In today’s post, Intersections’ Consumer Security Adviser, Neal O’Farrell shares some very important advice on how to help the elderly, the baby boomer population, protect themselves from consumer fraud and identity theft. This is a very helpful article if you have aging parents, or if you yourself of of that AARP age! Read on!

Just last week I spoke at an identity theft seminar in the affluent Silicon Valley town of Palo Alto, CA. The event was organized by local County Supervisor Liz Kniss and the District Attorney’s office.

While anyone was welcome to join the free two-hour event, most of those who attended were seniors. And a couple of things jumped out at me that reminded me why we need to keep addressing the issue of identity theft among seniors.

The first thing I noticed was the size of the audience. The crowd looked like it topped 100, and there wasn’t an empty seat in the house. That at least suggested that there is still great concern over identity theft and a need for answers.

The second thing that jumped out at me was the very visual answer to a very simple question. When asked how many in the audience had fallen victim to identity theft or fraud, more than half of the audience raised their hands.

While there are lots of statistics about the number of victims of identity theft every year, I was still surprised to find that about one-half of the people in that audience believed they had been victimized by this crime.

This got me thinking. Were they victimized because they live in a very affluent community, surrounded by other affluent communities? After all, we know that identity thieves are increasingly targeting what they refer to as “whales” – higher net worth individuals who have more access to wealth, better credit, and less time to think about protecting themselves.

Or could the answer be even simpler, that these individuals experienced a higher rate of identity theft simply because they are older. I have a feeling I may be on to something there. Financial abuse and identity theft among the elderly are on the rise, and in many cases the thieves are those the victims trust most – caregivers, relatives, and even their own children or family members.

As a result of my presentation, I thought this might be a good time to revisit some sound advice we’ve given in the past, advice you should take to heart if you have elderly relatives, friends, or neighbors:

• The best thing you can do is to be around and in touch. Scammers are less likely to focus on an elderly victim if they know a family member is close by and vigilant.

• If you know and trust their neighbors, ask them to get more involved and keep an eye open.

• If the individual is in a nursing home or retirement community, do your homework on the community, talk to the operators or managers about security, and encourage the individual to keep as little personal or financial information with them as possible.

• If the individual is in a nursing home, suggest that all mail be forwarded to you.

• Talk to them about the risks, give them a simple checklist of warning signs to watch out for, and encourage them to always call you before they buy something new, sign any legal or loan documents, or are pressured or harassed by any stranger. They should be especially careful about telephone solicitations, which often target the elderly.

• Conduct a regular home audit, making sure that all financial documentation is safely locked away, and that any computers have adequate security in place and working.

• If home help or caregivers are involved, let them know that you’re watching out for that individual and will encourage the prosecution of any crime. If you can, do a criminal background check on any caregivers, home help, or anyone else that might have regular access to the home. If you hire a home-care professional, seek out licensed employmen agencies who will perform such background checks.

• If appropriate, offer to handle all financial transactions and account management for the individual, and have them refer any financial enquiries, proposals, or problems directly to you.

• Work with their bank and credit card providers so that they are also alert to any unusual activities or transactions on their accounts.

• Offer to check their incoming mail for suspicious offers, and to check their monthly bank and credit card statements to ensure there are no fraudulent charges or suspicious payments.

• Regularly check that the individual is receiving any Social Security benefits, pension payments, and health care they’re entitled to, and that these entitlements or payments are not being diverted or misused.

• Offer to remove them from direct mailing lists to reduce the amount of junk mail they receive. Also offer to place them on national “do not call lists” to reduce the risk of unwanted telephone solicitations

• Help them make regular payments for things like utility bills so that checks are not stolen in the mail.

• Consider placing a credit freeze on their credit reports to prevent any unauthorized credit. This freeze can easily be lifted if the individual wants to take out new credit.

• Check for any financial or utility accounts that are no longer used or needed and close them if possible.

