Rick Norris
JD, CPA
Business Management and Consulting
Identity Theft
Forensic Accounting & Fraud detection
Measuring Your Business' Health
Integrated Scorecard Engineering
Please fill in your email address to receive your free newsletter
Identify Identity-Theft Before It Identifies You
By Rick E. Norris, JD, CPA
In the time it took you to boot up your computer and log into your e-mail, 39 consumers have become victims of identity-theft (maybe you). The amazing thing is that 83% of the culprits are not family or relatives. The Federal Trade Commission reports that consumers lost $5 Billion during 2004 due to identity-theft. In addition, Americans spent almost 300 million hours resolving problems relating to identity-theft.
So, beside having your wallet stolen, or losing your credit card, what kind of things can you do to not lose your credit identity? Below, I have identified some major areas where you can be trapped into losing your credit identity
Internet Thieves
Most people know they should not give anyone a bank account number and other confidential information even if the person declares that he is a Nigerian Prince who is willing to pay you a hefty commission.
Have you seen this one?
From: xxxxxx
Sent: Wednesday, June 01, 2005 5:08 AM
To: rnorris
Compliments,
I am Nguyen Van Hoa, a Vietnamese. I worked closely with Mikhail Khodorkovsky the richest man in Russia and owner of the following companies: Chairman CEO: YUKOS OIL [Russia's Largest Oil Company] Chairman CEO: Menatep SBP Bank [A well reputable financial institution with its branches all over the world].
My Boss got arrested for his involvement in politics in financing the leading opposition political parties [the Union of Right Forces, led by Boris Nemtsov, and Yabloko, a liberal/social democratic party led by Gregor Yavlinsky] that posed a treat to President Vladimir Putin?s second tenure as Russian President. You can read more of the story in this site; http://newsfromrussia.com/main/2003/11/13/51215.html.
Due to my privileged role as personal financial adviser to Mr.Khodorkovsky, am in possession of valuable information regarding some coded funds he has with a firm in the UK.I've been in hiding since my boss got arrested and now seek a reliable associate who can assist me in retrieving this coded funds in the UK, so I can come out of hiding and seek political asylum in Canada and start a new life.
I need to relocate to somewhere safe and far away from Mikhail Khodorkovsky or his associates so as not to put the lives of my wife and two kids at risk. Once I receive a positive response and am completely convinced of your intentions, I'll furnish you with concrete details and your specific role, which is risk free. You would receive 10% after we retrieve the coded funds.
I have told you my story straight from my heart and my conscience which they say? is an open wound which only truth can heal?, would be my witness in this transaction.
Thank you and best wishes,
I remain,
Nguyen Van Hoa
I emailed Nguyen and advised that he move to Orange County. A Russian hasn’t been allowed in there since Nikita Khrushchev visited Disneyland in the early 1960s.
Fake sites that you trust
Have you ever gotten an email from PayPal saying you must confirm your User name and Password “for security reasons” or they will have to suspend your account? I know of someone who accidentally did that, and as soon as she typed in her information, it shot off to some unknown database of stolen information.
I was curious when I was emailed, so I looked at the URL link, and it even had “Pay Pal” somewhere in the address. But the giveaway was it stared with an IP address like:
http//www.36.2.25.12-paypal_administration.net
Once I saw the IP address, I knew if I clicked on it, I was not going to Pay Pal. So, to test it, I clicked on it and was sent to a page that was almost an exact Pay Pal copy. All links like special offers, sending money, receiving money were linked to the real Pay Pal account. However, the place where you would enter your personal information was the tricky one. Here is an example of a fake email:
Other tips that Pay Pal warns you about:
10 ways to recognize fake (spoof) emails
1. Generic greetings. Many spoof emails begin with a general greeting, such as: "Dear PayPal member." If you do not see your first and last name, be suspicious and do not click on any links or button.
2. A fake sender's address. A spoof email may include a forged email address in the "From" field. This field is easily altered.
3. A false sense of urgency. Many spoof emails try to deceive you with the threat that your account is in jeopardy if you don't update it ASAP. They may also state that an unauthorized transaction has recently occurred on your account, or claim PayPal is updating its accounts and needs information fast.
4. Fake links. Always check where a link is going before you click. Move your mouse over it and look at the URL in your browser or email status bar. A fraudulent link is dangerous. If you click on one, it could:
o Direct you to a spoof website that tries to collect your personal data.
o Install spyware on your system. Spyware is an application that can enable a hacker to monitor your actions and steal any passwords or credit card numbers you type online.
o Cause you to download a virus that could disable your computer.
