In today’s article, Intersections’ Consumer Security Adviser, Neal O’Farrell writes about how cyber criminals and identity thieves target small businesses. Why? Because many small businesses do not have substantial security procedures in place, and they make an attractive target for thieves hoping to steal your personal information.

Last night a neighbor of mine called for some advice on identity theft. He’d just received a call from a mortgage broker he hadn’t dealt with in more than two years, who told him that he’d just had a break-in at his office, his computer was stolen, and my neighbor’s personal information was on that computer. Along with the personal information of possibly thousands of other victims who had provided their personal information to that broker over the years.

And because the information was about loan and mortgage applications, it included everything a thief would need to commit devastating identity theft against multiple victims. Information like name and spouse’s name, Social Security number, address and date of birth, earnings and employer, previous addresses and more.

What bothered my neighbor most, apart from the obvious risk to his identity, was why the broker had held on to so much sensitive information for so long. And why it was sitting unprotected on a personal computer for so long.

I had to explain to him that this practice was very common. Small businesses, whatever their nature, tend to be unfamiliar with security procedures and data protection basics. Chances are, this broker has been hanging on to highly sensitive client information for years, maybe even decades, either in the hope that he could do business with those individuals again in the future, or simply because he was too lazy to properly dispose of that information after he no longer needed it.

While something as simple (and often free) as encryption would have made that personal information completely safe from thieves, few small businesses have yet embraced this simple idea.

I’ve been saying for years that one of the biggest identity theft threats for consumers are the small businesses they deal with on a daily basis. I don’t want to be harsh on small business owners – I’ve been one for thirty years – but they’re running out of excuses. There are few small business owners today who have not heard about cybercrime and identity theft and who are not aware that they have a responsibility to protect their customer and employee information from these threats.

Yet there are also very few small business owners, in my experience, who are actually doing anything about it. The most common excuse I hear from small business owners is that they’re just too small for a hacker to bother with. This completely misses the point, because hackers usually work by doing large sweeps or trawls for victims, and are quickly able to identify those businesses that have gaping security holes.

And with identity theft often viewed as the new burglary, small business owners have just as much to fear from local petty criminal as they have from global cyber gangs, because information stolen in burglaries often ends up in the same place.

Which probably explains why the most recent study of data breaches, just published by Verizon’s security division, found that out of the 855 data breaches the company’s security team investigated last year, more than 600 of them were at small businesses. That tally’s with a claim made last year by Visa that approximately 95% of its credit card breaches were at its smallest customers.

If any small business owner is still not convinced that hackers are targeting small businesses, the Verizon report also found that more than 80% of these breaches were as a result of the activity of hackers, and nearly 70% involved the use of malware.

To me there’s little doubt that the small business is squarely in the sights of hackers and cyber criminals around the world, and a single security incident at a small business could be its’ death knell. As public awareness grows about the danger of doing business with small businesses, worried consumers may take their business elsewhere.

And the inevitable result, if small business owners fail to take heed and responsibility, is that some form of legislation will be introduced to force small business owners to do the right thing.

If you are interested in reading the 2012 Verizon Data Breach Investigations Report, you candownload a copy here.

Learn more about identity theft protection.

Keep informed about the latest threats to your safety. Join our Facebook group.

We recently reported on the findings of the 2012 Identity Fraud Report released by Javelin Strategy and Research. The report states that the number of identity fraud incidents increased by 13 percent in 2011, totaling 11.6 million adult victims. The report also found that certain social media behaviors and increasing number of data breach incidents contributed to the overall amount of identity fraud instances in the United States over the past year.

Our infographic highlights some of the things that you can do to protect yourself from identity fraud. Please share it with your friends and colleagues.

Read more about the 2012 Javelin Strategy & Research Identity Fraud Report.

Learn more about identity theft protection.

Keep informed about the latest threats to your safety. Join our Facebook group.

Taxes are inevitable. As the saying goes, taxes are literally one of the two guarantees we can always count on in life. Unfortunately, what we can also count on are ill-willed identity thieves eagerly awaiting the opportunity to take advantage of all the sensitive data passed around during tax season. Identity thieves love tax season for a variety of reasons – here are just a few:

• Sensitive documents will be exchanged, sent, and shared between employers, employees, and tax preparers.
• They know large amounts of money will be moving across accounts, especially online.
• Scams are easy to pull off during this busy time – people are quick to react to mail (or e-mail) from the IRS because they want to get their returns. This gives fraudsters the opportunity to act maliciously.

