A High Value ID Theft Target

October 1st, 2010

During a recent celebration,  I opened a gift that made me smile.  It was the new Robin Hood film starring Russell Crowe and Cate Blanchett.

We all know the premise.  Robin Hood takes from the rich and gives to the poor. Unfortunately, not all thieves are so noble. Please read on.

The Orange County Business Journal and Forbes Magazine blogger Mark Lacter recently reported on a modern story based on the classic tale of a wealthy land owner who falls prey to a dastardly thief.  In this case, the alleged crook  Moundir Kamil, decided to keep $1.4 million in loot for himself after commandeering  a large IRS tax refund check. The wealthy land owner in our modern tale is billionaire California real estate mogul Donald Bren.

According to the Orange County Business Journal:

“News of the bizarre theft went on to get national exposure as questions arose about how a 40-something suspect—who listed his occupation merely as “smoke shop” operator and looks nothing like the 78-year-old Bren—could make off with the identity and money of OC’s most prominent businessman. The refund check Kamil allegedly stole was the result of overpayment of estimated quarterly taxes by Bren. When and how the suspect managed to get the check wasn’t stated in the initial complaint, nor is it mentioned in the government’s updated charges for Kamil.”

Although authorities have not disclosed how Kamil came into posession of the check, it is clear that he was somehow able to pass himself off as the victim. Not only did he deposit the loot into a newly opened bank account, he withdrew most of it before being captured.

Thanks to an eagle-eyed prison guard who recognized surveillance photos of the culprit, the fraudster’s identity was uncovered. It seems that Kamil had previously been caught stealing from the rich.  He is not just a disappointment to Robin Hood fans, worldwide.  The parole board has to be a little embarrased and disappointed to have released a 9 time bank robber back into the general population in Sherwood Forest.


Tags: , , ,
Posted in Check scams, Financial Scams, Fraud | 1 Comment »

A Pulitzer Winner’s Identity Theft Threat

September 7th, 2010

You don’t have to be a Pulitzer Prize winning playwright to be a victim of identity theft, but there is clearly no immunity for brilliant writers either.

Educated at Brown University and the Yale School of Drama, Pulitzer winner Lynn Nottage was awakened in the early morning hours, to a flurry of alarming phone calls from concerned family and friends.

According to a report in the Brooklyn Eagle:

“Less than an hour before the call, someone hacked into Nottage’s three e-mail and Facebook accounts, sending out a cry for help after allegedly being mugged in a United Kingdom park. The e-mail blast, which said Nottage was writing “with tears in my eyes,” went out to every listserv she was on, totaling thousands of people, Nottage estimated.

This story resonates with me because our family got similar calls this past summer, from someone claiming that our son had been involved in an accident in Europe. The caller pleaded for money to be wired via Western Union.

Because our son had been to Europe just weeks earlier with a concert choir, our family members called us to make sure he was okay.  One particularly loving (but vulnerable) family member actually withdrew a very large sum of cash to wire overseas and thankfully called us prior to sending the money.

Commonly known as the “grandparents scam”, predators depend on friends and family (often grandpa and grandma) to take the bait and send the money immediately. Sadly, many do just that.

One of the more unsettling questions in our family’s case was how did these well organized criminals obtain details about our son’s travels, as well as  his contact information back at home. Scary question eh?

In another case reported by consumeraffairs.com:

The con man who convinced Edward and Irene Kellerman of Fairlawn, Ohio, that he was their beloved grandson Brian is still on the run. They wired him $3,000.

“It was the perfect set up and these people knew exactly what they were doing,” says Edward Kellerman.

The detective on the Kellerman case, Dave Zampelli, was able to track the con to Canada where he retrieved the wire transfer records and a fake id with Brian Kellerman’s name on it.

“They’re very organized. They know what they’re doing. They’re cons. They’re smooth talkers and daily they ‘re persuading victims to wire them money,” Zampelli said.

Are you curious to know which of your friends and loved ones would actually help you in your time of need? This is not the way to find out.

Posted in Financial Scams, Fraud | No Comments »

The New Face of Phishing

August 17th, 2010

In the past six months,  a dangerous new threat has emerged in the world of internet phishing. Many of us have often laughed at the crude and poorly crafted phishing explorations that often invade our in-box.

Lest any of us fall asleep at the wheel thinking we are already hip to the rather primitive  phishing tactics of the past, this one could easily  catch you in it’s insidious hooks if you don’t read on.

Known as “tabnapping”, this ploy is designed to psych you out with a behind-the-back switcheroo that literally kidnaps  open tabs and catches most savvy observers by surprise. Using an almost invisible layer of embedded JavaScript, here’s how it works.

