Tag Archives: identity theft

Have You Used Your Credit Card at Target or Home Depot?

Another week brought another massive data breach. Three weeks ago, hackers got into Home Depot main computer and managed to steal information on 56 million credit cards. That was just the latest – but also one of the biggest, breaking the Target data breach of 40 million earlier this year. To paraphrase a quote from the FBI: It’s like having 15,000 bank robberies that can be done from someone’s basement. Plus, it’s a lot more lucrative, and the odds of getting caught or prosecuted are minute.

The crooks installed malware into the Home Depot system and were then able to download all the history of credit cards and transactions. Shame on Home Depot, because it was the same way it was done at Target. They didn’t learn the lesson, or didn’t learn it fast enough. I did learn something: I wasn’t sure retailers were really that interested in protecting their information. But it turns out that they are. Target has spent over $110 million since the breach on fixing the leaks and customers don’t trust them anymore as their sales are down five percent since then. That’s a staggering amount.

And a week ago, JPMorgan Chase was hacked over a two week period impacting 83 million of their customers. The PR speak right now is that they are “not aware” of any confidential client information having been hacked….in other words: they don’t really know yet. Gees, you’d think that if I broke into your house you’d notice it in less than two weeks!

Most people tend to be in two camps on these data breaches: They either get really freaked out, or they’re complacent and just don’t seem to care. In Canada, we’re luckier than our friends south of the border. Our credit cards all have the chip technology. Since a couple of years ago, when you use your credit card, you’ll need to enter a PIN in order to get the transaction through. So for us, it’s OK to not worry. What the thieves stole was a one-off transaction for what you bought at Target, Home Depot, or other stores that have been hacked. That transaction went through, so the information is of little interest to the thieves.

You should always look through all of your credit card transactions. That’s just common sense and just a good precaution against any charges that aren’t yours. If you find any, you’re never liable. Just call the 800 number on the back of your card and the charges will be removed and you’ll be issued a new card.

Thieves steal credit card information in order to make a duplicate card that they can then use in stores to mostly buy electronic stuff or gift cards – anything they can readily re-sell or fence and turn into cash. The other way is to sell these card numbers to other crooks. I bet my American Express is for sale on a bunch of the crooks’ chat rooms as I’ve certainly used it at Target, Home Depot, Marshalls, and a number of other store chains that have been hacked.

Stealing credit card numbers in the U.S. is easy and very profitable for the crooks. In the U.S., card holders there should freak. The U.S. still uses credit card technology that was developed in the 1960s. Swipe and sign and that’s it. No PIN means crooks have a credit card they can use over and over, and not just a one-off transaction.

The big advantage U.S. citizens have is that they can freeze their credit reports. If crooks can’t access your credit files, they can’t commit identity theft and borrow money as if they were you. That’s something that’s long overdue in Canada and would eliminate close to 99% of identity theft.

An iTunes Scam and Gift Cards Heads Up

Phishing scams are junk e mails that tell you you’ve won something or you need to click on an e mail because your paypal, credit card, or bank account has been frozen. The crooks want you to click through and divulge some personal information and they can then get into your credit card, bank account, or commit identity theft.

A really nasty one started this morning, because I just received it. You need to pass this on: It’s an e mail from the Apple iTunes Store that shows up as a receipt for two purchased movies for $36.98. Just below the receipt it states: If you haven’t authorized this transaction, click below for a full refund. And millions of people will click before thinking.

Stop, count to 10 and look: The e mail comes from store.com and not from Apple. Apple does not send email receipts, and it looks unprofessional, and has spacing errors. That’s four clues right there. All you need to do is go to google and type in the website address it came from. When I typed in “store.com” it forwarded me to mysimon.com – a phony shopping site. Right there you know it’s not from Apple. It’s used by the same scammers to attempt to spoof simons.ca, the Quebec, Canada based department store.

When in doubt – do not click, or you’re in for a world of pain and identity theft if you answer any of the questions in clicking through on it.

Starbucks just released their financial statement, and in 2013 they sold $4 billion in gift cards in North America. I was just stunned when I read that. Want to guess what Starbucks will eventually make on unredeemed cards? The breakage (or non redeemed cards) is around 8% or more. So they’ll end up with around $320 million in profits for NOT selling coffee. If your card is down to a buck or two – just hand it to the person behind you in line – that way you’ll at least make sure they card gets used up.