• Help them to regularly check their credit reports and if possible set them up with a credit monitoring service with alerts sent directly to you

Learn more about identity theft protection.

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’ post, Intersections’ Consumer Security Adviser Neal O’Farrell reminds us that “low-tech” methods used by identity thieves and criminals are sometimes the most effective.

As the busiest season for identity thieves approaches, one of the greatest vulnerabilities for all consumers will be their incoming mail. Mail is a magnet for identity thieves because it usually contains all the ingredients to commit anything from simple fraud to full-out identity theft. And all that priceless information is usually left right at the side of the road for any thief to simply pluck from your mail box.

When an identity thief looks down a street, he or she sees no one watching or protecting the stacks of personal information lining both sides of the streets. Hardly surprising that mail theft is one of the most lucrative forms of identity theft and the most popular for low level or novice identity thieves.

And these thieves know that the Holidays always bring with them a treasure-trove of personal information, and especially financial statements. Mail theft has become so lucrative it’s almost an organized crime with professional mail gangs actively roaming neighborhoods looking for unattended mail that they can grab, run, and sell to other thieves. And we’re already beginning to see a seasonal spike in this kind of crime. Just recently, police in the Northern California city of Chico discovered that mail thieves had ransacked more than twenty seven mail boxes in one spree. And stories like that are now cropping up all around the country.

But it wasn’t on some dark street in an isolated neighborhood under the cover of night. The brazen attack was actually at a Post Office, in plain sight where thieves crashed through a plate glass window, emptied all the mail boxes and sorted out the valuable from the valueless right there on the post office floor.

And some thieves will stop at nothing to get their hands on your mail. One thief was recently charged with hiring two women to attack a postal employee so they could steal the master key he used to open mail boxes. In a vicious assault the thieves actually tazed the postal worker.

So what can you do to protect yourself?

• Collect your mail every day as soon as it arrives.

• Never leave mail out in your mail box to be collected. That’s quite literally a red flag for thieves.

• Consider switching to online banking and bill paying. Most experts believes that online banking is much safer than traditional banking, and by going paperless with your bills and statements you can dramatically reduce the amount of information thieves can steal from you.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’s post, Intersections’ Consumer Security Adviser Neal O’Farrell examines the issue of bank security. Are you safer with a small credit union or community bank? That’s a question that’s increasingly being asked by consumers around the country who are considering moving their bank accounts from a large bank to a smaller credit union or community bank.

According to a recent article in CUInfosecurity.com, risk is the top concern as consumers consider moving their accounts from larger banks to credit unions or community banks. The article points out that at least 650,000 Americans have switched to credit unions since Sept. 29, 54 percent of credit unions have reported increases in share growth, and one of the largest credit unions said its new members and checking-account openings are up 70 percent for the months of September and October.

And credit unions aren’t alone. The same article pointed to a recent poll by the Independent Community Bankers of America which found that 60 percent of community banks had picked up new customers as a result of frustrations associated with larger banks.

If you are thinking of switching from a larger financial institution, or from a bank to a credit union, security should always be a concern. Once you’ve done a side-by-side comparison on key features like account fees and features, loan and credit card interest rates, ATMs locations and fees, and customer service, it’s time to think about security.

There is a concern that many smaller financial institutions are still struggling financially, and may not have enough of a security budget to match that of a larger institution. And if they’re lucky enough to be swamped by new customers, will their security budget and preparedness be able to keep pace?

Those are the most common security questions. Can a credit union really protect me – not just my money but all my personal information too? How good and quick are they at detecting a security breach and notifying me? How quickly can they resolve a security issue or fraud? And will my money be any safer there than at a large bank?

Credit unions have long argued that history shows they suffer from fewer attacks than larger banks. Experts on the other hand have argued that’s only because of their small size. It’s like the Windows vs. Apple argument – Apple users claim Apple products have suffered from fewer attacks because they have better security built in, whereas experts argue it’s just about economics. Hackers and malware writers simply ignored Apple for years because it had so few users compared to Microsoft. Writing code to target Apple products just wasn’t economically viable – just not worth the time.

