Language Selection

English French German Italian Portuguese Spanish

Don't Let Data Theft Happen to You

Filed under
Security

ABOUT two weeks ago, I was alarmed by a phone message from my bank alerting me to some "unusual activity" on my debit card. Unusual wasn't the word. Someone had gone on a shopping spree - $556.46 and $650.81 at one store, $264.99 and $300 in charges that were pending at another - and none of it was mine.

My debit card was still in my wallet. I hadn't used it in days. The bank said thieves might have created a counterfeit card. Someone - a store clerk, waiter, whoever - could have used a card reader to harvest the information imbedded in the magnetic strip to create a fake one. The bank assured me the debit account was closed and the thieves no longer had access to my cash - but who could be sure? How much of my personal information did these thieves get?

Between bouts of tears and frantic phone calls to my bank, I became obsessed with what I might have done to prevent this.

UNFORTUNATELY, although there are steps you can take to protect yourself - and you should - there are no guarantees. "You cannot protect yourself completely," said Edmund Mierzwinski, consumer program director at the U.S. Public Interest Research Group in Washington. "The best thing you can do is react swiftly if it does happen."

Besides the standard advice to shred personal documents, following are some tips I found useful:

Full Article

Ironic

Ironic, an article about Identity theft requires me to willing give up some of my identity to read the article. Sure I could make up a user profile, or use bugmenot, but instead, I choose not to support them in any way, shape, or form. I don't need (at least yet) to show photo ID to purchase their overrated rag, why do I need the equivalent to read their stuff on-line?

re: yeah baby - here's the rest of it

¶Avoid letting your cards out of your sight. Do not let store clerks take your card away on the pretext that there's a "problem."

¶Restrict the access to your personal data by signing up for the National Do Not Call Registry (www.donotcall.gov); remove your name and address from the phone book and reverse directories - and, most important, from the marketing lists of the credit bureaus to reduce credit card solicitations. The site www.optoutprescreen.com can help.

¶Consider freezing your credit report, an option available in a growing number of states. Freezing prevents anyone from opening up a new credit file in your name (a password lets you gain access to it), and it doesn't otherwise affect your credit rating.

¶Protect your home computer with a firewall, especially if you have a high-speed connection.

¶Rein in your Social Security number. Remove it from your checks, insurance cards and driver's license. Ask your bank not to use it as your identification number. Refuse to give your Social Security number to merchants, and be careful even with medical providers. The only time you are required by law to give your number, Mr. Mierzwinski said, is when a company needs it for government purposes, like tax matters, Social Security and Medicare.

¶Curtail electronic access to your bank accounts. Pay bills through snail mail. Avoid linking your checking to savings. Use a credit card for purchases rather than a debit card. Although I was able to get all $1,772.26 reimbursed, I was lucky. While individual liability for fraudulent credit card purchases is only $50, it can be higher for debit cards: up to $500 or even all the money in your account in some cases.

These and other preventive steps may help, but people really can't safeguard their money and their data on their own. Robert Douglas, the chief executive of PrivacyToday.com, a privacy advocate, believes that this is not an issue of consumer responsibility but of corporate negligence. "These companies are trying to tell people it's their fault, but the largest breaches have been within the financial services industry itself," Mr. Douglas said.

Mr. Douglas and Mr. Mierzwinski say that shredding documents is fine, but calling your state and local representatives is better. "Companies have refused to give consumers control over their financial DNA and they've refused to take responsibility for their actions," Mr. Mierzwinski said. "What will stop identity theft are stronger notification laws and stronger penalties, which we don't have now."

----
You talk the talk, but do you waddle the waddle?

yeah baby...

My thoughts exactly...from the ny times to a myriad of others...I simply refuse and write them to 'splain why. and we wonder why we end up on so many mailing lists and get so much spam. Oh, we won't sell your information. yeah right.

helios

re: ironic

I'm sorry guys, I forgot that it was sign up for site. Sad I usta try to post the whole thing and just give it a "source" link, but I got to where I forget which ones is which now. Sorry. I used to hate that too!!! But I signed up with a few of them since starting this site.

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Thousands of FedEx customers' private info exposed in legacy server data breach

    Uncovered by Kromtech Security Center, the parent company of MacKeeper Security, the breach exposed data such as passport information, driver's licenses and other high profile security IDs, all of which were hosted on a password-less Amazon S3 storage server.

  • Correlated Cryptojacking

    they include The City University of New York (cuny.edu), Uncle Sam's court information portal (uscourts.gov), Lund University (lu.se), the UK's Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner's Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), plus a shedload of other .gov.uk and .gov.au sites, UK NHS services, and other organizations across the globe.