If you have gift cards you don’t want, there are now a couple of credible sites that buy, sell, or exchange gift cards. One big one is cardpool.com. Large retailers such as Wal Mart or Target will have small discounts to buy and sell – boutique stores with much less volume have a much larger discount. That’s just a supply and demand issue. Right now, a $100 Lowe’s gift cards, as an example, can be bought for $93, or you can sell it to cardpool for $84.

Gift cards lock you into buying at one store – cash is good everywhere. If the chain is big AND financially stable, that’s not a problem. But the smaller the store, the more you’re taking a chance that they’ll still be in business when you or the recipient want to redeem the gift card! Be careful.

For Quick Insights

Identity theft: In the past few months, the federal government has been running a nation-wide ad campaign on identity theft and on-line passwords. You’re way ahead of them in that we talked about it twice over the past year. Protecting yourself on line is huge, but if you missed it, go to yourmoneybook.com and you can search by topic to catch up on how to protect yourself.

Automatic renewals: Everybody from magazine subscriptions cell companies want access to your bank account. They market it as convenient when you can automatically renew or pay. But the downside is that few people remember the renewal and never look at the total charge or the breakdowns. Great for the company – really bad for you.

Tim Horton now has an ad campaign designed to get people to automatically re-load their gift cards through a bank account: ”Could I get one of these and one of those and get my friend here whatever he wants.” A pre-loaded gift card is like a credit card. Tim Horton, and everyone else in the small cash purchase industry, knows that you’re likely to spend way more money with a card, instead of cash!

With a pre-paid card, or credit card, McDonalds average purchase increases 47%, and vending machine purchase per person increases 178%. Small wonder these companies want you to use anything but cash!

Buying on payments alone: The majority of people purchase big ticket items such as vehicles or motorcycles purely on the payments. The is a new car dealer ad on the radio: If I can get you the same or lower payment than you have now, why wouldn’t you trade your vehicle for a new one? It’s very clever and appeals to most people. Sure, same payment but get a new vehicle? But the one you have may be a year from being paid in full, while the new one has you start over for six or seven years. Not a good idea. Never talk about payments alone. You have to start with the price or you can never comparison shop.

Business Finance, Identity Theft and More Sad US Housing Info

How ready is your business for an emergency?

We’ve talked in the past about the fact that almost two-thirds of people couldn’t afford to miss one weeks’ worth of pay. But there are also businesses who rely on customers and cash flow in the same way.

In the event of a disaster, 40% of businesses don’t re-open their doors. That’s a staggering failure rate for a small business. And disasters do happen – and come in very different forms. While you and I have an emergency fund, for a business, it’s called retained earnings. This is the profit of a company which STAY in the business, and lots of companies have very little of that.

Knowing this is a huge problem for small businesses, the Red Cross has teamed up with the U.S. Government and set up a great site. This web site has an easy check list to think through, and enact, some easy steps to prevent your business from being one of the 40% who fail. That check list is a lot more than having money in the bank, or the right type of insurance. It’s at http://www.ready.gov/business/

Going from bad to worse:

If you’re wondering about the US economic situation, houses and their values are one of the major factors, along with their stalled unemployment rate around nine percent.

On one of my flights this week I read a story in the Orlando Sentinel about the Florida housing market. They did a study in their four biggest counties in Orlando that turned out to be pretty depressing.

Right now there are 150,000 vacant homes in those four counties. That’s not including second homes or any vacation homes, those are just normally owner-occupied homes.
That means, with an average of 2.2 people in a family, over 330,000 people would need to move into the area to absorb those homes which are sitting empty right now. And that’s assuming they don’t build a single new residence. THAT is an over-supply. And when there are too many of anything, how do you sell it? Economics 101 says the price will need to drop. Orlando is nice, but they aren’t going to have 330,000 people move there over our lifetime…

Moody’s Analytics estimates that in some areas such as Naples, Florida, home prices won’t fully recover until 2038.

One of the nastiest identity theft problems

I’m not sure to what extent this is a problem in Canada, but you have to know it’s here, or coming: The US tax department, the IRA, has a big identity theft problem. Crooks who have stolen someone’s identity are using it to file fraudulent tax returns on-line. They change the address, put in a bunch of phony deductions, and then claim and get a big tax refund.

When the real person files his or her return, it bounces, of course, because their return is already shown as processed and refunded in the system. To fix that, and to challenge this fraud takes a huge effort, a lot of time, and is really tough to fix. With crooks selling someone’s full identity for less than $20, look for some tougher steps to file your return on-line next year. You have to know the Canada Revenue Agency is aware of it and taking similar steps before it becomes an epidemic.

