Archive for the ‘ID Theft’ Category:
Here on Long Island. Hacker Admits Guilt, Forfeits $1.65 million
Just over a year ago I reported on the Justice Department’s indictment of 11 “individuals” involved in an identity theft ring that targeted wireless retail networks of TJX Companies, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, and DSW, among others. They were charged for stealing over 130 million credit and debit card numbers.
Albert Gonzalez, hacker
One of those indicted was a U.S. citizen named Albert Gonzalez, age 28. Gonzalez, under arrest on one ID theft case, had been working as an informant in a second case, and was found to be criminally involved in a third identity theft ring. Over the weekend he admitted his guilt in an older case, and agreed to forfeit assets gained by crimes. Among his assets were a condominium in Miami, a 2006 BMW, various computers and laptops, a Glock 27 firearm, a Nokia cell phone, a Tiffany diamond ring and three Rolex watches.
Gonzalez was scheduled to go to trial Sept. 14 in federal court in Central Islip, N.Y. His charges included operating a fraud scheme from April through September in 2007, and hacking into computers at the corporate headquarters of the Dave & Buster’s restaurant chain where he stole debit and credit card numbers. He faces 15 years to 25 years in prison.
On the second case, Gonzalez faces as many as 35 years in prison.In that case Gonzalez and the other hackers malware and so-called “injection strings” to attack the computers and steal data. They installed “sniffer” programs to capture data “on a real-time basis” as it moved through the computer networks. They used instant messaging services to advise each other on how to navigate the systems. They also programmed malware to evade detection by anti-virus software and erase files that might detect its presence.
Subscribe to the comments for this postTruth About Email Petitions
I received the following question just last night:
I received an email telling me that email petitions and chain letters use tracking software and cookies to collect email addresses from anyone who receives that email message. I was also told that email petitions aren’t acceptable by congress like a signed petition would be. Are both these items true?
Well, the first is false, and the second is true.
Tracking Emails and Tracking Software
The only way an email can be tracked is from one sender to the first recipient. If I send an email message to a friend, it is possible for me to be notified when they open the message. If my friend forwards the message to someone else, there is no way for me to tell that has happened; nor is there any way for me to receive the email address of that second recipient, or any recipient after that. So, no, there are no tracking programs of this sort.
BUT, Remember the concept “Six Degrees of Separation”? Erase email addresses before forwarding a message
The idea of “Six Degrees of Separation” says that everyone is 6 steps away from any other person on the planet. Which in my way of thinking means that we are all six steps or less away from a spammer. The problem here being that when people forward an email message they usually leave any previous email addresses in the message, too, plus most people add new addresses of their own when they forward the message. The best practice here is after you click FORWARD and before you click SEND make sure you erase/delete any email addresses that appear within the email message. That is, just before you click SEND, read through the message and erase any email addresses you find in the message. If you don’t, you never know who in the chain knows or is a spammer.
BCC: Blind Carbon Copy Hiding Email Addresses
When you are sending an email message to multiple recipients, use the BCC or Blind Carbon Copy feature to address your message. That is, use BCC instead of TO. An, if your email software says, “At least one recipient is required in the TO field”, then put your email address in the TO field, and everyone else in the BCC field. The BCC field hides the email addresses from the recipients. When the sender uses the BCC field to address an email message, the recipients of that message will see “undisclosed recipients” in the TO field or elsewhere in the message. If you can’t find the BCC feature in your email software, contact your email service provider and have them tell you how to access it. Or you can contact Skylarking and I will help you find the feature.
Email Petitions Don’t Work
That much is true. A genuine petition requires signatures and street addresses. Anyone can type a list of names and email addresses into a petition, but there is no way for the recipient to prove or disprove that those people participated in or knew about the petition. It is best that each individual person email or contact their representative directly, and not as part of some long list of names in an email message. Additionally, you wouldn’t want to include your street address in such a petition, since you never know if that message might eventually end up in the hands of a spammer or an identity thief. After all, most acts of identity theft are performed by the victims friends, co-workers, and family members.
Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.
Free Credit Report Scams
Seen those catchy FreeCreditReport.com ads? Pretty funny, eh?
The funny part is that although it is there to allow you to see your credit report from the top three credit reporting agencies — Experian, Equifax, and TransUnion — the site is actually owned by Experian. So once you go there you will be exhorted repeatedly to sign up for one of their pay services.
On Friday, March the unlucky number day, I was surfing the Federal Trade Commission’s (FTC) web site looking for scam alerts, and I found out the following
AnnualCreditReport.com is the ONLY authorized source to get your free annual credit report under federal law.
AnnualCreditReport.com
Pretty interesting. It’s AnnualCreditReport.com, and not FreeCreditReport.com. The Fair Credit Reporting Act guarantees you access to a free credit report from each of the three nationwide reporting agencies – Experian, Equifax, and TransUnion – every twelve months.
The Federal Trade Commission has received complaints from consumers who thought they were ordering their free annual credit report, but instead paid hidden fees or agreed to unwanted services. Don’t be fooled by TV ads, email offers, or online search results. Go to the authorized source when you request your free report.
So if you’re looking for a real free credit report start by:
- Visiting www.AnnualCreditReport.com online.
- By phone, you can order your free credit report by dialing 1-877-322-8228.
- By mail you can download the Annual Credit Report Request form (PDF) from AnnualCreditReport.com and mail it to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
AnnualCreditReport.com even has their own commerical spot which pokes fun at the better known FreeCreditReport.com ads.
Best Way to Check Your Credit Report
The Fair Credit Reporting Act entitles you to a free credit report from each of the three credit reporting agencies every 12 months. Most people order all three at once, but a better approach is to spread them out or stagger them. That is, don’t get them all at once; instead, order one from one agency in January, then from a different one in May or June, and then from a different one in September or October. Then when the new year begins you can repeat the process. This allows you to montior your credit report all year round.
No matter how you request your report, you have the option to request all three reports at once or to order one report at a time. By requesting the reports separately, you can monitor your credit more frequently throughout the year.
Why should you request a credit report?
Because the information in your credit report is used to evaluate your applications for credit, insurance, employment, and renting a home, you should be sure the information is accurate and up-to-date. In addition, monitoring your credit is one of the best ways to spot identity theft. Check your credit report at least once a year to correct errors and detect unauthorized activity.
What should I look for when I review my credit report?
If you see accounts you don’t recognize or information that is inaccurate, contact the credit reporting agency and the information provider. For more information, read the FTC’s tips on how to dispute credit errors.
Lastly, if you suspect identity theft, you may need to place a fraud alert on your credit report, close compromised accounts, file a complaint with the FTC, or file a police report. Start by visiting the FTC’s identity theft website.
Check back here at Skylarking for more scam info. Next up: Free Government Grant and Economic Stimulus Scams on TV and Online. You can also watch the FTC news conference on these scams which was recorder earlier this month.
Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.