But as the popularity of Apple products has surged, thanks to iPhone and iPad, we suddenly started to see “Mac Malware” emerge and the malware authors just followed the crowds.

That’s what I expect if there’s a major shift from larger banks to smaller and more local banks and credit unions. The hackers will follow the crowds and I’m just not sure that smaller financial institutions are prepared for the risk exposure. Many are still struggling financially and have not been able to make the enormous and endless security investments the bigger banks have been making.

My recommendation? Before you make the big jump, talk to the financial institution you’re thinking about jumping to. Create a list of the security features you may already enjoy, like two (or more) factor authentication, phishing and keylogging protection, account alerts etc. Then compare that to the security features being offered by your new home. At least with a smaller financial institution you’re more likely to be able to meet a real person and get some real answers.

And make the move slowly, by opening up an account with credit union or bank but keeping your original bank account open for a while. At least until you’ve had time to test your new surroundings.

I think credit unions and community banks should also raise the security discussion themselves. Larger banks are notorious about staying tight lipped when it comes to security, worried that the more they talk about things like identity theft, the more their customers will worry. Whereas the opposite is probably true – talk more and customers worry less, because they know the bank is taking it seriously. Talk less and customers have a right to worry more, if the only people who don’t seem to be worried about security are the ones who should be worried most.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’s article, Intersections’ Consumer Security Adviser Neal O’Farrell asks the question “is the economy helping cybercriminals?” Read on to find the answer!

A recent report from security firm Panda Labs found that in the last three months alone it has detected more than five million new types of malware. That works out to an average of one new type of Trojan, virus, and other malicious program discovered every 1.5 seconds.

Because of the way most anti-virus programs work, once a virus is discovered the anti-virus companies have to rush to write a piece of code or signature that must then be downloaded as quickly as possible by billions of users around the world in order to keep that particular piece of malware out.

That means that many of these viruses can easily make their way on to unprotected computers before the programmers have time to push out the updates. And with many anti-virus companies struggling to grow their profits, it could mean that as malware grows in volume and sophistication, anti-virus companies may have to spend less on updating their software.

And if you don’t believe in such perfect storms, take a close look at the identity theft wars. As identity theft continues to grow, and become more sophisticated, cash strapped police departments no longer have the resources to investigate these crimes. Which only encourages and emboldens more thieves.

The Panda Labs report seems to support this notion. The most powerful and dangerous type of malware, and the type most favored by organized crime for its ability to steal passwords and break into bank accounts, is the Trojan. And according to Panda three out of every 4 new types of malware discovered in the last three months was a Trojan.

Which probably explains why Trojans were responsible for the majority (63%) of infections in the last three months. Trojans are very efficient bank robbers, and the payoff can be enormous. Two cybercrooks from the Ukraine were just sent to prison in the United Kingdom after they were convicted of using exactly this type of malware to steal more than $4 million from bank accounts in just six months.

On a related note, the Panda Labs report also found that the countries with the worst infection rates were China, Taiwan, and Russia. In China, for example, it’s believed that more than half of all PCs are infected by malware.

And traditional attacks like phishing are not going away. Within days of a warning by the American Bankers Association of an unexplained spike in phishing attacks, security researchers had identified a new type of phishing attack that looks like it comes from a well-known bank and offering recipients $35 to complete an online survey.

According to security firm Sophos, the email asked for so much highly confidential information it should be a warning sign. According to Sophos, the email questionnaire asked for:

• Social Security Number
• Card number
• Card expiration
• CVV
• ATM PIN
• First, Middle and Last name
• Email (ironically they mailed you the form)
• Address
• Mother’s maiden name
• Place of birth
• Birthday

And an increasingly common way to spread phishing emails and infect users with this kind of malware is trusty old spam. The irony is that much of the spam in circulation today comes from the computers of innocent users. Spammers use botnets to infect unprotected computers and use them to relay spam to other users. And unfortunately, it appears that the United States still holds the top spot when it comes to relaying spam.