Three short stories…

Hurray for American Express

I remember last year having to contact their Call Centre. To start, there was a language barrier, to put it mildly, since their Call Centre is in India. And I started getting the rush treatment disputing a charge. You have to know that most of these staff are timed on a per-call basis. So their motivation is to end the call quickly – not necessarily to resolve it. Well, Amex has taken their staff off these timed calls. So far, the results are amazing for Amex. Their customer satisfaction levels are up, as is their charge volume per client.
Why can’t everyone realize that?

Which economic indicator do you trust?

There are two confusing economic stories from this past week:

Cosmetic surgeries were up 9% last year.
On the other hand, 60% of shoppers say they are buying more no-name store brands, instead of national brands.

Sony certainly has a big problem:

Sony Play Station’s main computer was hacked last month and banking and credit card information on 70 million customers was stolen. That’s a lot of people and it’s not an isolated story as more and more of our information is on-line. It’s another reason to be really thorough in looking through the charges on your credit card statement. Plus, you only have 60 days to dispute something. A day after that and you’re fully liable.

Identity Theft: It was almost like being raped!

That was a newspaper headline from the Edmonton Journal. Yes, sensationalism sells, but this time, the quote was accurate and justified.

The story was about a young lady from Edmonton, who had her wallet stolen out of her car, and became a victim of identity theft.

When her wallet was stolen four months earlier she has simply called her credit card company to cancel her card and also had her drivers’ license replaced. But that was just the beginning of her nightmare of identity theft.

Along the way, she was actually investigated for fraud, and went through a virtual hell in having her bank accounts cleaned out. She discovered her identity theft while trying to make a purchase at Walmart. When she used her debit card, the cashier told her no, there wasn’t sufficient money. She tried her credit card next, and it was also declined.

When she called her bank from the parking lot, they asked her if she had just opened a new account at another branch? No, she hadn’t. But someone had, and used her identity. It got worse, since the crook deposited empty envelopes in the ATM machines, and stole another $10,000 out of her accounts from these phony deposits, off this new and fraudulent account.

The credit bureau wouldn’t help her on the phone, and I’m stunned she was even able to reach a human being at Equifax Canada. The only thing they told her was that SHE was now under investigation for fraud.

Then came the calls from the collections departments of Esso and Shell, Home Hardware and Sears, the financed van, and more – none of which were hers. And that was in between the trips to the police station and banks. All in all, the crooks used her identify to run up more than $100,000 in charges. The lenders and banks absorbed the losses, but you have to believe that a break-in at home would be less scary or frightening than identity theft.

As this lady found out, studies have shown that it takes an average of more than 30 to 150 hours of work for someone who has been a victim of identity theft. And that doesn’t include the anger, fear, credit hassles, and psychological trauma.

Oh, and one more thing that you probably don’t want to hear: It didn’t apply to this lady, but the vast majority of identity theft is committed by someone you know. While you can’t entirely prevent identity theft, you can take some easy steps to make your odds pretty tiny:

-Do not give anyone your PIN numbers
-Don’t use the same PIN number everywhere, and do change it every six months or so
-Have as little ID as you need in your wallet. You do NOT need your Social Insurance -Number in your wallet every day, and don’t need all your credit and debit cards with you every hour of every day
-Do not leave any I.D. in your car – ever.
-Empty your mailbox every day. Junk mail or credit card mailers have a lot of information on them
-Get a shredder. Do not put your personal information in your garbage.
-Check your credit report. You are entitled to a free report once a year. Pay for it if you need it more often to see if there is something weird happening
-Know your credit card statement dates. If it doesn’t show up, make the call. It may have been re-directed by the crooks
-Always check the transactions on your credit card and bank statements
-Never give out personal information on the phone or on an e-mail

And if you have been a victim of identity theft, your first visit is to the police station to file a report. No matter who it was, if you know, you will be liable if you do not file the report. Don’t protect a crooked friend or relative, because you will be liable if you haven’t taken the first step of proving these were not your transactions.

Do You WANT Your Identity Stolen?

Identity theft is one of the fastest growing crimes in the country. It is really nasty, very time consuming to deal with, a LOT of hassle, and it is only going to continue to grow for years to come. Almost everything law enforcement can do is after the fact, and that puts the onus on us to protect ourselves.

One of my biggest pet peeves is people on their cell phones in public. More so, when they have a loud voice, and really seem to want the whole world to hear their conversations. I’m sharing that for a reason, because two weeks ago, I was in the business class lounge at the Denver airport, looking for an hour of peace and quiet. Unfortunately, it turned out I was stuck three seats down from a man named Walter, and Walter was on a mission. He was on the worlds’ longest phone call to Wells Fargo attempting to get the interest income on one of his wife’s accounts for his tax return.

