You can’t help but wonder, if the U.S. Defense Department can be hacked and attacked from the inside-out,  just how safe is the personal data belonging to the average U.S. citizen?

Here are 10 tips from the Better Business Bureau to help keep you safe online not just during the holidays, but all year long.

The BBB offers this advice:

1. Protect your computer – A computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software and a secure firewall.

2. Shop on trustworthy websites – Shoppers should start with BBB to check on the seller’s reputation and record for customer satisfaction. Always look for the BBB seal and other widely-recognized “trustmarks” on retailer websites and click on the seals to confirm that they are valid.

3. Protect your personal information – BBB recommends taking the time to read the site’s privacy policy and understand what personal information is being requested and how it will be used. If there isn’t one posted, it should be taken as a red flag that personal information may be sold to others without permission.

4. Beware of deals that sound too good to be true – Offers on websites and in unsolicited e-mails can often sound too good to be true, especially extremely low prices on hard-to-get items. Consumers should always go with their instincts and not be afraid to pass up a “deal” that might cost them dearly in the end.

5. Beware of phishing – Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the “buyer” into revealing financial information. If a consumer receives such an e-mail, BBB recommends picking up the phone and calling the contact number on the website where the purchase was made to confirm that there really is a problem with the transaction.

6. Confirm your online purchase is secure – Shoppers should always look in the address box for the “s” in https:// and in the lower-right corner for the “lock” symbol before paying. If there are any doubts about a site, BBB recommends right-clicking anywhere on the page and select “Properties.” This will let you see the real URL (website address) and the dialog box will reveal if the site is not encrypted.

7. Pay with a credit card – It’s best to use a credit card, because under federal law, the shopper can dispute the charges if he or she doesn’t receive the item. Shoppers also have dispute rights if there are unauthorized charges on their credit card, and many card issuers have “zero liability” policies under which the card holder pays nothing if someone steals the credit card number and uses it. Never wire money and only shop locally on sites like Craigslist.

8. Keep documentation of your order – After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail – BBB recommends saving a copy of the Web page and any e-mails for future reference and as a record of the purchase.

9. Check your credit card statements often – Don’t wait for paper statements; BBB recommends consumers check their credit card statements for suspicious activity by either calling credit card companies or by checking statements online regularly.

10. Know your rights – Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the goods aren’t shipped on time, the shopper can cancel and demand a refund. There is no general three-day cancellation right, but consumers do have the right to reject merchandise if it’s defective or was misrepresented. Otherwise, it’s the company’s policies that determine if the shopper can cancel the purchase and receive a refund or credit.

From our family at Penn and Associates to yours,  enjoy this Christmas holiday season. Expect bigger things from this blog in 2011 !

Predictably, early  responses to the Forbes article were swift and scathing. The reality is that despite the fact that fewer people  are exposed as a result of any given breach, the actual number of adult victims of financial fraud has not gone down over the past 5 years, it has gone up. Way up.

A 2010 Javelin Strategy & Research report reveals that the number of U.S. adult victims of identity fraud has grown from 8.9 million in 2005 to 11.1 million in 2009.

According to the Identity Theft Resource Center, the number of breaches is difficult if not impossible to nail down with certainty because of  loose reporting requirements in many states. There are many states which legally do not allow public access to reported breaches.

The ITRC reports:

• paper breaches account for nearly 26% of known breaches (an increase of 46% over 2008)
• business sector climbed from 21% to 41% between 2006 to 2009, the worst sector performance by far
• malicious attacks have surpassed human error for the first time in three years
• Out of 498 breaches, only six reported that they had either encryption or other strong security features protecting the exposed data

The Forbes article correctly points out that breaches the size of the one suffered by Heartland Payment  Systems are quite rare. Heartland’s single breach exposed 130 million records from over 600 entities.

Analogies always break down at some point however, the fire insurance analogy works here. Despite the fact that mortgage companies require the purchase of fire insurance, everyone buys it hoping they will never have to make a claim or use it.  So it is with identity theft products.

Identity theft blogger Denise Richardson explains:

“Americans are accustomed to the idea of purchasing a hedge against something that might happen. Why is it, then, when it comes to identity theft, some people are still saying that protection is unnecessary?

Many consumers are still in the dark about the latest dangers, scams and techniques criminals now use to commit fraud.

Today’s criminals buy, sell, trade and barter personal data on more than 10,000 underground chat rooms. And today’s identity theft protection services have much more to offer than they did just a few short years ago. They utilize the same sophisticate(d) technology to scan public databases, peer 2 peer networks and the very chat rooms where criminal(s) work selling and buying our data.  I can’t do that for myself, and neither can the average consumer.”

Although many identity theft protection firms offer the cool and often pricey chat-room monitoring feature, the real value for victims is found in the underlying resolution services found in most plans.

Because we cannot predict just how complex or time-consuming a financial, medical or criminal identity attack might be, it makes sense to partner with a resolution expert on the other side of the firewall.

Another reason for consumers to consider partnering with a reputable identity theft protection firm is that we cannot control the actions of the businesses and government agencies who hold our information on their servers and inside their portable devices.

Who are you gonna call when a foreign hacker decides to set your wallet on fire, invade your life, steal your assets and ruin your reputation?

Hint: Don’t call anyone at Forbes.

“A man charged in an identity theft scheme has been accused of killing two of his victims.

An indictment unsealed Thursday in federal court in Brooklyn charges Dmitriy Yakovlev in the murder of a missing Russian-language translator. He’s also accused of killing a man whose remains were found in New Jersey in 2006.

Yakovlev and his wife were already facing charges they used a credit card with the missing translator’s name to go on shopping sprees. Last year, the FBI searched the basement of the couple’s Brooklyn home for the victim’s body, but never reported finding anything.

The indictment added charges alleging Yakovlev also stole the identities of two men who disappeared in 2003 and 2005, and that he killed one of them.

There was no immediate response to a message left with Yakovlev’s attorney.”

This tragic story underscores the urgent need for each of us to become and  remain smaller targets for ID thieves.

“How do I become a smaller target” you ask?

You become a smaller target by establishing and maintaining your own financial literacy about safeguarding personal information. This ensures that you will be a smaller target for both the opportunistic  amateurs and the career criminals.

Make no mistake. The financial safety habits you develop now could literally save your life in the future.

Read more: http://www.nypost.com/p/news/local/brooklyn/prosecutors_identity_theft_victims_AITfK5UoqA0eBK29NhMotL#ixzz0hTWbDusQ

According to the story published on Webwire: “The research, conducted with the latest Unisys Security Index, also confirms that most people are much more worried about their financial security, which saw a 12 percent spike when compared to results polled in September 2008. 

This concern now ranks as Americans’ number one security fear for the first time since Unisys began the global study in 2007. Conversely, the current data also shows the lowest level of concern about national security issues among U.S. consumers.”

The Webwire story goes on to report that more than two thirds of Americans are extremely worried or very concerned about other people obtaining and using their credit or debit card details, with 90 percent at least somewhat concerned.

The better news is that most of the identity theft strategies I’ve written about for some time now, can still protect consumers even in an age of unparalleled financial uncertainty.

By protecting your personal, private and proprietary information, you can still mitigate the effects of our current financial crimes tsunami. By guarding your credit and debit card numbers, bank account numbers, social security numbers, checking account numbers, pin numbers, passwords and computer files……you take away the match sticks that could ignite into to a personal financial firestorm.

None of these methods (including credit monitoring services) are guaranteed to prevent your information from falling into the wrong hands. Careful monitoring of billing and banking statements, credit reports and other financial and medical records will keep you positioned to spot a potential problem.The businesses we frequent also have a responsibility to protect our data and our dollars.

The Unisys study goes on to report: “Banks and businesses need to understand that customers are more wary than ever about using services that may compromise their personal data. If economic concerns increase these fears, companies need new strategies to strengthen customer confidence through accountability and transparency, which also plays to part of the Obama administration’s call to action for government and business.”

The fear gripping our economy is understandable, but we can take proactive steps to minimize our exposure. As a last resort, we can all just repeat this prayer:

“Lord, defend me from my friends; I can account for my enemies.” — Charles DHericault