Tax filing is already a complicated process and security is just another risk filers have to consider, not the least of which is choosing the right tax preparer. The good news is there are several important steps consumers can take to help keep their data safe.

Here are some tips to keep in mind as you safely file your taxes this season:

Top Tips for a Safe & Secure Tax Season:

1. Be suspicious of any calls or emails purporting to be from the IRS, no matter what the issue. For example, some scams claim that someone else has already filed tax returns in your name or with your SSN. The IRS will always write to you first, will rarely call, and will never email you.

2. Never confirm your SSN or bank account details by email or over the phone unless you are the one placing the call.

3. If you plan to use an online tax preparation service, make sure you stick with a reputable one that has adequate security measures in place. And be careful when typing in the URL or web address of an online service in case you misspell the name and end up on a fraudulent site that looks like the real one.

4. If you plan to use online tax preparation software and intend to keep a copy of your return on your computer, you should immediately rename your return with a different file extension. It is also highly recommended you use a USB external drive to save your information instead of storing it directly on your computer.

5. Make sure your computer is free of malware like computer viruses and spyware that can steal a copy of your SSN or bank account password.

6. Choose your tax preparer carefully and don’t be afraid to ask them important security questions, such as how your information is protected at their offices during and after preparation, how long they will keep a copy of your tax return, and whether they conduct background checks on their employees.

7. If you owe money to the IRS, try to pay online through their system. If you have to pay by check, spell out the name “Internal Revenue Service” because it’s harder to forge than the letters IRS.

8. If you make copies of your return on a photocopying machine, be aware that many machines keep a copy of your pages in short term memory! Using photocopiers in public locations is not recommended.

9. Don’t forget to shred any unnecessary documents or copies when tax season is over. Dumpster divers will be on the prowl to get your banking account details and SSNs.

10. Use a credit and public monitoring service. Services like IDENTITY GUARD® TOTAL PROTECTION(SM) provide the most comprehensive identity and credit protection solution; including, three credit scores, credit monitoring, credit report updates, ID monitoring with alerts, SSN and address monitoring, and more.

Join the discussion! Learn about the latest tips to protect your identity during tax season, and join our Twitter Party with Resourceful Mommy on Thursday, March 8th from 8:00 to 9:00 p.m. ET.

The recent Zappos data breach has highlighted the need to protect your computer passwords. We have written about the need to protect your computer passwords, and the importance of having different passwords for every online account. But, how do you keep track of all of those passwords? How many of you are sitting here reading this post, with all of your computer passwords written down on Post-It® notes sticking all over your desk or on your computer monitor? Gotcha!

Today, The Daily Shield welcomes back Identity Guard® product manager Lindsey George and she tells us about a tool called ID Vault®, which is included with IDENTITY GUARD® TOTAL PROTECTIONSM. ID Vault stores all of your computer passwords and will sign you on to all of your online accounts. Watch the video below as Lindsey explains how to use this important tool.

Follow Lindsey on Twitter!

Keep informed about the latest threats to your safety. Join our Facebook group.

It was a story that made the national headlines last year. A former Wells Fargo Bank executive was arrested and charged with stealing her own identity. Now, after nearly two years, charges against her have been completely dropped as the police finally capture the real identity thief. Watch the video and hear her amazing story.

Visit msnbc.com for breaking news, world news, and news about the economy

Learn more about identity theft protection.

Keep informed about the latest threats to your safety. Join our Facebook group.

We are joined once again today by Steve Schwartz, Intersections’ EVP, Consumer Services. In today’s video presentation, Steve shares some very important safety tips to help keep your kids safe online when using social media. We all want to have fun on sites such as Facebook and Twitter. By following a few simple rules, you can make help make the experience both fun and safe for your kids.

Learn more about the growing problem of child identity theft and what you can do about it.

Keep informed about the latest threats to your safety. Join our Facebook group.

Intersections’ Consumer Security Adviser Neal O’Farrell shares some security insights into the popular Internet phone service,Skype. Let the caller beware!

If, like me, you’re one of the millions of people who use Skype to make phone and video calls, you might want to be aware of some serious security issues that are emerging.

Researchers at universities in New York, France, and Germany plan to publish a paper called “I Know Where You Are and What You Are Sharing,” at a major internet conference in Berlin next month. The paper promises to outline what many experts believe are major flaws in Skype that could be downright creepy.

The authors claim that the privacy weaknesses they are found are so easy to exploit, a sophisticated high school-age hacker would likely be capable of executing similar attacks.

