The bear in your campground analogy:
Perfect protection is unreachable but you can be better protected than most people with reasonable efforts. The “Bear in Your Campground” story applies here. When a bear comes into your campground, you can’t outrun the bear but you can outrun the other campers. The fact is that there is no way you can be sure to outrun the thieves either, but you can outrun the other potential victims – and that may be enough. I will try to help you make the trade-offs that work for you.
There are lots of people out there making it easy to steal their identities. You don’t want to be one of them. There is a lot you can do without major expenditures and major changes in your lifestyle. The point of this book is to teach you what you can do and let you make intelligent trade-offs yourself of security versus cost and inconvenience.
Things to do right away:
The point of this is to get you off to a fast start, positioned to better protect yourself. Some of the things you should do right away include:
Review your last bank and card statements.
Be sure all listed transactions were authorized by a family member, don’t assume. Also check to see that you are not missing the most recent statement, as that might be a sign of account takeover. List each account and card on the Account and Card Inventory Form provided in the back of this book. Include on your list your divers license and ID cards from your employer, insurers, that would have to be replaced if your wallet was lost or stolen. This form will be an important tool for detection as well as recovery.
Order a credit report.
One report from each agency per year is now free. Some people get one each four months, on a revolving basis, so that they never have to pay for a report. Some request all three or each more often. This is one of those trade-offs of protection versus expense and effort. To order, go to the Annual Credit Report Service at www.annualcreditreport.com, call them at 877-322-8228, or contact a specific credit agency:
* Equifax: 800-685-1111 or www.equifax.com
* Experian: 888-397-3742 or www.experian.com
* Transunion: 800-888-4213 or www.transunion.com
Calendar the date when you want to order the next credit report. And note which agencies are next in rotation, if you are ordering one at a time.
When I first did this I found a debt listed that had been run up by my former wife. I called the bank and got them to take it off of my credit report. As reviewing your credit report is an ongoing habit, we will discuss what to do when the report arrives in the next section.
Install a locking mailbox or get a Post Office Box.
Incoming mail can provide a thief with credit cards, applications, checks, and various identifying information. I put up the first locking mailbox in my neighborhood. It cost $60 and a little time. But when one neighbor had a box of checks stolen and another lost incoming pay and dividend checks, I wasn’t the only one for long.
When my wife went out to run in the mornings, at least once a week she noticed all the unlocked mailboxes were hanging open. One day in the park I found all of a certain neighbor’s junk mail. But not those credit card offers and nothing that resembled account statements, or other financial or government mail – those were too valuable for the thieves to toss. What was going on was that groups of teens were cruising the streets making quick grabs into unlocked boxes. They sell “interesting” items to a broker. The broker sorts out the items by type and sells groups of like items to transaction specialists. Certain thieves pass bad checks, others use deposit slips, still others specialize in cards-related frauds.
P.O. boxes may be safer, if less convenient and more expensive, another trade-off. The bear might tear into your locked mailbox, but if the other campers have open jars of honey out front, then why would he bother you?
Get gel ballpoint pens for writing checks.
A thief can take a check from your outgoing mail, remove regular ballpoint pen ink with nail polish remover (protecting the signature, of course), and have a signed blank check – on your account.
The cheapest investment you can make is to buy a gel ballpoint pen and keep it clipped to your checkbook. Gel is a newer kind of ink which cannot be removed by washing. The point is to look for the word “GEL” on the pen, buy it, and use it for all your checks.
Get a shredder.
A crosscut or confetti style is best, as strips can be reconstructed. Anything with your social security number on it or containing personal data is fair game to the thieves when it hits your garbage bag or can. “Dumpster diving” is a profitable profession.
Things you don’t want fished from your trash include bank and card statements, old taxes, voided or old checks, deposit slips, credit applications you don’t want to complete, credit offers, and those checks the credit card companies send you to initiate low interest rate loans and balance transfers.
Change poor PINs and passwords.
They should be at least six numbers and/or characters. They should not be easy to guess or based on information which might be in your wallet. The first numbers a purse or wallet thief would try are parts of your birth date, phone number, SSN, and any other key number they find in you wallet. Realize that your SSN can be accessed by a large number of people. A thief might obtain it and try different parts of it in guessing your PIN even if they don’t find it in your wallet.
