stolen purse Archives - ID Theft Resolutions

As Tax Season Approaches, IRS ramps up fight against ID theft

Identity theft is one of the fastest growing crimes nationwide, and tax refund fraud caused by identity theft is one of the biggest challenges facing the IRS. This year, the Internal Revenue Service continues to take new steps and strong actions to protect taxpayers and help victims of identity theft and refund fraud.

Stopping refund fraud related to identity theft is a top priority for the tax agency. The IRS is focused on preventing, detecting and resolving identity theft cases as soon as possible.

Taxpayers can encounter identity theft involving their tax returns in several ways. One instance is where identity thieves file fraudulent refund claims using another person’s identifying information, which has been stolen. Innocent taxpayers are victimized because their refunds are delayed.

Here are some tips to protect you from becoming a victim, and steps to take if you think someone may have filed a tax return using your name:

? Don’t carry your Social Security card or any documents that include your Social Security number (SSN) or Individual Taxpayer Identification Number (ITIN).

? Don’t give a business your SSN or ITIN just because they ask. Give it only when required.

? Protect your financial information.

? Check your credit report every 12 months.

? Secure personal information in your home.

? Protect your personal computers by using firewalls and anti-spam/virus software, updating security patches and changing passwords for Internet accounts.internet accounts

? Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact or you are sure you know who you are dealing with.

If your tax records are not currently affected by identity theft, but you believe you may be at risk due to a lost or stolen purse or wallet, questionable credit card activity or credit report, contact the IRS Identity Protection Specialized Unit at 800-908-4490 (7 a.m. to 7 p.m., Mondays through Fridays).

Be alert to possible identity theft if you receive a notice from the IRS or learn from your tax professional that:

? More than one tax return for you was filed.

? You have a balance due, refund offset or have had collection actions taken against you for a year you did not file a tax return.

? IRS records indicate you received more wages than you actually earned.

? Your state or federal benefits were reduced or canceled because the agency received information reporting an income change.

If you receive a notice from the IRS and you suspect your identity has been used fraudulently, respond immediately by calling the number on the notice.

If you did not receive an IRS notice but believe you’ve been the victim of identity theft, contact the firewalls and anti-spam/virus software at 800-908-4490 right away so we can take steps to secure your tax account and match your SSN or ITIN.

Read more here: http://www.miamiherald.com/news/local/community/miami-dade/community-voices/article7889679.html#storylink=cpy

BY CARMEN-GONZALEZ CALDWELL-SPECIAL TO THE MIAMI HEROLD

It can happen to you. And what you can do about it…

March 6, 2014
By: Christopher Budd (Global Threat Communications)

We’ve heard the phrase “it can happen to anyone” many times in life in many different contexts. The point of the saying is to humble us and remind us that no matter how smart and careful we are, bad things can still happen to us. We’re not so smart and careful that we can control everything.
In the realm of security and privacy, it’s very easy for people to start thinking that they can prevent bad things from happening if they’re smart and careful enough. There’s a tendency to think “Oh, people get malware because they’re stupid or go to bad sites like porn” or “people’s credit cards get stolen because they used it on dangerous sites or got malware on their system.”
While I’ve never gone so far as to think these things, I certainly think of myself as a relatively savvy, sophisticated user. I’ve been in the security and privacy business for over fifteen years. I do all the best practices, I’m careful. I’ve never had malware on my system to date (touch wood). I’ve never had my credit card stolen.
That is, until a few weeks ago.
My charmed life came to an end via email from my credit card company one Friday evening. It asked, did I make a charge for $268 with an online vitamin seller in Florida? I knew I hadn’t made that charge. I checked with my wife and she hadn’t either. So that would be no, that’s not my charge.
Fortunately I was home when I got the message and so immediately logged into my online account. I verified online the number for their anti-fraud division and called them while I was reviewing my pending charges. I saw the charge for dinner that I had just made, that was OK. I saw a couple of other charges of mine from the past day or two, those were OK. Then I saw a charge for $4.11 at a hotel in Naples, Florida. I’ve never been to Naples, Florida in my life, so I recognized that as a problem.
After a short wait, I was connected to an anti-fraud agent. I explained that the charge they asked about wasn’t mine. I also alerted them that the $4.11 charge was false (this was most likely a test charge to see if the card was still active). I told her that the other charges were valid. She denied the invalid charges, kept the valid ones and then we went through the process of cancelling that card and reissuing it.
Over the next couple of days I took time to do full security scans on all my systems that I use for online banking (they came up clean). I checked my other credit card statements for any unauthorized activity (no issues there). I’ve mentioned before that I have a real-time identity-theft and credit monitoring service: I was very happy to have that because that gave me confidence that nothing else had happened yet. I contacted my service and put a credit watch in place to thwart any possible future attempts to open unauthorized credit cards. I checked my
credit report to make sure nothing slipped through and was opened without my knowing (nothing was).
Once I was done with all of that I then moved out of alert mode into watch mode and have been watching my statements closely to see if there’s any other unauthorized activity. So far, though, there hasn’t. I’ll keep watching closely like this for a few weeks yet.
So there’s the obvious question: how did this happen? None of the obvious means of loss apply to me here. I’ve never lost possession of my card save for at restaurants when you have to give it for them to run the check. So how this card was stolen is a mystery. Most likely the data was lost or stolen through issues with a back-end processor or a retailer.
And that’s really the point of this article. In this era of Target-type data breaches, the simple fact is that now more than ever these things really can happen to anyone. You can do all the right things and still fall victim because someone else isn’t doing the right thing. And this means you have to be prepared for bad things to happen unexpectedly, despite your best efforts.
To help you in case something like this should happen to you, here are ten tips on what to do to better protect yourself in case something like this happens to you and help you recover as quickly as possible.
TOP 10 TIPS: WHAT TO DO BEFORE OR AFTER CREDIT FRAUD
Before an incident
1.Make sure all of your computers and mobile devices that you use for online banking and finance are fully up to date for security updates and signatures (and don’t use Windows XP after April 2014).
2.Make sure all of your systems that you use for online banking and finance run mature security packages when they can.
3.If your credit card company offers an alerting service for suspicious charges, sign up for it.
4.Consider enrolling in a real-time identity-theft and credit monitoring service.