The bottom line? The easiest way to lose a battle is to just walk off the battlefield. As many companies and industries struggle just to survive, they’re cutting back on security. According to this year’s annual Global Information Security Survey, conducted by PricewaterhouseCoopers, nearly 10,000 executives around the world were asked about their plans to make security a priority. Sadly just 11% said that they planned to make data protection a top priority.

Cyber-crooks are taking full advantage. Not only are they developing even more sophisticated malware, they’re deliberately overloading businesses and consumers with so many attacks, something has to give.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’s post, Neal O’Farrell talks about the importance of keeping on top of your own personal security. And there is no better time to do that than in October, which is National Cyber Security Awareness Month.

It’s October again and you know what that means. No, not just Halloween, although some of the stuff out there is beginning to get scary. It’s also National Cyber Security Awareness Month and a great time for you to review your security, take a close look at your personal habits, and make some of those changes you might have been putting off.

October should be “take another look” month because it’s a great reminder for you to take another look at some of the stuff you might be taking for granted.

Take another look at Facebook

• Have you changed your password recently? If not, do it now.

• Have you removed any personal information that might help a thief learn more about your background, like where you grew up, went to school, date of birth etc.?

• Have you hidden your mobile phone number on your Facebook page? Your bank may use that number to send you alerts and you don’t want thieves intercepting those alerts.

• Have you revisited your privacy settings lately? Because Facebook changes so much, you should check your settings regularly to make sure they’re still doing what you expect them to. Network World has a great slideshow entitled “Facebook Privacy: 11 settings to revisit now.”

Take another look at your computer and device security

• When was the last time you updated your anti-virus software, and is it set to automatically update?

• Have you checked that your anti-virus program is actually in place and turned on? Make sure that it wasn’t disabled accidently by another user or family member, or even by malware.

• Are you protecting valuable information on your computer or laptop with encryption? It’s a great defense against theft and hackers.

• Have you removed any apps from your phone and tablet that you don’t really need?

• Have you installed security software in your smartphone or tablet? Don’t forget that these devices can be just as vulnerable as your computers.

Take another look at your credit reports

• When was the last time you checked your credit reports? If it’s been more than three months, it might be time to check them again. Check your reports free at www.annualcreditreport.com.

• Are you using IDENTITY GUARD®? IDENTITY GUARD® provides one of the most comprehensive collections of security tools to protect your identity from all kinds of attacks and it works best if you take advantage of all its great features.

Take another look at your browser

• Have you updated it lately or set it to automatically update?

• Have you looked at the security of add-ons and extensions to your browser, and uninstalled extensions you don’t need?

• Have you thought about switching or upgrading to Internet Explorer 9 or IE 9? It has a host of new security features that can provide almost as much protection as desktop security software.

Take another look at your kids

• Are they on Facebook? If they are, have you talked to them about dangers and precautions?

• Have you created your own Facebook page so you can friend your kids and keep an eye on them?

• Have you set rules for what they can’t say and send on their phones and computers?

• Have you moved family computers to a family area – meaning no computers where you can’t see them?

Take another look at your passwords

• Have you changed the most important ones lately, like bank accounts, email, and Facebook?

• Have you moved from passwords to passphrases, to make it easier to create and remember complex passwords?

• Have you started using a password manager to keep all those passwords in a safe place?

• Have you talked to your kids or employees about changing and protecting their passwords?

Take another look at your bank accounts:

• Do you have a password management system, like ID Vault® or an anti-keylogger such as PRIVACYPROTECT®, on your computer to protect your bank logins and passwords from thieves?

• Have you opted for e-statements instead of paper statements, to protect your statements from being intercepted in the mail?