Brian Krebs explains:

” As Mozilla Firefox creative lead Aza Raskin describes it, the attack is as elegant as it is simple: A user has multiple tabs open, and surfs to a site that uses special javacript code to silently alter the contents of a tabbed page along with the information displayed on the tab itself, so that when the user switches back to that tab it appears to be the login page for a site the user normally visits.”

In as little as five seconds, a tabbed page silently and almost invisibly changes to a seemingly familiar page (including the cute little “favicon” in the address bar) which requires you to re-enter your log-in credentials. As soon as you enter your private details,  both you and your personal information  have literally been “had”.

The best defense against this tricky new tactic is to take a time-out. What that means is whenever a site you visit “times-out” , you should take some time-out of your browsing frenzy to open a new tab and re-enter the desired URL yourself.

Most browsers including Safari, Chrome,  Firefox and Internet Explorer claim to be on the lookout for you by blocking tabnapping attack code. Researchers and hackers have both been able to sidestep many of the current blocking protections,  leaving most browsers vulnerable.

Safety dictates that you don’t log in on any tab that you  have not opened yourself. Get into the habit of opening fresh tabs whenever you enter a user-name or password.

If you forget to refresh previously opened and familiar log in pages, one day soon you could literally open up a fresh can of worms.

Posted in Data security, Financial Scams, Internet, Phishing | 2 Comments »

New “Data Passing” Scams Exposed

July 1st, 2010

What do online companies like Orbitz, Priceline and Travelocity have in common?

Nope, guess again.

All three have found themselves  in the middle of complaints about dubious business practices. The behavior in question has recently been investigated by the Federal Trade Commission on behalf of boatloads of victimized consumers.

The scam here,  refers to the practice of sharing or “passing” credit card information over to a third party at the end of a transaction without the knowledge or explicit consent of the buyer.

The retailers deny any wrongdoing.

The practice known as “Data Passing” or “Pre-Acquired Account Marketing” was the subject of a high profile, year-long investigation by the Senate Commerce Committee according to a June 22, 2010 article in the Washington Post.

According to published reports:

“In May 2009, Chairman Rockefeller launched an investigation into a set of controversial e-commerce business practices that have generated high volumes of consumer complaints. Since that time, Commerce Committee staff has been investigating three Connecticut-based direct marketing companies – Affinion, Vertrue, and Webloyalty – as well as the hundreds of online websites and retailers that partner with these three companies to sell club memberships to online shoppers. Although this investigation is not yet complete, it is clear at this point that these three companies use highly aggressive sales tactics to charge millions of American consumers for services the consumers do not want and do not understand they have purchased.”

Bob Sullivan from MSNBC.com  also reported that the problem has triggered an astounding $ 1.4 billion in unauthorized charges onto the credit card bills of  30 million Americans.

Senate investigators revealed that this practice was used by over 450 e-commerce websites and retailers. Many of the names on the list are well-known and respected companies who got around existing data-privacy and banking rules by forming partnerships and joint ventures with third parties.

Credit card issuer Visa, has taken a stand and no longer allows merchants to use the so-called “Data-Pass Marketing” on their network.

Despite Visa’s policy and after more than $1 billion dollars in “aggressive and potentially deceptive” sales tactics,  I think it would be fair to complain that the horse is already out of the barn.

Posted in Credit card fraud, Federal Government, Financial Scams | 1 Comment »

ID Theft Is Lurking In Your Computer

June 7th, 2010

Personal computing guru Steve Bass recently shared some rather eye-opening statistics in his value-packed newsletter,  Techbite.

Security vendor PC Pitstop Research analyzed just over 50, 000 computers for evidence of security threats, vulnerabilities, viruses and protection tools. Immediately, some interesting results emerged.

Can you guess what percentage of computer users have absolutely no security software installed on their machines? The answer is that a shocking 23% of us are flying through cyberspace as naked as  jay birds!

The PC Pitstop  study was looking for evidence of threats which we should all be on the lookout for such as Spyware, Malware / Rogueware and Keyloggers.

For clarity, the article defined its terms,  so there would be  no confusion about the nature or intent of each of these threats.

According to the report:

” We define spyware as the software that is unintentionally installed on the target computer. … A new growing segment of malware is rogue or phony security software.… Keyloggers are a category of software that is intended to monitor the activity of a target computer. This is a rather dangerous category since this form of malware can be used for identity theft, stalking and other ugly criminal activity.”

The good news is that Symantec, Trend Micro, Kaspersky and other leading providers are very effective in their own areas of strength,  at delivering protection from many of the most common  threats:

  • Kaspersky was rated best against rogue software
  • Symantec was best in the fight against spyware
  • Trend Micro was best against keyloggers
  • Kaspersky was best against viruses

One of the takeaways here is that not all threats can be stopped with just one form of security. Redundancy in various computer security software programs is the best way to keep the multiplying strains of threats at bay.

The underlying theme from this study is that ” no one security provider is good at protecting against all aspects of security. As the analysis suggests, each vendor has some strengths and weaknesses.”

The reality that a given threat could progress  from mischievous to menacing to malicious, is a real possibility in our data-rich daily lives.

Protect your data and assets accordingly.

Posted in Anti-virus software, Computer safety, Data security, Personal privacy | No Comments »

Cyber Battlefield In Our Own Backyard

May 6th, 2010

With the war in Iraq winding down and the war in Afghanistan heating up, many of us are unaware of the cyber-war raging on our own home turf.  If this is old news to you, stay with me.

According to a Congressional committee, attacks on the Department of Defense computer systems jumped 60 percent in 2009.

Russia, China and North Korea have all launched sustained attacks on U.S. government agencies including the Federal Trade Commission and the Department of the Treasury.

Analysts believe that security standards like the ones created by the National Institute of Standards and Technology (NIST), should be implemented immediately. According to the experts, NIST could get us 90 percent closer to where we need to be.

In Congressional testimony earlier this year, former National Intelligence Director Mike McConnell said that we could be on the brink of an all-out cyberwar. McConnell’s view has been repudiated by the current Secretary of Defense Robert Gates.

If  Moore’s law is true,  (every 24 months a dollar buys twice the amount of computing power that it did before) our enemies may be able to buy, beg, borrow or hack twice as much of our data as  they can today for the same effort.

Computer scientist Daniel Geer Jr. aptly reveals what is at stake:

” We have spent centuries learning about securing the physical world, plus a few years learning about securing the digital world. What we know to be common to both is this: That which cannot be tolerated must be prevented.”

America’s most valued, electronically stored data is being targeted. Government agencies, private think tanks and university data warehouses are all vulnerable. The enemy operates from a distance with virtually no risk of personal danger.

What defense mechanisms can we construct to prevent our data from being stolen at the speed of light?

Tags: ,
Posted in Cyberwar, Data security | No Comments »

Identity Thief Gets 300 Year Sentence

April 2nd, 2010

Who says justice is blind? Sometimes she can see pretty clearly!

In this case, a judge decided to do more than follow the letter of the law regarding sentencing guidelines. In Louisiana, the court flexed some judicial muscle and threw an entire bookshelf  at a defendant.

According to a report retrieved recently from All Headline News:

“Baton Rouge, LA,  – A man who led an identity theft and bribery scheme was sentenced to more than three centuries in prison on Wednesday.

A federal judge decided that Robert Thompson, also known as John Lawson, should serve 309 years for leading a conspiracy to use confidential financial information of over 60 individuals, businesses, churches and financial institutions to steal money and goods.

The sentence is believed to be the longest handed down to a white collar defendant in the history of the Middle District of Louisiana.

Prosecutors say the scheme began in June 2006 and included an attempt to steal $20 million from one victim. Thompson bribed a prison guard while he was an inmate at Elayn Hunt Correctional Center with $10,000 in return for cell phones he used for his crimes.

Thompson was indicted in 2008 along with 10 other people for identity theft. He pleaded guilty a year later to charges of conspiracy, wire fraud, mail fraud, bank fraud, computer fraud, access device fraud, aggravated identity theft, money laundering, and obstruction of justice.

The 43-year old from Zachary, LA, reportedly collapsed during his sentencing. He recovered in time to hear the sentence from Chief U.S. District Court Judge Ralph Tyson.”

This low life’s repeated attempts to defraud a long list of victims only goes to prove the well known maxim that “crime doesn’t pay”.  In this case perhaps for only a brief moment, crime DID pay.

The problem is that eventually we have to pay it all back.

Posted in Uncategorized | No Comments »

ID Fraud Not Just A White Collar Crime

March 7th, 2010

This chilling story from the New York Post reinforces the fact that identity theft  is not simply  a harmless white collar crime.

“A man charged in an identity theft scheme has been accused of killing two of his victims.

An indictment unsealed Thursday in federal court in Brooklyn charges Dmitriy Yakovlev in the murder of a missing Russian-language translator. He’s also accused of killing a man whose remains were found in New Jersey in 2006.

Yakovlev and his wife were already facing charges they used a credit card with the missing translator’s name to go on shopping sprees. Last year, the FBI searched the basement of the couple’s Brooklyn home for the victim’s body, but never reported finding anything.

The indictment added charges alleging Yakovlev also stole the identities of two men who disappeared in 2003 and 2005, and that he killed one of them.

There was no immediate response to a message left with Yakovlev’s attorney.”

This tragic story underscores the urgent need for each of us to become and  remain smaller targets for ID thieves.

“How do I become a smaller target” you ask?

You become a smaller target by establishing and maintaining your own financial literacy about safeguarding personal information. This ensures that you will be a smaller target for both the opportunistic  amateurs and the career criminals.

Make no mistake. The financial safety habits you develop now could literally save your life in the future.

Read more: http://www.nypost.com/p/news/local/brooklyn/prosecutors_identity_theft_victims_AITfK5UoqA0eBK29NhMotL#ixzz0hTWbDusQ

Posted in Financial Security, Violent Crime | 1 Comment »

2010 U.S. Census Creates ID Theft Vulnerability

February 13th, 2010

In March of this year, census takers will begin to thread their way across the highways and byways of our land to conduct the 2010 census.

Despite the skepticism of some,  participation is required under Title 13 of the United States Code. The same law also requires that the Census Bureau tabulate your information without revealing any of your personal data.

The government imposes very stiff fines and possible prison terms for federal employees who violate the privacy guidelines.

Allow me to call another lurking personal privacy threat to your attention. Make sure that anyone you share information with is actually from the Census Bureau!

This reminder came to my attention  from a Vice President of  Security at Austin Bank in Longview,  Texas.  (used with permission)

There has been a lot of advertisement about the 2010 Census. It is important that all people participate in the census since it is only taken every ten years. However, there are people at work posing as census takers to do one simple thing; steal the identity of everyone they can, and either use or sell the information. It is important that you protect yourself and talk to your family and friends, about protecting themselves.

Additionally, the U.S. Census Bureau has issued this statement on their website:

Census workers may need to visit your household to update the Census Bureau’s address list, deliver a questionnaire or ask you to complete the questionnaire face-to-face.  All census workers carry official government badges marked with just their name.  You also may ask them for a picture ID from another source to confirm their identity.  In addition, some census workers might carry a ‘U. S. Census Workers’ bag.  If you still are not certain about their identity, please call the Regional Census Center toll-free number to confirm they are employed by the Census Bureau.

Census workers will never ask  for your:

  • Social security number
  • Citizenship or immigration status
  • Salary or income
  • Bank account information

The reality is that their questions require much less personal information than a typical credit card application. If you would rather not answer questions at your front door, you can mail in your data.

The government says that our participation will help us to “paint a portrait of America”.

Pick up your paintbrush and let your voice be heard.


Tags: , ,
Posted in Federal Government, Federal Law, Personal privacy, Personal Responsibility | 2 Comments »

Haitian Disaster Scammers Target Donors

January 16th, 2010

Hands of HaitiAs Americans and the world respond to the urgent needs of the Haitian people, the dark deeds of evil people surface yet again.

The scammers who take advantage of disasters  such as this one by preying upon unsuspecting donors,  are already in full swing.

It has been widely reported now, that criminals have begun setting up fraudulent charities, helplines and websites in an attempt to cash in on the misery and heartache of the Haitian quake survivors.

Reuters is reporting that the FBI and The Bureau of Justice Assistance have already begun warning donors and tracking complaints during this relief effort.

Both the Asian tsunami and Hurricane Katrina shed light on the depths to which con-artists will go in order to steal both money and personal information.

The potential for technology to be used for the good of the Haitian relief effort,  can be seen and safely accessed by texting to one or more legitimate mobile-friendly sites that are now in place.

– Texting HAITI to 90999: The U.S. Department of State’s Web site suggests texting “HAITI” to “90999″ to donate $10 to the American Red Cross to help with relief efforts. The $10 will be charged to your cell phone bill. Or you can go online to organizations like the Red Cross and Mercy Corps to contribute to the disaster relief efforts.

– Texting YELE to 501501: On Twitter, musician Wyclef Jean, a native of Haiti, notes, “Haiti needs your help text YELE to 501501 and $5 dollars will go toward earthquake relief.” Yele Haiti is a grassroots movement Jean has set up to inspire change in Haiti through programs in education, sports, the arts and environment.

We Americans can be a very generous and compassionate people.  The sheer magnitude of the issues facing the world’s poorest countries like Haiti, can and are now being brought to light by the media as well as the ongoing efforts of  well established relief organizations like World Vision and Food For The Poor.

In their hour of need, Haitian earthquake survivors and relief workers must not be held hostage by opportunistic “privacy pirates”.  Shame on those who attempt to re-route essential resources away from the people of Haiti and into their own dark pockets.

Tags: ,
Posted in Financial Scams | No Comments »

« Older Entries
Newer Entries »