5. Emails that appear to be websites. Some emails will look like a website in order to get you to enter personal information. PayPal never asks for personal information in an email.
6. Deceptive URLs. Only enter your PayPal password on PayPal pages. These begin with https://www.paypal.com/
o If you see an @ sign in the middle of a URL, there's a good chance this is a spoof. Legitimate companies use a domain name (e.g. https://www.company.com).
o Even if a URL contains the word "PayPal," it may not be a PayPal site. Examples of deceptive URLs include: www.paypalsecure.com, www.paypa1.com, www.secure-paypal.com, and www.paypalnet.com.
o Always log in to PayPal by opening a new web browser and typing in the following: https://www.paypal.com/
o Never log in to PayPal from a link in an email
7. Misspellings and bad grammar. Spoof emails often contain misspellings, incorrect grammar, missing words, and gaps in logic. Mistakes also help fraudsters avoid spam filters.
8. Unsafe sites. The term "https" should always precede any website address where you enter personal information. The "s" stands for secure. If you don't see "https," you're not in a secure web session, and you should not enter data.
9. Pop-up boxes. PayPal will never use a pop-up box in an email as pop-ups are not secure.
10. Attachments. Like fake links, attachments are frequently used in spoof emails and are dangerous. Never click on an attachment. It could cause you to download spyware or a virus. PayPal will never email you an attachment or a software update to install on your computer.
When discarding a computer
My insurance company is very careful to warn me about my client’s confidential information. One point is that overwriting data on a hard drive, or just deleting files does not necessarily get rid of the data. I was reading an article in an accounting magazine, tonight, about forensic accountants who specialize in recovering deleted data like emails used to expose company fraud.
When you are switching computers, many organizations can destroy them onsite within the guidelines of the EPA. I recommend you use your due diligence and investigate these services. Computers should be recycled, not trashed, after data sanitized.
Protecting your identity
Below, I have expanded on some of Farmers Insurance Company list of ten common-sense ways to keep your identity safe:
- Shred documents you receive that contain personal information including credit receipts and pre-approved credit applications. We seem to get the credit card applications every day. Shred them or at least rip them apart in the area where your name is listed or you may find someone else ordering the card for you.
- Guard your mail from theft by putting outgoing mail in a drop box, and retrieving your mail from your mail box promptly. The Postal Service may not allow you to move your mail drop from the curb to your door, so, if you have a curb-side box, install a locking device. And please do not leave mail out there to be picked up.
- Never give information to people over the phone, Internet or mail unless you know who you are dealing with and the information is secure. When using an unfamiliar web site, look for the certification of their internet privacy. For example:
Sites have security seals that can be clicked to read the security level and whether an independent source has verified it.
4. Review your credit report carefully on an annual basis. Don’t do it too often because every time you run your credit report, you lower your credit rating a couple of points.
5. Note when your bills arrive every month and contact the vendor if they are late, especially bank statements and credit cards.
6. Don’t leave valuables or personal information in your car.
7. Never let your credit or debit cards out of your sight. Keep numbers covered when waiting in line, and don’t leave an open purse over your shoulder.
8. Study your credit card statements, and challenge any unusual charge.
9. Don’t use a common password like your birth date and last four digits of your social security numbers.
10. Reconcile your bank account each month, or at least be aware of your bank balance at all times using internet access to your account. For example, when I noticed my account moving quickly into my overdraft, I knew something was wrong. I quickly acquired a current bank statement to discover someone had created fraudulent checks and were cashing them. I was able to shut the account down in days, and admonished BofA for not calling me every time someone tried to cash a check at my bank. I instructed BofA of that before, but a distant branch did not follow protocol.
I hope some of these suggestions help make you a little securer and confident in protecting your identity.
Let’s talk?
Call me today 310-216-7632 or email Rnorris@ricknorriscpa.com for a free consultation
"Rick Norris has been an outstanding business advisor & tax consultant
for my company. We have, and continue to, rely on him for advice
regarding strategic planning, business issues, as well as tax preparation. Truly an outstanding business executive."
Randy Parker
PARKER MUSIC GROUP
Copyright© 2004, Rick Norris, 5757 W. Century Blvd, 7th Floor, Los Angeles, CA 90045