• Have you set up account alerts so that your bank or credit union can immediately notify you of any payments, transfers, or withdrawals?

• Have you changed your bank account password recently?

• Have you checked your statements for any unusual transactions?

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

There are news reports almost daily about how hackers are able to gain access to the bank accounts of innocent victims and rip off thousands and thousands of dollars. In today’s article, Intersections’ Consumer Security Adviser Neal O’Farrell explains what you need to do to keep your hard-earned money out of the hands of hackers and criminals. A must read!.

The title of this article could just as easily have been “How to make half a million bucks a month from the comfort of your computer.” I was reading recently about how a twenty-something hacker from Russia managed to steal more than $3.2 million in just six months simply by pushing out malware designed to sneak on to unprotected computers, steal banking passwords, and empty bank accounts. His efforts paid off to the tune of around $17,000 a day, give or take.

The hacker goes by the nickname Soldier, and according to research by security firm Trend Micro, he managed to infect more than 25,000 computers in the three months leading up to June of this year using a malware toolkit that is freely available on the internet.

His success, at infecting so many computers and making so much money in such a short timeframe, should be a warning to every consumer to be ever vigilant when it comes to online banking. Soldier is one only of probably thousands of hackers using the same or similar crime kits to plunder online bank accounts.

So if you want to avoid being Soldier’s next victim, here are some simple tips to beef up your defenses.

1. Lock down your computer. Every computer should be protected by multiple layers of security, including anti-virus and other malware protection, encryption to protect your data, browser security to steer you away from malicious web sites etc.

2. Beef up your passwords. Weak passwords are your worst enemy – make them strong, random, and original. No sense in creating one strong password and then using it for every web site you know.

3. Sign up for alerts. Most financial institutions provide email or text alerts when certain things happen with your account – a transfer is attempted, an ATM withdrawal is made, or a check more than a certain amount is presented. Sign up for these alerts because they can be your earliest warning that something’s not right.

4. Be very careful with the apps you use. Apps are great, especially if they’re free. But apps are the wild west of security, with little control over who makes and sells them, and how securely the code is written. So use as few apps as you need and only from trusted sources.

5. Think twice about mobile banking. While banking from your smart phone sounds like a great idea, it’s still in its infancy and new security holes are being discovered daily. If you’re not completely confident about the security of your smartphone, stick to doing your online banking from a computer you do trust. Or at least trust a little more.

6. Don’t access your bank account over a public Wi-Fi network. It’s very easy to snoop on any computers using Wi-Fi networks in places like coffee shops and hotels. So much better to wait until you get home before checking your balances or paying bills.

7. Limit access to your computer. The fewer people who have access to your computer, the less risk you have of compromise. So it might be smart to ban family members from using the computer you use to bank online. That way, you won’t be at risk from their mistakes or bad habits.

8. Consider using a separate computer just for online banking. That’s the advice of the security expert who discovered the first banking Trojan a couple of years ago. If you use a separate computer just for online banking, you reduce the risk of malware sneaking on to your computer through drive-by downloads, infected attachments etc.

9. Use a keylogger prevention system, like PRIVACYPROTECT® which comes free with your IDENTITY GUARD® TOTAL PROTECTION(SM) membership, to protect your passwords from being snooped upon. Keyloggers are able to sniff and steal logins and passwords by monitoring what you type on your keyboard, but products like ID Vault allow you to bypass the keyboard and enter your login credentials using a virtual keyboard instead.

10. Take Facebook security very seriously. It’s not only an easy way for thieves to deliver the kind of malware that can steal your bank account login and password, it’s also a great way for thieves to find the answers to the most common “secret” questions – like the city you were born, your first pet, favorite teacher, and mother’s maiden name.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In our post today, Intersections’ Consumer Security Adviser Neal O’Farrell shares the 4 top ways in which you can lose your identity.

