your local police department and ask to file a report about your identity theft. Bring a printed copy of your FTC Identity Theft Complaint form and all the attached documents that you filed, and have them attach it to the report.
When they have finished making the report, request a copy for your files. This will help you fight any debts incurred in your name, or new accounts that you did not open. If you are unable to get a copy of the complaint, at least get the number of the report so you can reference it if you need to.

How Do Criminals Steal Their Information?

To an identity theft criminal, your personal information can provide instant access to your credit record, financial accounts, or other assets.  There are many ways that criminals can get your information. 

“Telephone Pretexting “.  Getting your information can be as simple as someone calling you on the phone and representing themselves as someone you normally do business with, like a local store, your doctor’s office, or your bank.  You think nothing of it and somehow, you have given them your credit card number or other information. 

Or someone allegedly from the IRS calls and says they are processing your refund and need some additional information.  Thinking only of how you are going to spend your refund, you give them the information.

“Skimming” involves using hand held computers to read and store the information encoded on the magnetic strip of an ATM or credit card when it is used legitimately.  Once stored, the information can be entered onto any other card with a magnetic strip.  This can also be done manually by anyone who has access to your credit card by just coping or memorizing your number when you hand your credit card to a business.

“Phishing” is the act of sending false emails proclaiming that they are from your bank or Ebay or PayPal, and asking you to enter your personal information to clear an alleged “problem”.  They can be as elaborate as setting up fake web sites that look just like the real ones.  

“Shoulder surfing” involves people watching you from a nearby location as you enter a credit card number or pin number. 

“Dumpster diving” is well known for people going through your curbside garbage or at your place of business to obtain copies of statements, checks, credit card offers, making it easier for thieves to get control over your accounts. With the amount of junk mail you get, you think nothing of just tossing it into the trash, including all those annoying credit card applications and other mail you are through reading.

“Unlocked mail boxes” allow thieves to intercept and redirect your mail to another location so bills or bank statements showing unauthorized withdrawals will never be seen by you until after the damage is done. 

“Keyloggers” are programs placed in your computer after someone has hacked into it which then logs your keystrokes to get your pin numbers or password which are then used to steal your identity. 

“Trojans” are programs that ride along on other applications or emails and come into your computer without your knowledge.  Once your computer is infected, a hacker can use the trojan program to open a “door” into your computer so they can access your personal files.  (Remember the Trojan Horse story?)

“Physical Theft and Stealing” People still carry around their Social Security number in their wallet, either the card itself or on identification cards (medical insurance, military cards, etc.),  or they print their driver’s license number on their checks.  Carrying more than one or two credit cards are all easy ways by criminals to obtain your information if your wallet or purse is stolen.

Not only can your purse or wallet be stolen, but laptops or other information devices that are full of personal information can be stolen. Information can be taken from your employer’s files,  hospital records, school files or any place information about you is being stored.

“Address Changing” to redirect your mail.  Or, a thief will open a new account in your name and change the address so you are not aware it exists. 

“Hacking“. With today’s technology, criminals can obtain your personal information without leaving the comfort of their own home.  They can purchase your information through online databases, or can get it illegally by hacking into either your computer or into any database that has your information already stored.

“Spyware“.  In exchange for free software or services, often times spyware, sometimes known as “cookies”, will be secretly placed into your computer.  It may be as innocent as identifying your online surfing and spending habits, sending information to marketers every time you visit a website.  Or, if it is a malicious spyware, it can gather personal information or even change your internet settings, causing a loss of your identity or crashing your computer.

Basically, anywhere you have provided information, from the earliest school, to your most recent medical visit, can be a target.

These are only some of the ways that thieves can access your personal information which once in hand, they can use to run up debts in the tens of thousands of dollars under your name, or impersonate you all to your detriment.