Friday, June 22, 2012

Ironic Identity Theft.... Is There Such A Thing?



I truly believe karma plays a role in one's life and the universe at large. There is no real doubt in my mind that there is real truth to the "what goes around, comes around" mantra. To the degree that you also subscribe to this notional idea, you may also think there is a special corner of the ever after, a particularly degrading reincarnation, or other heinous penalty for those leaches in the world whose goal in life is to steal your identity (and by extension your hard earned assets).


Identity theft is a multi-billion dollar racket we all pay for every day. Like so many things in life technology has proven an enabler of the "cops," "robbers," and victims.... Your inbox is a potential minefield filled with well designed missives intended to cajole you into willingly supplying the bad buys with personal details you may be loathe to share with all but your immediate family. Sadly, the "success rate" of these contemporary SPAM agents is (more than) high enough to make it a thriving industry across the globe.
Everyone knows that losing control of online financial credentials can be catastrophic. Loss of log ins can, and sadly does, happen with regularity. The loss can be triggered by key loggers or other malware entering your system surreptitiously or by more mundane channels with equally devastating outcomes.

Of course old school identity loss can ensnare you through more traditional illicit activities such as credit card hijacking. I have long argued it is far more dangerous to hand over your credit or debit card to an unknown.clerk or waitress who walks into the back room to complete a transaction than it is to make online purchases from a secure site such as Amazon. I stand behind this claim.

So what has me on this soapbox? A recurring $19.95 debit in my business checking account! I noticed the charge while reconciling last month.  A little digging identified the credit agency Equifax as the company placing the charge to my account. I had no memory of even checking my personal or company credit rating back in April (much less agreeing to pay $20 for the privilege!) A red flag sounded.... (This isn't my first experience with identity theft, thankfully it is by far the least costly, but I am VERY vigilant and you should be too! Perhaps I will share other past encounters in future articles.)

I asked my normally superb bank, Charles Schwab (and yes they are a bank as well as an investment house and I can highly recommend their services in this area) to provide transactional details. The bank promptly reversed the charge and informed me they would make an inquiry. Candidly, I forgot about it until a follow up envelope arrived via snail mail about two weeks later.

The correspondence contained a cover letter stating the charge I question was valid per the attached agreement. What followed was four dense pages of legal jargon from ConsumerInfo.com (aka a front for Experian....). The gist of the message was the declaration that I checked my credit rating and also agreed to a monthly credit a reporting service for $19.95/month which was in force until I cancelled the service..... I still could not recall making the credit check which was concerning on several levels. I was also mad at myself for not reading carefully enough and "agreeing" to a revolving service (which I dislike on principal) and which I don't need..... The entire mess found its way to my desk only to be buried by more pressing matters for several days.

When the paperwork resurfaced, I went to the Experian site and couldn't sign in! (No LastPass log in credentials was a great indicator I don't have an active account!) Immediately, I navigated to ConsumerInfo.Com, the domain prominently featured on the chargeback dispute letter supplied by my bank. Again, I couldn't log in and found no authentication information in my LastPass Vault.....)

Listed on the ConsumerInfo.com home page is a 800 Customer Service Number. I gave them a call and a friendly, helpful, Representative listened to my situation. After carefully verifying my identification information, she too was unable to find an account tied to my name..... I provided  specifics included within the the ConsumerInfo.Com Chargeback Dispute Notice-- Reference Number; Case Number and Credit Card Number. Finally, the Representative was able to cross reference my issue by the Credit Card Number I provided. Then there was a moment of silence.....

"I cannot provide you with all the details, but do you know someone who would be identified as 'Roberto R?'" Without hesitation I said, "No, I do not." As we were chatting I unsuccessfully tried to find a credit card tied to this number in my money clip. Knowing the bank account being charged. I went further and looked at a few odd cards and other information I typically do not carry every day and leave on a shelf in my office. Lo and behold, I found the card as a bank debit card for my business account!

It appears that at some past date, this card was hijacked as I used it to pay for some incidental purchase. (Since I haven't regularly carried this card on a daily basis for at least six months, the theft took place at some now indeterminate time and place.) In a twist of fate and karma, it appears this card was used to check and monitor the credit report of the thief!!! You have to love it! 

ConsumerInfo.Com (aka Experian) has assured me that I will be refunded the $60 or so dollars in recurring fees which has previously been charged to my account. Immediately after having this conversation, I called my bank, explained the recent discoveries and had the debit card cancelled despite having the current card in my possession (which is likely a replacement from an earlier card with a new expiration date). I did express concern that this theft didn't surface in the course of the bank's examination of the contested charge. It appears that the credit reporting agency's providing proof of contract and credit card was sufficient to "verify" the transaction. It apparently never occurred to my bank or the billing party, which in this case was a credit reporting agency!, to verify WHO was using this debit card!

Thankfully, this misfortune had very minor, and reversible, financial consequences. It also serves as an at least slightly humorous learning lesson, but identity theft is far from a trivial issue! How you protect yourself is the subject of many articles and controversy abounds about the best and most effective solutions. I am not going to delve into all of the techniques and tools which can minimize your risk of identity theft and cybercrime in this specific post. However, I will provide you with some takeaways and resources I have recently implemented to further lock down my physical and virtual identities.

For the record, I have not subscribed to any paid service such LifeLock. Many swear by this and other services. One reason I haven't pursued a comprehensive service such as LifeLock is I have been provided similar services as a result of certain companies having been hacked which has forced these entities to provide identity theft protection as part of court settlements. I was victim to the (in)famous Sony Playstation hack(s) of recent years. My own less than beloved local governement Davidson County (Nashville) managed to lose a laptop filled with tens of thousands of individual personal data. This incompetence provided another year of "free" identity theft protection. There have been other issues. However, even if you elect to use one of these paid services,  I do NOT want you to believe this is "one stop shopping" and you no longer have anything to worry about! There is no substitute for taking personal action and active preventative measures with or without the aid of one of these companies.


Here are a few steps you may not have considered which are easy to implement, free, and from trusted sources:



  • Those of you who have read my recent prior review on the battle between the two big names in password management, LastPass and Roboform, know that I am an advocate of these tools. Having truly randomized, long, unique, passwords is one of the best steps you can take in your quest to preserve  your online identity. Unless you have a truly eidetic memory, the only way to implement this step effectively is through a safe and secure software tool such as LastPass or Roboform.

    I believe LastPass is currently the superior "hammer" in this toolbox. Not only is the free version sufficient for many, but the $12/year pro version provides a great cross platform solution across Macs, Windows, Linux and mobile devices. Version 2.00 was released last week  Numerous enhancements were announced and I will provide a comprehensive follow up post on these in the coming week. One notable new feature is FREE Credit Report Monitoring. This is truly a free service which utilizes one of the big three reporting agencies, TransUnion. If you are a LastPass user I recommend turning this feature on immediately.

  • Most of the free credit report web sites you hear and read about are actually thinly disguised come on offerings intended to get you to spend money to get an actually useful report and/or entrap you in an ongoing monthly monitoring service such as the one Roberto R managed to sign up for through ConsumerInfo.com with my debit card.

    There is one service which is both bonafide and truly a free source of credit reporting (on a monthly basis). CreditKarma.com provides an actual TransUnion FICA Score along with supporting documentation at no charge. You also receive FREE credit card monitoring so sign up! The company appears to make its money by offering superior credit card alternatives, and other deals, based on your information. Some of these deals appear very attractive if you carry a balance on one or more accounts. I can recommend creditkarma.com.
  • You need to exercise more awareness than ever in what email you elect to open and respond to! It is all too easy to be maneuvered into unwittingly providing critical personal information or downloading a malicious tool designed to capture your key login details without your knowledge. As a rule, if you receive any unsolicited correspondence from a financial institution, utility or other service (even if you are a current customer). Do NOT open it. Either open a browser window and go directly to the company site and respond in that way or pick up the 'phone and contact a Customer Service Representative.

    Always use a browser which is completely up to date. I recommend Google's Chrome Browser. Chrome keeps itself continually updated, sandboxes individual tabs (which adds security and stability), and can protect you in other ways. Other modern browsers are also perfectly fine but you should not ever ignore updates which you may have to manually install.

  • Also, consider using a browser safety plug in to help ensure you are going to trusted sites. AVG's Linkscanner can help protect you from infected sites.
There are many more steps you should take in the real and virtual world. If there is an interest, I will detail further steps and services you should consider in your quest. If you have a particular hint or tool you have found helpful, please share it using the comments section below. Because you never know, the guy or gal who gets hold of your identity or credit card may not be as nice as Roberto R who left traceable breadcrumbs to the door of a credit reporting bureau!








Enjoy! If you find this post of interest, please share through Google+, Twitter and Facebook! We welcome your comments (which you can provide via the comment form below).




 
I currently participate in Associate Programs and certain item links included within this post may tie to these affiliate programs. By using these links, you help support Music Row Tech, We appreciate your support.




Companies: charles schwab, creditkarma, experian, transunion



This commentary is not meant as an endorsement of any company or to provide financial advice.  If the author has any financial interest in any company mentioned at the time of this article’s posting, it will be explicitly noted. I welcome feedback and comments. 




















1 comment:

  1. So, did the guy who used your card get in trouble? Surely he was easily identifiable if he used your card to monitor his credit - you'd be able to find pretty much everything you could want to know about him, I'd think.

    ReplyDelete

Thank you for sharing your thoughts with other Music Row Tech readers and subscribers.