A couple of weeks ago I was reading a blog in a well-known computer magazine where a retired police officer was discussing what in his experience were the top ways thieves can steal your identity. I was surprised to see at the top of the list things like skimming, dumpster diving, and Nigerian 419 scams.

Those are certainly ways you can lose your identity, but they’re far from the most common. And the Nigerian 419 scam isn’t identity theft at all, but simply a con job that preys on the gullible and the vulnerable.

I personally handle dozens of identity theft cases every month, and study hundreds of others. That experience has allowed me to see certain patterns about the types of identity theft we’re seeing, and those most likely to trap victims.

Stolen documents
Documents are the lifeblood of identity theft, and the more documentation thieves can get on their victims, the easier it is to commit the crime.

If you have any of these documents in your home (never, ever, leave these documents in your car), and hide them well:

• Social Security cards
• Birth certificates
• Bank and credit card statements
• Pay stubs
• Any correspondence with the IRS or Social Security Administration
• Tax returns

I’ve seen a growing trend in the use of mobile id theft labs, where thieves have everything in their cars or homes to immediately turn this type of stolen personal information into forged documents, fake checks, and brand new credit cards. In one recent case, an officer told me that when he arrested a mail thief he found more than 60 blank credit cards just waiting to be turned into brand new cards using the stolen information the thief would collect that day.

Mail theft
This continues to be one of the easiest ways to start the process of identity theft. And it’s fuelled in part by the uniquely American tradition of delivering mail to a publicly accessible curb sided mailbox. That’s putting temptation right under the noses of thieves, and it’s such an easy opportunity few can resist. Mail thieves are looking for anything they can use or sell to other thieves, even just your name or address.

Mail theft has become such a lucrative business, a thief was recently charged with hiring two people to assault a mail carrier with a Taser so that they could steal the master key used to open those common area mail boxes.

Data breaches
While it’s not always easy to trace identity theft to data breaches, as consumers we can assume that many identity thefts are as a result of this growing crime.

The numbers don’t lie. Over the last five years there have been an average of one new data beach every single day and as a result more than 500 million personal records have been exposed.

That has given thieves around the world a gold mine mixture of personal profiles, shopping and buying habits, personal family information, passwords, Social Security numbers, credit card numbers, home addresses, personal communications and email, corporate and employee information, health records and so much more.

It’s probably safe to assume that at least some of your personal information is in there somewhere, and thieves have so much of it in their possession it may take them some time to get around to you and yours. But only a matter of time.

Family, friends, and neighbors
The most tragic and upsetting type of crime is one committed by those you’d like to trust, and especially family, friends, neighbors, and co-workers. But I see a constant uptick in this type of crime and often with devastating consequences.

In one case a victim found that an identity thief had been using her identity for a decade, accumulating a long criminal history, multiple convictions, and endless frauds and unpaid bills. The victim was unable to get a driver’s license because the thief had so many driving convictions, and without a driver’s license the victim could no longer cash checks. Her Social Security payments were being diverted, and her disability payments stopped because the thief had been working using her Social Security number.

Turns out the thief was an old family friend, and as a gesture of kindness the victim’s mother had given the thief her daughter’s Social Security number in a good-faith effort to help the illegal immigrant obtain a job.

There are now so many ways that your identity can be stolen, it may be safe to assume that your information is already in circulation or in the hands of thieves. So your focus should be on monitoring your name and your credit around the clock so that you’ll get early warning when those thieves finally make it to you.

That doesn’t mean that you should stop protecting your information in the first place. Security is about creating multiple layers of protection around you, and those layers include prevention, monitoring and response. The more you know how to do these, the easier they become.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

Intersections’ Consumer Security Adviser, Neal O’Farrell continues his security update series. Today,he writes about a recent string of Twitter attacks. The moral of the story? Beef up your Twitter and Facebook passwords!

Seems like hackers and scammers are not forgetting about Twitter when it comes to spreading malware, junk and scams. For a while there it seemed like Facebook had become the favorite child but a recent uptick in Twitter scams proves that as long as it’s a popular way to share and communicate, Twitter will always be a target.