Here’s just an example of some of those risks:

• When person A calls person B using VoIP, person A is able to determine person B’s IP address, and perhaps even their location and the name of their ISP.

• Attackers can get this information by calling a person and hanging up quickly so the recipient of the call will never even know – there’s no ringing or pop-up window.

• An attacker can make some of these attacks even when they’re not on the other user’s contact list and even when they’ve been blocked from that user’s list.

• By repeating some of the attacks on an hourly basis, the attacker can track the locations and movements of any Skype user over weeks or even months, without the user having any idea that he or she is being tracked.

• Marketers can easily link to information such as name, age, address, profession and employer from social media sites such as Facebook and LinkedIn in order to inexpensively build profiles on a single tracked target or a database of hundreds of thousands.

In one demonstration, the researchers tracked the Skype accounts of about 20 volunteers as well as 10,000 random users over a two-week period and were able to construct a detailed account of a user’s daily activities even if the user had not turned on Skype for 72 hours.

According to their press release “In one example, they accurately tracked one volunteer researcher from his visit at a New York university to a vacation in Chicago, a return to a New York university, lodging in Brooklyn, then to his home in France. ‘If we had followed the mobility of the Facebook friends of this user as well, we likely would have determined who he was visiting and when.’”

The researchers also calculated that it would cost a marketing company just $500 per week to create a database capable of tracking 10,000 Skype users.

Why target Skype? The very same reason hackers have relentlessly targeted Facebook and other social networking sites – because it’s where the crowds are. Skype has more than 500 million registered users and around 170 million active monthly users who use it to make phone and video calls, send text messages, and even use it for corporate video conferencing.

And apparently it’s not just Skype that’s vulnerable but many other VOIP services. The authors of the report claim that “These findings have real security implications for the hundreds of millions of people around the world who use VoIP or P2P file-sharing services. A hacker anywhere in the world could easily track the whereabouts and file-sharing habits of a Skype user – from private citizens to celebrities and politicians – and use the information for purposes of stalking, blackmail or fraud.”

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

We have written about the growing problem of child identity theft. So today, we have taken an important step in the fight against child identity theft with the launch of our child identity theft protection service kID Sure(sm). In our video today, Intersections’ product manager Lindsey gives us an overview of the kidSure service and how it works.

Learn more about kIDSure.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’s post, Neal O’Farrell talks about the importance of keeping on top of your own personal security. And there is no better time to do that than in October, which is National Cyber Security Awareness Month.

It’s October again and you know what that means. No, not just Halloween, although some of the stuff out there is beginning to get scary. It’s also National Cyber Security Awareness Month and a great time for you to review your security, take a close look at your personal habits, and make some of those changes you might have been putting off.

October should be “take another look” month because it’s a great reminder for you to take another look at some of the stuff you might be taking for granted.

Take another look at Facebook

• Have you changed your password recently? If not, do it now.

• Have you removed any personal information that might help a thief learn more about your background, like where you grew up, went to school, date of birth etc.?

• Have you hidden your mobile phone number on your Facebook page? Your bank may use that number to send you alerts and you don’t want thieves intercepting those alerts.

• Have you revisited your privacy settings lately? Because Facebook changes so much, you should check your settings regularly to make sure they’re still doing what you expect them to. Network World has a great slideshow entitled “Facebook Privacy: 11 settings to revisit now.”

Take another look at your computer and device security

• When was the last time you updated your anti-virus software, and is it set to automatically update?

• Have you checked that your anti-virus program is actually in place and turned on? Make sure that it wasn’t disabled accidently by another user or family member, or even by malware.

• Are you protecting valuable information on your computer or laptop with encryption? It’s a great defense against theft and hackers.

• Have you removed any apps from your phone and tablet that you don’t really need?

• Have you installed security software in your smartphone or tablet? Don’t forget that these devices can be just as vulnerable as your computers.

Take another look at your credit reports

• When was the last time you checked your credit reports? If it’s been more than three months, it might be time to check them again. Check your reports free at www.annualcreditreport.com.

• Are you using IDENTITY GUARD®? IDENTITY GUARD® provides one of the most comprehensive collections of security tools to protect your identity from all kinds of attacks and it works best if you take advantage of all its great features.

Take another look at your browser

• Have you updated it lately or set it to automatically update?

• Have you looked at the security of add-ons and extensions to your browser, and uninstalled extensions you don’t need?

• Have you thought about switching or upgrading to Internet Explorer 9 or IE 9? It has a host of new security features that can provide almost as much protection as desktop security software.