It was obvious from the one side of the conversation that Walter was not having much luck. Gee, like he couldn’t have guessed that privacy laws don’t give him access to other people’s financial information.! But, undeterred, Walter barged ahead.

The first thing he shared, in his rather loud voice, was his social security number and date of birth. That was just the beginning with what the customer service rep was obviously asking him, in order to establish his identity. That was followed by his Wells Fargo credit card number and security code. Becoming more frustrated that he wasn’t getting anywhere, the next thing Walter volunteered was his personal account number and transit number where his main investments were held.

By now, anyone who was interested in Walter had more than enough information to steal his identity, and over $50,000 out of his accounts, based on what a frustrated Walter shared during his call. To my way of thinking, it was not only rude, but totally irresponsible! But think about how much of your information is so easily accessible while you’re having a chuckle about Walter’s stupidity. From your Facebook privacy settings, to not having virus software when you do your on-line banking, or simply throwing mail with all kinds of personal information in the garbage, it’s you that has to be pro-active.

You cannot simply pay $10 to $20 a month to someone and hope everything will be OK. Hope is the worst form of identity theft protection. Unfortunately, nine out of every ten companies that promise to protect you do no such thing. Based on our population, around four percent of us will fall victim to identity theft in a year. As a result, these companies who promise to protect you are playing a numbers game. They receive huge amounts of money each month in premiums, and have to pay out only about four percent – if anything at all! In the meantime, millions of people are paying monthly premiums, thinking and hoping that they’re protected.

The basic, simple, easy, and common sense things you have to do:

-Don’t keep your entire life in your wallet or purse. You do not need to have access to 10 credit cards, your social insurance number, and a bunch of other personal stuff that identity thieves would love to have.
-Get a shredder and use it. Do not put personal papers or credit card mailings directly into your recycling or garbage.
-Always, always check your credit card and bank statements for something strange or unauthorized. You only have 60 days to challenge something or you own it, and have to pay it.
-If you have had your identity stolen, your first stop is the police station. I don’t care if it was a relative or stranger. You have to protect yourself and that starts with filing a report or creditors tend not to believe you – and rightly so.

More Heads Up and Updates (Part II)

According to the Washington Post, the on-line cost of hiring a hacker to break into someone’s e mail accounts is now down to $30. And hackers have an almost 100% success rate. But the majority of the buyers from these hackers are actually boyfriends, girlfriends, or spouses. The point is, that for your on-line banking, or anything on-line, you need a better password than most people have! Because the most common password is still 1234 and that’s nuts.

When is a deal actually a deal when we’re financing huge amounts of money? Here, and in the U.S., I keep seeing ads for houses and lots that are supposed to be incredible deals at 50% off. Off what? I’ve seen these ads in Ontario, and for resorts in BC. Lots that were originally listed at $500,000 are now half price. But that’s a phony figure, because the original price of the lots are just made up, and hoping that someone will pay it. What matters is what the house or the lot is appraised at TODAY, not what it’s listed for. Whether you’re selling your home, your car, or anything else, it’s the TODAY value, no what it was somewhere in the past! Careful with that, and don’t get trapped in the hype of an advertisement.

Kelly Blue Book just published their 2010 list of vehicles with their retained value and depreciation: Less than HALF of all new vehicles this year are projected to be worth 20% or more after five years. That is a staggering figure. The brands that will best hold their values:
Number one is Lexus, followed by Toyota (and that’s not accurate anymore with their current problems) and Honda. The only European brand in the top tier of vehicles that hold their resale value is BMW, which is fourth, and Subaru rounds up the top five.

Overall, the average vehicle will be worth 32% of new vehicle price in five years. So remember that the longer you keep the vehicle, the less it matters. But the shorter buying cycle, or anyone fleasing…I mean leasing the vehicle, the more you will feel some real financial pain of paying for the depreciation.

Have you heard of the Visa Black credit card? Well, they just sent me an invite. It’s a great looking, high quality, wedding-type invitation. But inside, it’s just another credit card application with great marketing. You are hereby invited to join an exclusive club limited to only one percent of the population. But at 13.25%, the rate isn’t very exclusive, and the annual fee is $495. But the card is made with actual carbon and guaranteed to get you noticed. Really? Is that why I need a credit card? It also talks about “fantastic rewards,” but doesn’t list any of them at all. I’m afraid I’d be getting a plain burger for the price of a steak.

Good old CBC is now getting into the product placement market. A lot of it will be with TD/Canada Trust. The bank will show up (OK, not show up – pay to be included is more like it) on Being Erica, Little Mosque on the Prairie and Hartland.

High Tech Credit Cards Are On the Way

Finally, credit card issuers are coming out with technology that isn’t from the 1960s and hasn’t changed since the invention of the cards.

They’re changing from the current swipe card with a magnetic stripe to a pin number and chip-type card. For the transition it’ll still have that old magnetic stripe, but also an embedded microchip.

These new cards are already being issued. The Royal is putting them out and remember I told you about a super cool Capital One 6.9 fixed card? I got it with the microchip today. As merchants get new point-of-sale terminals you’ll insert it and use a PIN number just like your debit card. So no more slip to sign because your PIN number is your identification.

What it’ll do is to drastically reduce the $300 million in credit card fraud. Now most of the time when merchants haven’t taken the basic steps, they’re liable for the fraud charges. The rest of the time, the card issuers eat the loss. Until now, that loss hasn’t been as expensive as converting the cards.

No, they’re not doing the conversion because they have much interest in identity theft or helping you. On fraud, you’re also not liable for any of the phony charges. Never have been. They’re doing the conversion because it’s going to be cheaper for them to convert to the new cards instead of seeing the fraud amounts increasing each year.

It’s been in use in Europe for a very long time but the conversion and rollout in Canada will be slow. If you get the new cool card it’ll work exactly like your old one did until all merchants have the new point-of-sale machines where you insert the card, not swipe it. It’s just that this new card has a little chip in it.

This year, about 4.5 million of these will be in your hands. By October 2010 it’ll be fully implemented, because about 90% of all cards will have expired and replaced.

What this’ll also start is a huge wave of contact-less cards that are NFC enabled. For tech people, that’s Near Field Communication. Nokia will have it in their cell phones next year and by next summer, Rodgers will be doing their trial a trial. It’ll let you just wave it past a merchants’ scanner and pay for something. It’ll be exactly like the Esso and Shell payfast keyfobs but it’ll be your Visa or MasterCard.

In all this, you still have to remember why they’re doing it. It’s never to help you but to get you to use your card a whole lot more. And especially in the small-ticket purchases that add up to tens of billions of dollars that card issuers really want a huge piece of!

After all, we spend almost 20% more when we use a credit card instead of cash. Mark my words: Two or three years from now the percentage of small-ticket purchases on credit card will be way up. Card issuers will get richer and you’ll go further in debt so this is not a win-win arrangement, trust me.

Identity Theft: The Fastest Growing Crime in North America

During a typical traffic stop, an Edmonton police officer questioned the legitimacy of a woman’s drivers’ license. It was just a lucky traffic stop that started to really unravel for an alleged identity theft ring.

The police ended up finding computer files with more than 30,000 credit card files, stolen passports, birth certificates and a ton of other stolen identities.

Yes, it was two women who were arrested and according to the police, it’s often women involved in identity thefts. After all, it isn’t violent, it’s working from home and isn’t about a gun – just a computer.

There are actually web sites, just like E-bay where you can bid on stolen personal information and buy stolen credit cards. The crooks will even give you one for a test to prove that they’re legitimate crooks.

In fact, it’s a huge volume game, as well as the fastest growing white-collar crime in North America. You can buy a stolen credit card for under a buck and a full set of identification right down to mothers’ maiden name and debit card PIN number is around $20 bucks. Isn’t that sick?

I can assure you, I could talk about identity theft for an hour or more, but here’s a few things to remember:

The vast majority of identity theft involves someone you know. If you find out, call the police. Do not minimize it, cover it, ignore it or try to explain it away. It’s robbery – pure and simple.

Get a shredder. Never throw out personal information of any kind, especially offers from credit card companies with applications on them, your bank statements, convenience cheques or anything with your name and address on it.

Don’t carry your social insurance card or a bunch of extra credit cards in your wallet. You’re a half hour away from home and don’t need half the stuff you have in your wallet or purse. It’s not worth the risk of theft. Treat that stuff like you would treat your cash.

Don’t give out personal information unless it’s a legitimate application. And 90% of the time, that’s not the case. Ask why they need it and use your head.

And don’t respond to e mails from Paypal, Amazon, brokerage firms or banks asking to update your information. They’re phishing e-mails sent by crooks looking for your personal information. None of those places will ever e mail you with that type of request.

Repeat after me: Don’t press reply!