If an incident occurs

1.If contacted by your credit card company about a suspicious charge, respond to it immediately. Make sure you verify the phone number they are calling from either on your card or on the card issuer’s website.
2.Work with your credit card company to review all charges and cancel and replace the card right away.
3.Do a full security scan of all systems you use for online banking and finance.
4.Consider putting a credit alert in place to help prevent new accounts being opened in your name.
5.Review your credit report.
6.Review all of your credit card statements. Consider doing so on a daily or near daily basis after the event. Also consider verifying by reviewing your paper statements (some malware can alter online statements to hide malicious activity).

Tax Refund, Other Debit Card Data Exposed in Breach

Tax Refund, Other Debit Card Data Exposed in Breach
The computer breach covers multiple states, and 14,335 accounts were exposed in Connecticut.
by News Staff / December 6, 2013 4 1 0 2 Share on email When Connecticut suddenly ended its longstanding practice of sending paper checks for tax refunds nearly two years ago, some taxpayers criticized the decision to provide refunds via debit cards.

Now, the state is scrambling as some data on those tax-refund cards may have been exposed to potential identity theft.

RELATED
‘Sophisticated’ Hacking Takes Down Wichita Procurement Site
Millions of Californians Affected by Breaches

State Treasurer Denise Nappier announced Thursday that the personal information on some prepaid debit cards was exposed during an attack on the computer servers of JP Morgan Chase, the international banking giant that oversees the debit card program for Connecticut.

The computer breach covers multiple states, and 14,335 accounts were exposed in Connecticut, Nappier said. Nearly 7,000 of those accounts involved taxpayers seeking refunds, and the remainder covered items like unemployment benefits and child-support payments that are now issued on debit cards. Those included more than 4,400 accounts at the state Department of Social Services, nearly 3,000 accounts at the Department of Labor, and seven at the Department of Children and Families.

The cardholders have not yet been notified, but the bank has agreed to provide them with two years of free credit monitoring to avoid problems with identity theft, officials said. The information that was exposed, but might not have been seized, includes Social Security numbers, bank account numbers, passwords, home addresses, telephone numbers and email addresses.

Last year Senate Republican leader John McKinney of Fairfield raised concerns when his constituents complained about the switchover on tax refunds, saying the decision had been made unilaterally without notifying the state legislature beforehand.

When told Thursday about the security breach, McKinney said, “You gotta be kidding me!”

McKinney, who is running for the Republican nomination for governor, immediately called for a public hearing to obtain a full explanation of the details of the breach. He had sought a similar hearing nearly two years ago to answer questions about security and why JP Morgan Chase was chosen for the job. The Democratic-controlled legislature, however, rejected the idea of a hearing and said the switch was a decision by Gov. Dannel P. Malloy’s administration.

“We were told this was a perfect solution,” McKinney said in an interview Thursday. “We were told this was foolproof and secure, and obviously the administration was wrong.”

State tax Commissioner Kevin B. Sullivan, a former lawmaker who served in the state Senate with McKinney for nearly six years, started laughing when he heard that McKinney was calling for a new hearing.

“Sen. McKinney wants to have a hearing on everything, and I appreciate that his gubernatorial campaign needs” publicity, Sullivan said. “His response to everything is to have a hearing.”

Sullivan said that no hearing is necessary and that state officials are working with the bank to resolve the issue.

The tax-refund breach covered only about 2 percent of the 360,000 debit cards that have been issued by the tax department, he said. And those whose information was exposed in that breach would be affected only under certain circumstances.

First, the taxpayer must have been using the card during an eight-week period between mid-July and mid-September, which was the time of the cyber breach that hacked into the bank’s computers. No one has been charged in the cyberattack, and the FBI is investigating. Based on the time period of the attack, a taxpayer who received a refund shortly after the April 15 tax deadline and spent the entire amount on the card in April, May or June would not be affected, Sullivan said.

Second, the person must have activated the debit card by using a computer to access a specific JP Morgan Chase bank website, between mid-July and mid-September.

“Not everyone goes on the website,” Sullivan said. “Some people activate by phone, which is how I did mine. … If you took that card immediately last April and deposited it in your bank, this is not about you.”

Both Nappier and Sullivan said they were shocked that the state was not immediately notified of the security breach by Chase, as required under the bank’s contract with the state.

“I am dismayed that JP Morgan Chase delayed informing my office of this security breach for two and a half months — from mid-September, when they first learned of it, until this week,” Nappier said in a statement. “They should have picked up the phone immediately and called us. That the company failed to communicate this security breach in a timely manner raises concerns over its culture of compliance and broader governance issues.”

After learning Tuesday about the hacking, Nappier said, her office immediately told officials in all of the state departments that were involved.

Nappier added: “At the end of the day, JP Morgan Chase has some work to do not only to assure the holders of its debit cards, but also to restore the state’s confidence in the company’s ability to remain worthy of our continued business. I have no tolerance for anything less than quality customer service, and I expect the management of JP Morgan Chase to direct their full attention to remediating this problem.”

Deputy State Treasurer Christine Shaw said the bank initially offered one year of credit monitoring, but the state pushed successfully for two years.

“JP Morgan Chase’s response to the security breach has been disappointing,” Shaw said in an interview, adding that the contract called for swift notification. “The bank has represented to us that there has been no suspicious activity with these 14,000 accounts” during the eight-week period when information could have been viewed.

Bank officials could not be reached for comment Thursday.

Two years ago, Nappier said that nine banks showed interest in operating the debit card program when it was first discussed. Two banks eventually submitted proposals, and JP Morgan was chosen as the winner in a partnership with People’s United Bank of Bridgeport. The contract, at the time, was designed to cost the state $25,000 per year and in turn would generate an estimated $290,000 in annual savings in bank fees and administrative costs, according to Nappier.

The state has multiple contracts with the bank, including one that paid $138,000 in fees during the 2013 fiscal year for direct deposit and debit card services at the state tax and labor departments, according to state records.

Before the switch at the tax department, unemployment checks already had been moved to debit cards and direct deposit, which Nappier said saves the state about $4 million annually.

The state tax department has been involved in security breaches in the past, including the high-profile loss of a department laptop on Long Island in August 2007 that has not been found. The Social Security numbers of more than 106,000 citizens were lost, and the attorney general’s office issued a 37-page report that said that the tax department acted in a “cavalier and careless fashion” in handling confidential information.

The Long Island laptop turned into the million-dollar laptop as the state spent more than that amount in responding with identity-theft protection measures and moves to prevent miscues.

The tax department, Sullivan said, has made many improvements since the days of the Long Island laptop.

“The department was not very proactive at the time,” said Sullivan, who was among the 106,000 taxpayers whose personal information was on the laptop. “That’s not our practice here. … The department did a horrible job. It never gets better when you don’t tell. The department’s attitude in those days was: Maybe it would just go away.”

Sullivan added, “I suspect that laptop has long ago been dumped somewhere. I’m sure it’s in a landfill somewhere.”

Share this:

Share this:

Share this: