Some have the false premonition that celebrities and other “big players” are larger than life, and protected as such. Some would think that hackers and criminals would only prey on the average civilian, but this is not true. Celebrities represent credibility, and wealth. If a hacker were to gain access to a famous person’s credit card, you can be sure they would go to town with it, knowing the celebrity is rich. If a hacker simply wanted to get a message out, posing as a good speaker would be a good idea. These are often obviously fake though, and discredited quickly. If a hacker were to gain access to a celebrities e-mail account however, they would have access to the fan list millions long.

This has just recently happened. A Green Party representative Peter Ellis, recently had his e-mail hacked. The criminal got his password, and went on posing as Peter Ellis himself. He then sent out an e-mail requesting money from any of his supporters, saying that he was on a trip to help out his sick daughter, who needed money for an immediate medical procedure. Anyone who knew Ellis knew his daughter was only eight years old and in perfect health.

The e-mail was sent out to many of the people on Ellis’ contact list. It requested a loan of $1500 dollars be sent to a Belleville address. After Peter figured this out, he quickly called HotMail and had them deactivate his account. One of Peter’s friends tried to catch the crook by feigning interest, but no one knows if it led to an arrest.

Tweet This Post

The average American household has access to at least one Internet-ready computer now. That means that every time your family boots up the computer system, you are potentially exposing your information to the rest of the world. In a matter of seconds, your Internet privacy can be compromised by hackers, identity thieves and other criminals who can use your family’s information for illegal and immoral activities. Protect your family’s personal information by utilizing some of the free and low cost Internet privacy software available today.

Internet Surfing History “Erasers” – Whenever you visit websites, check your email or conduct transactions online, your personal web surfing history is stored in your computer cache. Criminals who can access your hard-drive can get to your sensitive personal information, including the keystrokes you’ve made. Even if you try to delete your web browsing history, clear cookies and temporary files from within your Internet browser, this information is still not fully erased from your computer records. There are several Internet surfing history eraser software applications now available that can clear all remnants of your Internet browsing history.

Tweet This Post

With recent blog posts about the Virginia Watchdog and PulaskiWatch, it was only a matter of time before someone had their identity stolen due to the negligence of county clerks posting sensitive information. Computerworld reported on a Ohio woman suing the county clerk after her identity was stolen. An image of a speeding ticket, containing her personal information, was posted on the county website.

Tweet This Post

Computerworld reported that an upset Arkansas man has posted sensitive information on his website, PulaskiWatch. The information was found via public records and consisted of e-mails between nine government officials, including the county clerk. This privacy issue may seem a little familiar as the Virginia Watchdog (which, coincidentally, does not seem to be working) also posted sensitive information on government officials in Virginia.

Tweet This Post

Betty Ostergren, a privacy advocate that posts Social Security numbers she found on the Internet, has been given the thumbs up by a federal judge in Virginia. Computerworld reports that the state government can not stop her from posting the Social Security numbers on her website. At first glance, this privacy issue should enrage a lot of people. Knowing she has your personal information and is posting it all over the Internet would upset a lot of people; but how did she find this information in the first place? She got the information from the Internet and public records. The privacy advocate did this as a lesson, and to start a campaign to show people just how easy it is to find sensitive information about them.

She won the case and it was ruled that she should not have to remove the Social Security numbers from her site since she legally obtained them from public records. While the memorandum does not set a precedent, it is the first step in truly realizing how much we take our Internet privacy for granted. Ostergren’s website, The Virginia Watchdog, presents privacy issues that arise from the government posting personal information on websites. Over the past few years she has repeatedly shown that Social Security numbers have been posted and little has been done to protect personal information.

I can agree with what she is doing. She did not seek out the information from private sources or use illegal methods, she used the Internet and the public sector. Everything she found was attained from government documents that did not conceal the ultra-sensitive information. With the already astonishing number of identity thefts every year, I don’t see how the government posting such private information can help. How about a permanent marker and two seconds to hide the information? Problem solved… Ms. Ostergren also posts the information of high-profile officials, such as former Gov. Jeb Bush, former U.S. Secretary Colin Powell, and some local Virginia officials. I guess it really strikes a nerve and makes them care when their information is up there, and not just the information of the huddled masses.

Tweet This Post

Recently reported by the New York Times and the Herald Tribune (Sarasota’s local newspaper), a little bit more than 88% of the 38,500 students in the Sarasota school district had personal information posted on the Internet for nearly two months.

The school district has a contract (for now) with Princeton Review to maintain a database of Sarasota County Planning Tools, to help teachers develop tests and keep track of students’ grades. The information, which contained students’ names and school ID numbers (which in some cases were Social Security numbers) from this database was accidentally posted on the Internet for two months before it was finally removed this past Monday. Along with names and ID numbers the information also included students’: birth dates, sex, ethnicity, disabilities, and standardized test scores. The files were able to be found by using a search engine and Princeton Review claims the files were released when the company recently switched ISPs.

Sarasota students were not the only ones affected by this mistake, Fairfax, VA. students (nearly 74,000 of them) had their information posted on the Internet as well. The company was hired to measure student performance and nearly got 74,000 students’ identities stolen. Hackers could have had a field day with this information–but if we recall correctly from a previous Identity Theft post, it usually takes the Identity Theft victim three months to realize something is wrong. In the case of a young student that has no need to check their credit ratings; it could be even longer.

The article hints around as to who is to blame here. Of course Princeton Review is at fault because the security of their system and website has been compromised and over 100,000 students had their personal information sitting on the Internet for two months. Not to mention that with the world wide web, nothing that has been posted can truly be deleted–some cached record may be sitting on a server with the information.

Is the school board to blame as well? Would they need to compile this massive database of personal information if standardized tests weren’t stressed as the focal point of a student’s education? While I am not trying to start a debate as to the validity of standardized tests, it is just an interesting subject to touch on. What happened to the days where teachers logged the information in their grade books? Is it necessary to have a massive database with every bit of information about a student? These are all questions that the school board will be answering when deciding whether or not to keep Princeton Review’s contract.

In this case I would say protecting personal information trumps the ease of sticking everything on some site to analyze the students performance. It is great for parents, students and teachers to have access to this information so they can all keep track of performance and make sure nothing is wrong. Is the risk of having this happen again worth it? Do students even get and interim reports and report cards anymore? I remember that being a pretty good gauge as to what I needed work on.

Tweet This Post

While we write blogs and update our site with useful tools and information to protect your Internet privacy, 84 million people a year fall victim to identity theft. With fraud totals reaching $49.3 billion in 2007, it is very important to take the first step and proactively find ways to keep your information private. We provide blogs, articles, and products that protect you, but the 84 million people a year who have fallen victim to identity theft have little help or support.

Many victims find out within three months of the theft…that means the person who stole the identity has had a three month head start on spending your money and opening up false accounts. This fact, along with the fact that the average identity theft victim can spend 330 hours repairing their credit, shows that ID theft is a dangerous crime. 330 hours = roughly 13 full days. That means a person can spend 13 24-hour days (or 41 8-hour work days) trying to fix the damage from ID theft. The FTC has created a section of their website that contains tools and information for the victims of identity theft so they can begin the rebuilding process as quickly as possible.

If you are the victim of identity theft you should do these four steps immediately:

1. Review your credit reports and place a fraud alert (or extended fraud alert) with the credit bureaus.
2. Close the accounts that have been tampered with or opened fraudulently.
3. File a complaint with the FTC.
4. File a police report.

This is the shortened version of the list, but these are the steps you should follow to ensure the situation is dealt with asap. The following tools for victims of identity theft will be useful in conjunction with the four steps:

• You must always keep a log of your actions and findings when gathering information from an identity theft. The FTC has provided a “course of action chart” to help you keep detailed information for your reference.
• FTC ID Theft Complaint form. This form found on the FTC’s Consumer Protection page can be combined with the police report to create an Identity Theft Report, helping victims get the ball rolling sooner and recover quicker. The report is used to block fraudulent information from appearing on your credit report, and prevent companies from collecting debts due to an identity theft.
• ID Theft Affidavit (pdf). This form is less detailed and does not offer as much protection as the Identity Theft Report, but is still a very useful tool to have. The eight page document must be filled out in order to absolve you of any debt incurred due to identity theft, or to gain access to the information a company has on the identity thief they dealt with.
• Victim’s Statement of Rights. This statement details your rights under federal law (and also has a link to state resources).
• You will have to write many letters to credit card companies, banks, and other companies that have been used during your identity theft. The FTC provides a list of sample letters for various purposes that are useful and time saving tools (note: Word documents):
• Requesting fraudulent transactions or account information
• Requesting credit bureaus to block fraudulent information from appearing on your credit report
• Disputing charges on an existing account that has been tampered with
• Disputing charges on an account opened by the identity thief
• Law Enforcement(pdf) cover letter that should be attached with your FTC Identity Theft Complaint

These tools will help the identity theft victim reduce the number of hours and the amount of effort needed to resolve an identity theft. Of course always remember the best offense against an identity theft is a great defense!

