Welcome!
If you have an account, please:
Log in

Goodbye Identity Theft – Online Course

Goodbye Identity Theft. This course will make you tangibly safer from ID Theft today than you were yesterday.

Identity theft is a huge problem, but a bigger problem is how little responsibility the large data brokers and perpetrators of negligent breaches are doing about it. Though you didn't ask to be put at risk, companies profit from credit and data-sharing practices and aren't motivated to put you first.

For the past 13 years, I've written articles, done podcasts, consulted, spoken at conferences, and tried to raise awareness in any way I can. Now, I've put together an online course containing the experiences of more than a decade of ID Theft education. I've watched the rise of the "monitoring services" and insurance scams and "dark web scanning" nonsense and now, I will show you how to apply valid risk-analysis (in an easy-to-understand way) to determine if you are throwing your money away on "security theater".

.

Most importantly, I will give you solid tips, tricks, and strategies for actually protecting your information based operations risk assessment skills cultivated from more than a decade of working for the Department of Defense. That combined with making you aware of your legal right to force credit reporting companies to stop selling your data to anyone they please (creditors and ID Thieves alike) make this one of the best classes you will ever take.

I will give you information that will make you tangibly safer from ID Theft today than you were yesterday. Click here to see pricing.
Tags: , ,

ID Theft – The Straight Basics

ID Theft is largely divided into two parts: Credit and Non-credit based. Credit is far more common, but also easier to prevent while non-credit attacks are far more damaging, harder to clear, but thankfully more rare. In this brief intro, I will explain how the problem came to be, what is putting you at risk, and why it’s important to act now before it’s too late!

This page is part of my Goodbye Identity Theft course and is restricted to members.
Tags:

Fraud Alerts Don’t Work

One of the first things you’ll be told to do after a data breach or an instance of ID theft is to put a fraud alert on your credit reports. Learn what that actually does and why it’s almost always a waste of your time.

This page is part of my Goodbye Identity Theft course and is restricted to members.
Tags: , , ,

The Identity Theft Victim’s Mini-Guide to Recovery

I'm an ID Theft Victim. Now What?

It's sad for me to hear the actual stories of the victims especially since it could have been so easily prevented in most cases if the lawmakers and the agencies who are supposed to protect you would just get their acts together.

Blame aside, the question is: what do you do? I wish I could help everyone, but every situation is different. What I will post here are the most common, basic steps you will take to handle the current situation and prevent further ones.

Stop the Hemmoraging

Most of ID Theft is a result of someone else gaining access to your credit reports. Things like getting a bank account, getting a job, getting a lease, turning on utilities, and getting a cellphone all require a credit check. The very first thing you need to do is cut off access to your credit files to prevent the problem from getting worse or re-occuring in the future.

  1. File a police report with your local police and/or the Federal Trade Commission. All you need to do is say "I want to file a report of identity theft" and let them lead you through their process. They may or may not actually provide you much help or guidance, but that's ok. All you really need is a case number. You'll need this for several of the later steps.
  2. Most of ID Theft activity is hinged on access to your credit report which is protected only by a combination of your personal information much of which can be accessed freely on the Internet. This needs to stop. Take your police report or case number and contact each of the three Credit Reporting Companies. Tell them you want to put a "Credit Freeze" on your file and make sure they don't try to charge you any fees (credit freezes should be free for ID Theft victims).
  3. While you're on the phone with them, have them send you a copy of your current credit report. If the won't, use your "free coupon" granted by federal law by going to AnnualCreditReport.com (the ONLY legitimate site to get them). You are entitled to one free report per year from each of the three companies. The site will lead you through the process, but some of the companies will try to sell you add-ons like credit monitoring services or similar. Don't do it. Get your free report and nothing else. If you see a spot to enter a credit card, you did it wrong.

Repair the Damage

Now you're going to start fixing the damage they caused.

  1. With your credit report in hand, you should be able to get an idea of what companies the scumbag opened accounts with or dealt with. You might even get some phone numbers and address information that's clearly not yours. Make a list of all of these and provide them to the police referencing your previous case number.
  2. Contact each company and explain the situation. Provide the case number or a copy of the police report if necessary, but make sure that they conduct an investigation or remove your information from the account records. Your goal here is to make sure that they no longer contact you or report you in relation to the debt/account.
  3. For each company you successfully do this with, follow the challenge process with the Credit Reporting Companies whose reports show that debt. They have 30 days to contact the creditor themselves to verify the item. If they can't (which they shouldn't because you just had the creditor remove your name from their records), they must remove that item from your report by law (based on the Fair Credit Reporting Act).

Shut it All Down

Someone is getting some benefit from your identity in the form of goods and/or services. You might have information of what those are and you might now. It may be worth hiring a private investigator to dig up information about yourself so you can figure out what kinds of records are in your name that shouldn't be.

Even if it didn't impact your credit report, take care of them. If you find out that the DMV for a state you've never lived in has records in your name, work to have them expunged. If someone activated a phone service for a house somewhere in your name, have it shut off. Follow every lead you have and stamp it flat. Best case scenario, you get enough information to identify the theif.

What next?

The above links are good resources to learn more about the issue, but if you want the biggest bang for the buck to learn quickly and clearly about the ID Theft problem and concrete steps you can take to prevent it in the future, please check out my Goodbye Identity Theft crash course Tags: ,

WellPoint Data Breach Due to Carelessness

Surprise, surprise. A company has giant data breach due to negligent security, but not to worry! They'll protect you by offering you credit monitoring for one year free!

Credit monitoring is a waste of your time and is likely only offered to make it seem like they're doing something for you when they probably don't. I wouldn't be surprised to find out that the credit monitoring companies have a "data breach plan" where companies can get a bulk discount by offering monitoring to all their victims.

It's a classic win-win-lose. The breach company wins PR points, the monitoring companies continue to make money for not providing any real service, and we all lose.

If you're worried about id theft, just freeze your credit reports!

Tags: , , ,

Despite Promises, Lifelock Knows Public Data is A Risk

Lifelock
(Image used under: Fair Use doctrine)

Todd Davis didn't post his social security number publicly because he thought his company could protect it. He did it as an advertising gimmick that netted him almost 2 million paying customers. At least, I have to assume that's what Todd's motivations were because I'm guessing he's not an idiot and knew his service wouldn't actually prevent ID theft. Even if he were, there have been so particularly telling clues recently such as:

  1. Having his own identity robbed 13 times since the stunt began.
  2. The 12 million dollar settlement with the FTC over false advertising relating to their gross misrepresentation of being able to prevent ID theft.

That's why when an employee's sensitive data showed up online, they worked to have it removed. No one should have their social security number posted publicly because the risk is too great. Unless of course you're the CEO of a company that charges $10/month to almost 2 million people and can afford any amount of ID theft you're hit with.

For those that are bad at math, that's 20 million a month income. Makes that $12 million settlement seem kind of inconsequential doesn't it?

Tags: , , ,

$12 Million Settlement Against Lifelock for Deceptive Advertising

Lifelock
(Image used under: Fair Use doctrine)

I'm not surprised about the fine, just that it took this long. Of course, they'll just shrug it off and any other lawsuit so long as they make more money than they spend.

Sadly, by the time someone actually shuts Lifelock down (if ever), the people responsible for it will be so rich that it won't make any difference. But until then, we can feel a little happier knowing that there are some organizations that are making them pay for their dishonesty; although 12 million dollars is less than one month of Lifelock's income on their almost 2 million reported customers.

Tags: , , ,

FreeCreditReport.com Class Action Suit!

This totally made my day:

A Wisconsin college student filed a class-action complaint against Experian this week, claiming that the company's ubiquitous ads for FreeCreditReport.com led her to believe she could use the site to get a no-cost credit report.

Go figure! Someone believed that FreeCreditReport means you can get a free credit report? What are the odds!?

How this has gone on this long I'll never know. Even after 11,000 Better Business Bureau complaints the most that's been done to date was the very cool FTC spoof videos making fun of FreeCreditReport's TV ads where they did everything short of calling them crooks.

It's such an exquisite pleasure to watch this bogus company go down; let's hope this suit sticks.

Update June 2010:

It's probably been a month or two (or three or four) since this happened, but as a result of the lawsuit, the FTC has required them to put a giant banner on the top of their website saying essentially that they're full of it. Granted, the site should just have been shut down, but it's still nice to see.

Hard to sell your supposedly free reports now isn't it?

Looking back from 2019:

The FTC filed their own lawsuit and won, but the measly ~1 million fine was so much less than the $72 Million they could afford just for theirdeceptive ad campaign, it just goes to show that founding a company in fraud is a solid business strategy. But I suppose it's not all bad… there was brand new legislation passed as a result of their scam:

The advertising practices of FreeCreditReport.com were specifically addressed in the Credit CARD Act of 2009. Now any company who advertises a 'free credit report' on TV or radio must include the statement: "This is not the free credit report provided for by Federal law." The law also calls for the Federal Trade Commission to issue new rules that will force free credit report advertisers to inform consumers that the only place for a free credit report is AnnualCreditReport.com.

On a lighter note, the Federal Trade Commission was so fed up with Freecreditreport.com, they made these awesome spoof videos:

Tags: , , , , , , , , ,

Senator Wants Free Credit Report Companies to Actually OFFER Free Reports

Wait... free is supposed to be FREEE?
(Image used under: Creative Commons 2.0 [SRC])
U.S. Senator Charles E. Schumer is my hero of the day.
"If these companies want to say -- or sing for that matter -- that they are giving people free credit reports, then they can't charge people $15 a month, simple as that," Schumer said. "For years, these companies have said with a smile that they will provide a free credit report -- even though the government already requires a credit report be provided for free every year - and then suddenly, months later consumers get a bill in the mail for their credit monitoring services. My plan would finally bust up this scam and give consumers some honest choices."
Tags: , , , , , ,

Beware of Hijacked Facebook Accounts

Facebook
(Image used under: Creative Commons 2.0 [SRC])

Of course this isn't a problem limited only to Facebook, but the FBI issued a warning about the rise of hijacking scams. This is where a bad guy gets your login information through various means and then poses as you on your account. They'll send an urgent request for help or money to all your friends who may be fooled and comply (as in the case of Bryan Rutberg).

Remember to use good passwords and protect them especially the password for your e-mail account (which can be used to unlock all your other accounts).
Tags: , , , , , , ,

If you want to learn more about my professional background, click here to learn more. Otherwise, let’s get started - how can I help?

Online learning
On-site learning
Read my blog