There are trade-offs here too.
* Multiples – If you always use the same password it is easy to remember but people at each site have access to it. So you also might want to use a unique password on banking sites. If you use the same ID and password on many sites you are exposing them to key employees of multiple companies.
* Complexity – Complex passwords may be hard to recall and tempt you to write them down in a handy spot.
* Real or made-up – To be extra careful, you might create and use an imaginary “mother’s maiden name”, as the real one could be researched. It is on your birth certificate, for example.
Set up a password on each bank and card account.
Use your Account and Card Inventory Form as a guide to contact each bank. Once set up, the password can be used by the bank to determine it is really calling them with a transaction such as an address change or funds transfer. If the only way they can identify you is by asking for personal data, your account is exposed to any thief who has obtained your data.
Remove any PINs or passwords written in your wallet / purse.
They could be a goldmine for a thief.
Secure any PIN and password list within your home.
Don’t leave them out, in a well labelled file in an unlocked file cabinet, on your computer in an easy to find file, or on a notebook PC that could be stolen.
Protect Social Security Numbers (SSN).
Remove them from your checks, driver’s license, resume, or other documents where it is not required. My employer forced their insurance companies to take our SSNs off of our group insurance cards.
Remove unneeded IDs from your wallet, purse, and car.
This will reduce the potential damage from theft and reduce the work you will have to do if theft does occur.
Protect your PC’s
Get and run anti-spyware and anti-virus programs and firewalls. Be sure to use the encryption option on wireless networks.
Protect Yourself – Avoidance Habits to Develop and Keep
Even as you complete the initial protection steps described in the prior chapter, you also need to start practicing on-going protective habits.
Review this list from time to time.
The first habit is to learn and repeat each of the others. Put “review the good habits list” on your calendar, as a reminder, until you regularly practice each of these good habits.
Protect your outgoing mail.
Taking outgoing mail can be lucrative for the thief in many ways.
* Applications – Applications for cards or loans can be “edited” by thieves so that they get the payoff and you get the collection calls.
* Checks – A check in the outgoing mail can be as good as gold to them. Even if you used a gel pen to prevent alteration of that check, the data on your check can be used to produce (or even order) perfectly valid looking checks that can be written by the thief that will clear and post against your checking account.
* Deposits – An outgoing deposit-by-mail is a double gift to the thief. Not only can they “edit” the checks to their specifications but they can use the deposit slip too. That scam goes like this: They go into your bank (probably a remotely located branch so they aren’t recognized) and hand the teller the deposit slip along with some bogus checks they printed up on their PC or have from a nearly zero balance account out of state. Then they ask for some cash back from the deposited funds. They are usually handed the cash, since it is less that the funds already available on your account. When the deposited checks bounce back against your account, the thief has been gone for two or three days.
* Data sources – Various other sorts of mail (like car registrations, tax forms) can help the thief build a file on you which will later be used to open accounts in your name. You can count on him running up overdrafts and bad debts in your good name.
For all of these reasons, place outgoing mail only in secure mail boxes, not the office OUT box and not your personal mailbox. The big blue USPS boxes are pretty well bear-proof.
Be wary at ATMs and points of purchase
The ideal situation for a thief is to have both your card and your PIN. They will go to quite a bit of trouble to get them. If they can copy the data from the magnetic stripe on the back of the card they can create an exact copy of your card. Even with only plain white card stock they can use the magnetic stripe data to create a “white card” that will work perfectly well on an ATM, gas pump or other unmanned locations.
* Getting your PIN – Watch out for “shoulder surfing”. Be aware of anyone watching you enter your PIN at an ATM or point of purchase terminal. Some thieves even use a video camera to record your entry from a short distance or hide a camera to record and transmit your finger movements on the keypad.
* Getting your data – Your card’s magnetic stripe data can be read by one of three types of small skimmer devices.
* One is a portable device that can be taped to a waiter’s arm. They go to a private space, roll up their sleeve, swipe the card, then go about their normal business.
* Another kind is mounted under the counter. You won’t see the card swiped but it will disappear from view momentarily.
* Some thieves go so far as to install a skimmer on a bank’s ATM. These look like part of the machine but they are unauthorized “add-ons” that read the magnetic stripe on the card before passing it on to the real ATM card reader.