Tweet This Post

We’ve all heard about Phishing; i.e. getting phony e-mails asking you to give up important personal information. We also all know about scams involving telephone solicitation.

Now we have Smishing which is getting personal information by sending bogus text messages to your phone. According to an article in the Kansas City Star, warning consumers about a new, multifaceted identity theft scam where victims are targeted by phone, text messages and e-mails, we now have to worry about fake text messages.

Here’s my question: “How many of us get text messages from their banking or brokerage firms?” My guess is not many at all. Therefore why would anyone believe a text message could be from their financial institution, especially in this age of ever more clever identity theft criminals?

It is sad that people get taken in by these thieves. However we all must continue to be cautious when we get a suspicious communication regardless of the way it was transmitted. The first step in preventing identity theft is to be skeptical of any communication that asks for personal information. Without willing takers, identity thieves would have a harder time collecting this information.

Tweet This Post

The front page of Yahoo! News has quite an interesting story about Identity Theft and Privacy. Everyone may know Todd Davis as the creator of LifeLock who has his real Social Security Number displayed for the world to see and guarantees that it will be safe. Well, interestingly enough, his guarantee didn’t stand.

Customers from three different states are suing him because they claim the product doesn’t work, a claim Mr. Davis unfortunately knows all too well, since he was also hacked and had his identity stolen. At least 20 people tried to obtain a driver’s license in his name, and in 87 different attempts to steal his identity one person managed to succeed and get himself a $500 payday loan in Mr. Davis’ name through an online company.

LifeLock charges a monthly fee to monitor your information and set fraud alerts with the credit bureaus. The lawsuit, which is seeking class-action status, will attempt to shed light on how much protection these companies can actually provide.

It is unfortunate that this happened to Mr. Davis, but he didn’t follow the basic rule that everyone learned when they were 12….DON’T GIVE OUT YOUR SOCIAL SECURITY NUMBER. Nobody can guarantee this type of protection and LifeLock proved it. In Friday’s Internet Privacy post, I mentioned that, “You can safely assume that you have zero privacy while surfing the Internet, and privacy protection goes above and beyond the latest Norton update. Privacy on the Internet is not given to you. As an Internet user, you must proactively search ways to protect your Internet Privacy while online.” Well, this is a perfect example…Customers thought that LifeLock would be secure enough that they didn’t have to worry about anything else. While LifeLock is without a doubt an excellent product, common sense must be used at all times.

Tweet This Post

An article by the Malaysian Star Online recently released an article about protecting yourself while using the internet. The main focus was placed on phishing, trolling, and web bugs. According to the article:

“Phishing refers to Internet scams whereby e-mails are sent purportedly from banks or other companies, asking users for sensitive personal information, which are then used in identity thefts.”

“Trolling is when someone uses specific phrases in a chat group to “bait” and target people who respond in a certain way.”

“Web bugs are tiny image files that contain programmes that install themselves undetected on your computer and transfer information back to the source.”

They also go on to discuss other things such as cyber-stalking. The article discusses how women are at a higher risk for facing these threats, which is discussed in greater detail throughout the rest of the article.

Of course these threats, and many more, affect anyone who uses the internet. Cyber criminals are smarter and more technologically advanced than ever, and are using that to their advantage. About 15 million people are affected by some form of identity theft every year. Those numbers increase every year, most likely because people do not pay attention to the threats facing them while using the internet. Using Norton, or whatever anti-virus program, isn’t enough. Anti-virus programs only protect a fraction of the threats. Proxy servers and other tools are very useful to protect yourself while online.

Some basic tips include:

Protecting your password

Keeping up-to-date records of your accounts/bills

Check your credit report regularly

Do not use debit cards to make online purchases, use credit cards instead.

Do not post or give out prvate information to a website without researching it first (i.e. reading the privacy policy, etc)

Use elaborate, complex passwords.

Come to PrivacyView’s Support/FAQ section for more information on general internet knowledge and ways to protect yourself.

Tweet This Post