In the most recent scam, Twitter scammers are circulating spam offering free iTunes gift cards. And they appear to have even gone to the trouble of actually creating accounts for non-existent users so they can make the scam look as real and convincing as possible. Clicking on the link in the message doesn’t get you to your free gift card, but instead of a variety of web sites, some of them dating sites, that request your personal financial information.

That scam came on the heels of another attack where the scammers used compromised Twitter accounts to spam thousands of users with messages about a get rich quick scam. Clicking on the link in that message took users to web sites designed to look like local newspaper, where fake participants gave glowing testimonials about how much money could be made from these work-at-home schemes.

And only a week ago, thousands of Twitter users received tweets from friends promoting the miracle “beach body diet.” Turns out it was just another Acai berry promo but again it appeared as though many Twitter users had their account passwords compromised.

As usual, these attacks have common threads, and one of the most common in a compromised password. These scams work best when the messages appear to come from friends. And that’s usually achieved by hacking the “friend’s” Twitter account by taking advantage of a weak password.

Lessons learned?

• If you haven’t already done so, beef up your Twitter and Facebook passwords. Ideally they should be 8-12 characters, and a random mix of letters, numbers and even symbols.

• Protect your password at all times and don’t share it with others, even for fun.

• Don’t use the same password for multiple web sites. That’s a common practice and makes it much too easy to exploit mistakes.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

Neal O’Farrell, Intersections’ Consumer Security Adviser provides the first in a series of security updates for you. Be careful out there!

SC Magazine recently issued a warning about a new approach to phishing that could result in more people falling for a scam that is now more than a decade old. Instead of trying to lure people into clicking on an infected link by pretending to be a bank looking to verify a password, the email pretends to be from a system administrator or other insider and warns the user that their mailbox is full.

Here’s the text of the message:

“Your Mailbox Has Exceeded It Storage Limit As Set By Your Administrator, And You Will Not Be Able To Receive New Mails Until You Re-Validate It. To Re-Validate – > Click Here: [] Note: Do not send email or Password to any one via email. System Administrator.”

It’s a simple but clever tactic. Clever in that uses a phishing lure that is not often used, so users won’t necessarily have their guard up. And who hasn’t received some kind of email from their IT department warning about an email or other technical issue? The “Click here” part could be anything from the download of some malware, to redirection to a fake page where the thief grabs your email and password.

This is a clear sign that scammers recognize how much better users are at recognizing the traditional, badly-written bank password phishing emails that have now been circulating for years. Time may not be far off when those phishing emails are a rarity, and instead we all have to be much more vigilant for phishing emails that are much harder to spot.

And people are still falling for these scams. A very active phisher who was caught last year just received a 12-year sentence. The resident of Long Beach in California had created a network of fake financial web sites that he lured users to using phishing emails.

He then sold the stolen information, including logins and passwords, to criminals in Romania. These individuals used the stolen identities to set up instant lines of credit, and in less than eight weeks stole an estimated $193,000. More troubling was the fact that nearly 38,000 victims fell for the scam.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

Whether you’ve been ordering credit reports for years, or this is your first time, many people wonder “why should I order all three credit reports.” Each credit bureau operates a little differently, which means the information on the reports will vary. Here are a few benefits of ordering all three reports:

1. More accurate understanding of your credit history. Credit bureaus don’t always report the same information. Having all three credit reports will allow you to compare information more accurately.

2. Ability to catch errors. Without ordering all three credit reports, it’s impossible to catch all reporting errors. If you find inaccuracies, make sure to contact the reporting agency directly and file a dispute form.

3. A larger range of credit scores. Since the credit bureaus don’t calculate your score the same, you’ll want to be aware of how they can vary. Reviewing all three credit scores will allow you to better understand how prospective lenders view your creditworthiness.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.