Take another look at your kids

• Are they on Facebook? If they are, have you talked to them about dangers and precautions?

• Have you created your own Facebook page so you can friend your kids and keep an eye on them?

• Have you set rules for what they can’t say and send on their phones and computers?

• Have you moved family computers to a family area – meaning no computers where you can’t see them?

Take another look at your passwords

• Have you changed the most important ones lately, like bank accounts, email, and Facebook?

• Have you moved from passwords to passphrases, to make it easier to create and remember complex passwords?

• Have you started using a password manager to keep all those passwords in a safe place?

• Have you talked to your kids or employees about changing and protecting their passwords?

Take another look at your bank accounts:

• Do you have a password management system, like ID Vault® or an anti-keylogger such as PRIVACYPROTECT®, on your computer to protect your bank logins and passwords from thieves?

• Have you opted for e-statements instead of paper statements, to protect your statements from being intercepted in the mail?

• Have you set up account alerts so that your bank or credit union can immediately notify you of any payments, transfers, or withdrawals?

• Have you changed your bank account password recently?

• Have you checked your statements for any unusual transactions?

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.

In today’s post, Intersections’ Consumer Security Adviser Neal O’Farrell shares 10 very important tips that could help keep your personal and employment information out of the hands of cyber spies. Read on!

Could corporate spies be stalking you?

It’s been more than thirty years ago since I followed a surge in corporate spying in Ireland, where corporate thieves were being paid small fortunes to steal data from businesses, tap telephones, and even break into offices.

Fast forward thirty years and while the game remains the same, the players and tools have changed. And there’s clear evidence over the last few years that criminals, corporations, and governments around the world are targeting employees who may be careless with what they say or how they guard corporate secrets.

In a recent story in the Washington Post, business travelers heading to China were warned not to bring with them anything that might give competitors a competitive advantage. The Post warned that China, Russia, Israel and even France were hotbeds for corporate espionage, in many cases sanctioned by their own governments in an effort to give home-grown companies a competitive or technical advantage.

According to the Post “Travelers there often tote disposable cell phones and loaner laptops stripped of sensitive data. Some U.S. officials take no electronic gear. And a few corporate executives detour to Australia rather than risk talking business in a bugged Chinese hotel room.”

Corporate and personal data are the new world currency and the thieves will stop at nothing to get their hands on whatever data you’re carrying. As far as thieves are concerned, everyone has as story worth telling and data worth stealing. If they can’t use it themselves, they can still make money selling it to someone else.

And there have even been reports of governments placing bounties on the laptops of senior executives of a long list of companies, paying handsomely for any who steals and turns over these laptops.

The risks are two-fold: that in an effort to steal company data from you while you’re travelling, the thieves end up with your personal information and identity; and you become the unwitting backdoor through which corporate spies steal invaluable data that could do serious damage to the company you work for.

American identities are considered especially valuable on the black market because, in spite of the recession and credit crunch, it’s still relatively easy to access credit lines quickly if you have the basic identity information of the victim.

Here are ten ways you can protect your personal and employer information from the sticky fingers of cyber spies.

1. Travel “data light.” Take as little sensitive information with you, both corporate and personal. It means less for you to guard and worry about, and less harm if you fall victim.

2. Encrypt everything. Encryption is the best and easiest way to protect data that has been lost, stolen, or accessed by malware. Without the proper key the data is useless to the thief.

3. Watch your laptop like a hawk and turn your back on it down for a moment.

4. Think twice about using free Wi-Fi networks when travelling, and especially at conference venues and your hotel room.

5. Avoid bringing thumb drives with you or transferring information from your laptop to thumb drive when travelling.

6. Treat your smart phone like it’s a laptop and take as many precautions as possible. Store as little information as possible on it, use the password locking feature, and don’t leave it lying around.

7. Make sure you make regular online backups of everything that’s on your laptop and phone. If they’re lost or stolen, at least you’ll still have an accessible copy.

8. Practice safe computing. A common way to steal data and breach security is to target busy employees with emails, text messages, and Facebook messages that hide dangerous Trojans and other malware. Always be vigilant when clicking on any link or opening any attachment, but give everything double scrutiny and skepticism when you’re travelling.

9. Don’t leave files or data storage devices in your hotel room. Carry everything with you, even if it’s a little inconvenient.

10. Consider using a laptop or smartphone tracking system. It can help locate a lost or stolen device.

Want to learn more about identity theft protection and our credit monitoring services?

Keep informed about the latest threats to your safety. Join our Facebook group.