    Manchester.gov.uk, NHSinform.scot, agriculture.gov.ie, Croydon.gov.uk, ouh.nhs.uk, legislation.qld.gov.au, the list goes on.

  • Facebook using 2FA cell numbers for spam, replies get posted to the platform

    Replies ending up as comments appears to be a bizarre bug, but the spamming seems intentional.

  • Swedish Police website hacked [sic] to mine cryptocurrency

    Remember now, it is a Police Force that allowed their website to be hijacked by this simple attack vector. The authority assigned to serve and protect. More specifically, the authority that argues that wiretapping is totally safe because the Police is competent in IT security matters, so there’s no risk whatsoever your data will leak or be mishandled.

    This is one of the websites that were trivially hacked [sic].

    It gives pause for thought.

    It also tells you what you already knew: authorities can’t even keep their own dirtiest laundry under wraps, so the notion that they’re capable or even willing to protect your sensitive data is hogwash of the highest order.

  • New EU Privacy Law May Weaken Security

    In a bid to help domain registrars comply with the GDPR regulations, ICANN has floated several proposals, all of which would redact some of the registrant data from WHOIS records. Its mildest proposal would remove the registrant’s name, email, and phone number, while allowing self-certified 3rd parties to request access to said data at the approval of a higher authority — such as the registrar used to register the domain name.

    The most restrictive proposal would remove all registrant data from public WHOIS records, and would require legal due process (such as a subpoena or court order) to reveal any information supplied by the domain registrant.

  • Intel hit with 32 lawsuits over security flaws

    Intel Corp said on Friday shareholders and customers had filed 32 class action lawsuits against the company in connection with recently-disclosed security flaws in its microchips.

  • The Risks of "Responsible Encryption"

    Federal law enforcement officials in the United States have recently renewed their periodic demands for legislation to regulate encryption. While they offer few technical specifics, their general proposal—that vendors must retain the ability to decrypt for law enforcement the devices they manufacture or communications their services transmit—presents intractable problems that would-be regulators must not ignore.

  • Reviewing SSH Mastery 2nd Ed

    It’s finally out ! Michael W Lucas is one of the best authors of technical books out there. I was curious about this new edition. It is not a reference book, but covers the practical aspects of SSH that I wish everybody knew. Rather than aggregating different articles/blogs on SSH, this book covers 90% of the common use cases for SSH that you will ever encounter.

Android Leftovers

Amazon Linux 2 - Who nicked my cheese?

So far, it's a relatively benign, easy introduction to a new operating system that blends the familiar and new in a timid package. Perhaps that's the goal, because a radical offering would right away scare everyone. Amazon Linux 2 is an appealing concept, as it gives users what Red Hat never quite did (yet) - A Fedora-like bleeding-edge tech with the stability and long-term support of the mainstay enterprise offering. But then, it also pulls a Debian/Ubuntu stunt by breaking ABI, so it will be cubicle to those who enjoying living la vida loco (in their cubicle or open-space prison). Having lived and breathed the large-scale HPC world for many years, I am quite piqued to see how this will evolve. Performance, stability and ease of use will be my primary concerns. Then, is it possible to hook up a remote virtual machine into the EC2 hive? That's another experiment, and I'd like to see if scaling and deployment works well over distributed networks. Either way, even if nothing comes out of it, Amazon Linux 2 is a nice start to a possibly great adventure. Or yet another offspring in the fragmented family we call Linux. Time will tell. Off you go. Cloud away. Read more

Updates From OpenIndiana and LibreOffice (Projects That Oracle Discarded)

  • Migration to GCC 6.4 as userland compiler
    Modulo some minor details, the transition of our userland to GCC 6 is complete.
  • OpenIndiana Has Upgraded To The GCC 6 Compiler
    The OpenSolaris/Illumos-based OpenIndiana operating system has finally moved past GCC 4.9 as its base user-land compiler and is now using GCC 6.4. This comes while GCC 8.1 should be officially released in the next few weeks and they are already targeting GCC 7.3.0 as their next illumos-gate compiler.
  • LibreOffice 6.0 Open-Source Office Suite Passes 1 Million Downloads Mark
    The Document Foundation announced recently that its LibreOffice 6.0 open-source and cross-platform office suite reached almost 1 million downloads since its release last month on January 31, 2018. That's terrific news for the Open Source and Free Software community and a major milestone for the acclaimed LibreOffice office suite, which tries to be a free alternative to proprietary solutions like Microsoft Office. The 1 million downloads mark was reached just two weeks after the release of LibreOffice 6.0, which is the biggest update ever of the open-source office suite adding numerous new features and enhancements over previous versions.