* Getting your card – Some thieves us a device known as a “Lebanese loop” to steal your card at the ATM. The loop is a strip of plastic they stick into the cred reader slot. Your card is caught by it and jams. After you leave in frustration the thief uses a tool to pull out the loop and your card with it.
Use safer ways to make payments.
It is safer to use credit over debit cards, as they provide better protection against fraudulent charges and their spending limit is most likely below the amount than can be taken from your deposit (checking or savings) account. Once money has been taken from your deposit account, it may take some time to resolve the issue with the bank. In the mean time you may not have access to all of your funds. A credit card balance, on the other hand, you can simply not pay if you have lodged a legitimate complaint in the right manner.
Checks are relatively easy to manipulate. Even if gel ink is used the check can be scanned, the image manipulated, then printed (including the signature). It is remarkably easy for people to order checks on your account and have them sent to an address supplied by the thief. They just say they are you and have recently moved. Many check printers do nothing to verify the identity of the person placing the order, On-line bill paying is available from most banks and is far safer. Once you get used to it you will probably find it more convenient as well. Just be careful with your on-line ID and password.
Now obviously there are other kinds of risks in the world that need to be considered. Over use of credit cards, without regular full payments of the balance, can be a problem. To address this, some families use one card for debt and another for routine purchases. They look for a low-interest card for the first purpose and pay off the other each month, without exception.
Close old accounts.
An amazing number of accounts are sitting around the country in an inactive status. These are prime targets for the thief. If they send in or call in a change of address for the account they are set to strike. They can then run up a card balance, get checks printed and overdraft a deposit account, and set up new accounts related to the original.
After you try to close an account, note it on your Account and Card Inventory Form but don’t remove it until you see a credit report listing it as closed. It once took me five trys to get a card issues to actually cancel my card account.
Establish good habits for new accounts.
Ask what the statement date will be. Establish passwords when you set up the account, as described in Chapter 2. Add new accounts to the Account and Card Inventory Form as soon as you get them. Watch for the first statement and review it carefully.
Avoid common mistakes
Doing the things described above is important. But it is equally important that you avoid common mistakes.
* Don’t give out data – Incoming-phone calls or e-mail can be a source of data to the thief. They can later use that data to pretend to be you while on the phone to a bank, check printer, or loan company. Once they are accepted as you, they can run any number of scams:
* Take over your account by changing the address of record. They can then transact without your finding out about the activity.
* Set up a new account, card, or loan and link it to the existing accounts. They then are positioned to make transfers as well as play on your good credit.
Another form of thief’s data request is “phishing” e-mails. These can seem to be from your bank, card company, brokerage, or other trusted financial institution. They send you to an apparently valid web site that asks for your ID and PIN data. They can be very realistic, with your bank’s logo, the look and feel of their web site and even seem to have taken you to the familiar site.
Don’t ever provide ID or PIN’s as a response to e-mails or calls. Call the bank and report the e-mail. Go to your bank’s Web site only in your usual manner, by typing in their URL or clicking from your browser’s Favorites or Bookmarks list.
* Don’t leave data around – Don’t leave the customer copy of a charge slip on the table after paying for a meal or making a store purchase. Although the law now requires that only the last digits of your card number appear on the slip, some older systems are still out there which have the whole card number. This applies also to carbon copies and the carbon sheets themselves.
*Don’t write your PIN or password on anything that isn’t very secure. This includes your house or unsecured PC file.
* Don’t use your SSN unnecessarily – Don’t put your SSN on your checks, driver’s license, resumes or anything else, if you can avoid it. Don’t give it out unless absolutely necessary. It is legally required in relation to any taxable income source. Merchants may not choose to grant you credit if you do not reveal it, it’s your choice (and theirs) in that case. Some people make up a number. This ploy has risks that the number will be found to be invalid or, worse, that the number belongs to someone else. The other person may not have good credit or may even be wanted by law enforcement. You don’t want to appear to be an ID thief yourself.
*Don’t ignore early signs – A common mistake is to take lightly the early signs of identity theft. The quicker it is caught, the sooner it will be resolved and at the least cost in effort and dollars. That is the subject of the next chapter.
This article is from a larger workbook available at www.yourIDsite.com
Copyright Jim G. George
