Search This Blog

Wednesday, March 13, 2013

Fraud at the Cybertrough

From the Computer Vault Dept.: Although this piece dates back thirteen years, most of its advice still holds true (and the credit bureau phone numbers are still good). Having just been the victim of a counterfeited credit card, I know the pain of some of the nastiness described below.

                                                                                                    

THE INTERNET IS a terrific source of information, but some of it may be hitting too close to home. You’ve no doubt seen the e-mails offering tips on how to “find out anything about anyone” – what if that anyone is you? Are your credit card numbers out there, waiting to be swiped? Is somebody out there grabbing hold of your whole financial identity?

Identity theft is one of three particularly nasty scams awaiting the unsuspecting Internet user; we’ll introduce them and offer some tips to avoid becoming a victim. Of the three, theft of identity is the worst, with the potential of damage that can take years to correct.

If you’re looking for bargains on the Internet, beware the proliferation of counterfeit goods. Big-ticket items peddled on the net aren’t always what they’re supposed to be – you’re taking the same chance you take buying that Rolex off a street vendor.

And just as rogue e-mail can cripple your system, clever hackers can worm their way into your computer, steal passwords, and ultimately cripple your machine. Just being online makes you vulnerable, but we’ll show you some software programs that add a firm layer of protection.

Identity Theft

You get a rude call from a collection bureau demanding payment of a debt you don’t recall incurring. They’ve got your name and address correct, but you know nothing of this credit card they’re talking about. As you investigate further, you discover that there are several such accounts in your name, with big unpaid balances. You’ve had your identity swiped.

Using a few key pieces of information about you – your Social Security number is the most important – a thief has established new accounts in your name, based on the good credit record you’ve already established. The thief’s spending spree ends quickly, but for you, the nightmare may go on for years.

It’s an old crime, but the Internet has made it easier than ever to find the necessary information quickly. Software programs like Net Detective make it easy to scour to web for personal info, and once the thief has that, there are several sites that will make fake ID cards virtually indistinguishable from drivers licenses once you peel the sticker that reads “Novelty” from the card.

How to prevent it:

Be stingy with your Social Security number. It’s only required for certain financial documents, and should not be used to identify you. Don’t routinely supply it; ask for another ID number.

Marshal your credit card account numbers. Don’t write it on envelopes or checks, and be aware of what goes into your trash. Dumpster divers find financial gold among the coffee grounds. Even an old wallet can display a credit card number on the plastic sheath in which your card was pressed.

Review your credit report regularly. Be sure to get it from one of the big three companies (noted below), otherwise, you risk giving out more valuable information than you’re taking in. Some states (Colorado, Georgia, Maryland, Massachusetts, New Jersey, and Vermont) mandate that you can get a free report each year; otherwise, it will cost no more than $8.

How to fight it:

Document everything. From the moment you discover the problem, keep a journal. Record all conversations; get names and phone numbers. When you talk to credit bureaus, collection agencies, and police, write down any promises they make.

Report the problem to the fraud units of the three big credit bureaus. Experian, which used to be TRW, is at (888) 397-3742; call Equifax at (800) 525-6285; and alert the Fraud Victim Assistance Department of Trans Union at (800) 680-7289. You also need to get copies of your credit report, which are free to identity-theft victims.

Identify the fraudulent accounts, and close them. Don’t use the “lost or stolen” reason, which suggests culpability – be sure to have it noted that the account was closed at your request. And don’t, under any circumstance, pay even a part of a debt you didn’t incur. You will have to follow up all phone calls with letters, so be sure to get contact names and addresses from the creditors.

Alert your local police, and get a copy of the police report. You may have to be persistent: according to the California Public Interest Research Group (CALPIRG), some police departments don’t consider identity theft a serious enough crime to get involved with.

You’ll probably need to get an attorney. Call your local bar association to find out who specializes in identity theft cases.

For more detailed information, check out CALPIRG’s identity theft website.

Counterfeit Goods

Another one of those too-good-to-be-true eBay auctions: a Rolex watch, authentic, for only a couple of hundred dollars. Why so cheap? It’s either a once-in-a-lifetime bargain or a cheap, overpriced knockoff. Which do you think it is? A recent eBay search on keyword “Rolex” produced a list that ranged from a $22,600 Platinum Rolex President) to an acknowledged knock-off with a starting bid of a nickel (“I hate these damn things,” writes the seller). In between were more than 1500 other items, some of them seeming temptingly real.

Because there’s no direct contact between seller and buyer, the Internet makes it easier than ever to pass off forgeries as the real thing. Collectors are always eager for that amazing bargain, and count on the ignorance of those unfamiliar with a particular product to unwittingly pass it along for next to nothing. But that’s the stuff of garage sales, not online commerce.

Cyveillance, an e-business intelligence provider, studies the problem each holiday season, and in late 1999 determined that four to eight percent of the 7,000 or so Web sites selling Gucci, Rolex and Mont Blanc products were pushing phony goods. As the number of sites selling luxury goods doubled during the preceding year, the number of counterfeit sellers grew accordingly.

Cyveillance CEO Brandy Thomas noted that if online sales “were to represent just five percent of the $150 billion market for luxury goods, losing even two percent of that total means hundreds of millions in lost revenue for these luxury brand companies.”

Unlike cheaply made fashion knockoffs, pirated software is identical to the original. It only lacks support. This has long been the bane of legit manufacturers, and the Internet adds to the mess with websites dedicated to instant dissemination of programs. According to International Data Corp., the 1999 worldwide market for electronic software sales reached $3.5 billion, so there’s a great financial incentive for thieves. Late in 1999, Microsoft filed suit against three companies actively duping customers, and promises to remain vigilant (see www.microsoft.com/piracy).

Vigilance, knowledge, and honesty are the only weapons against counterfeits. Know your seller, and resist those too-good-to-be-true deals.

Intrusion

Coming home to find your house burglarized is one of the most sickening feelings you can encounter. And it’s not just the loss of your stuff: it’s the sense of intrusion that’s so awful.

When some miscreant hacks into your computer, that sense of intrusion is compounded by the sneakiness of it, and awful knowledge that someone with very specialized skills has crept, Lex Luthor-like, into your machine.

Professional configurations include a firewall, which is software designed to repel unwarranted intrusions. But your home machine is a target, too, any time you’re online. If you’ve been compromised by certain Trojan Horse programs, you’re easy pickings for the savvy hacker.

For example, one of the most notorious of such programs is called Back Orifice, which was released in 1998 by the hacker group Cult of the Dead Cow. The premise is simple: you download an infected program from a friend or an Internet site, run it, and unwittingly release the Back Orifice module hidden within. Should a hacker find your compromised machine while you’re online, that person can gain full control of it. Other Trojan Horses work similarly.

It’s appalling to discover just how often intrusions occur. Don’t be surprised to see a warning icon flash every hour or two, but it’s not you alone they’re after. Hackers sweep the Internet with such searches. They indiscriminately go after every detectable online presence. Most of the intrusions are simply investigative, looking for vulnerable spots you already should have covered with an anti-virus program. 

And just as your anti-virus program protects you from those Trojan Horses and other bad bugs, you should shore up that protection with a firewall program. [Microsoft Windows now comes with its own firewall, and more robust ones are easy to find online.]

cnet.com, August 2000

No comments: