Archive for July, 2013

Business and Government Get Hit by Identity Theft, Too

Tuesday, July 16th, 2013

While consumers are fighting their own personal wars with identity theft, companies are also inventing new ways to deal with the increasing threat. Banks lose millions of dollars every year by having to compensate identity theft victims, and so they’re developing new ways for consumers to protect themselves.

Who's you online?

Who’s you online?

Money Matters

Companies that have a single reported security breach may find themselves with billions of dollars in damages, as well as a troubled reputation that will linger for years to come. USA Today reports that businesses lose between $150-$250 for each card number stolen from their files. This amount represents the required legal fees, consultants and administrative costs. This may not seem like a lot, but tens of thousands of credit card numbers can be stolen in a single breach.

Government Dealings

Companies aren’t the only ones dealing with the challenge of identity theft. The government has also been affected. The state of South Carolina had its security system breached in 2012, resulting in 3.6 million Social Security numbers being exposed, thestate.com reports. And in a 2006 security breach at the U.S. Veterans Affairs Department, the personal data of 26.5 million veterans was downloaded to a laptop that was later stolen (and later, recovered).

Once information is accessed by a hacker, it can be uploaded online. At this point, nothing can stop the information from being traded on the Internet, and those who have been affected may have no choice but to petition for a change of their Social Security number. This is not an easy process and can sometimes take months. Government agencies are especially vulnerable to security attack, because so many of them run legacy computer systems.

Retail Threats

Retail establishments are at increased risk for identity theft, because they rely on third-party vendors and merchant payment processes for many of their services. Consumers are more likely to experience identity theft during the holidays, in part due to new and seasonal workers employed at retail locations. This means retail stores need to be cautious about running background checks on their new workers.

Consumer Precautions

While banks, governments and corporations are working hard to lessen the impact of identity theft, the bulk of the responsibility still falls upon the consumer.

  • Avoid using paper statements, and thoroughly review your statements every time you get one
  • Consider signing up with an identity theft protection service such as LifeLock. These companies will monitor your account activity and alert you if they see anything suspicious
  • Never release your credit card information online until you have verified the recipient
  • Teach your children about Internet safety
  • Don’t leave your mail in your mailbox overnight, and always shred documents before discarding them

Have you ever been a victim of identity theft? How did it affect you? Share your thoughts in the comments.

Online Shopping – General Safety

Monday, July 1st, 2013

Online shopping is a boon of the modern world – allowing one to purchase a wide variety of items through the Internet, and have their purchases shipped directly to a PO box or their home or business address. This of course will raise security concerns in a world of technology where anything is possible, such as ‘Is my Credit Card number safe?’ or ‘Is the seller reliable, will I get my items?’ and so on. In the broad spectrum of resources to purchase online, there are a few things you may want to keep your eye on to know you’re safe.

Most of the secure websites prevalent on the internet use a protocol known as “HTTPS” (Hypertext Transfer Protocol Secure) to securely transmit data between yourself and the website you are on. What this does is add an extra layer called “SSL” (Secure Socket Layer) or the more modern “TLS” (Transport Layer Security) which basically encrypts all of your information including things such as your credit card number or your address. These layers also verify that the server receiving the information is the only one as intended, and no other destination will suffice. When you shop online and are ready to check out, look at the website bar (usually at the top of the window). Some browsers will highlight it in a green background, otherwise just personally ensure that whatever it says, it begins with “https://”.

Some websites also have additional ‘third-party’ certifications where another trusted source has given them the right to display that they were tested (these tests are usually quite demanding) and approved as a secure shopping environment. One of these companies is named TRUSTe, and if you see their logo displayed on the website you are purchasing from, click on it and ensure that it leads you to the website “http://truste.com” and no other. This would go for any other of these stringent third-party logos, so if you’re unsure of where you are purchasing from, take the time to do some research and don’t be afraid to do some Google searches.

Depending on your browser (this would be called Internet Explorer, Google Chrome, or Mozilla Firefox to name a few) and what version of the browser you are running, you may also see a padlock in the address bar with a green verification of that particular company. One such company for example would be eBay Inc. When you go to “http://www.ebay.com” and click on the cart icon, or attempt to check out, not only does it transform to the HTTPS protocol, the padlock also shows up in the browser bar (using Google Chrome). When you click on the padlock it explains why it’s secure, and in particular at the time of this article, eBay is secured through a “VeriSign” Certificate. VeriSign is another dependable third-party association responsible for rigorously testing and analyzing the capabilities of an online vendor.

There are other ways of protecting yourself, for example a separate bank account so that if the very unlikely happens and the account is compromised, they only gain access to the account you shop online with, and not your account where the majority of your money may stay. Another way is to use other forms of protection, for example PayPal. Not all vendors, but a decent amount will accept PayPal payments. PayPal stores your information for you on their server and when you make a purchase using PayPal, the person or company you are buying from never receives your financial information and instead gets the money from PayPal themselves.

Ultimately, shopping online as technology expands is a safer and safer alternative to manual shopping. If you live out of town, or in a town without any specialty stores and availability just is not present, try shopping online. Just follow a few security steps and be watchful of where you are shopping – generally if it’s a big retailer (Target or Walmart websites, eBay, Amazon, iTunes, etc.) you will be just fine, and if it’s not, keep your eyes open for anything that just does not seem right.