Credit Card Skimming

Anyone can become a victim of identity theft. This week was my turn – once again. My credit card company called to check on some suspicious purchases where someone used my card number to buy over a $1,000 worth of merchandise on a boot-buying binge as well as hundreds of dollars at a grocery store, all in a town about an hour from where I live.

On this video blog, you can learn a little bit about skimming and how crooks get your card number and what to do to minimize the risks.

 http://youtu.be/p8iWrB5q_K8

 

Get a Business Black Belt for your organization – visit www.businesskarate.com/karate-belts.

Eric Smith, CPP is the leading authority on organizational self-defense. He has extensive experience in law enforcement as well as security management. Eric is available for staff education and security awareness training as well as business coaching to help organizations provide safe workplaces. To learn more email Eric at businesskarate dot com.

 

 

If you would like to reprint this post, please contact Eric at Eric at businesskarate dot com.

The Scoop On Identity Theft

Identity theft is a growing problem. You can hardly turn on the news without hearing another story on identity theft or the importance of protecting personal information. Every day, we are bombarded with ads promising protection from identity theft if the right paper shredder is used or we subscribe to the monthly service that will protect our credit scores.

So, what is the risk from identity theft – is it really so dangerous? Are there steps that can be taken to protect against this type of crime? The answer to both is yes.

Let’s start with a look at the risks. The Federal Trade Commission estimated that total losses to business and financial institutions due to identity theft were $48 billion. The average loss to a business from identity theft was $4,800 per incident. Individuals lost an average of $580 to $800 depending on the type of fraud or identity theft. It may also take 30 to 60 hours to resolve identity theft. In some studies, victims have reported spending 175 hours to clear their names.

Biblical backgrounds

Isaac blessing Jacob in disguise (from WikiCommons)

 

Identity theft is not new. Perhaps the first documented case of identity theft is found in the bible. Jacob was the younger of twin brothers and wanted the blessing that his father was going to give to the older brother, Esau. Jacob knew that his father, Isaac, was nearly blind so Jacob disguised himself to resemble Esau, approached Isaac and tricked him into giving the blessing to him instead of Esau.

Wax seals were a form of protection from identity theft.

Since that time, kings, popes and other dignitaries have gone to great length to authenticate important papers with the use of wax seals. The seals were stamped with the crest or emblem specific to that individual as a mark to guarantee that the information therein was truly from that individual and to protect the privacy of the contents.

ID Theft in the 21^st Century

Modern technology has brought about changes on how identity thieves operate. Contemporary techniques include pharming, phishing and skimming. Pharming involves using the Internet to redirect a victim from a legitimate website to an alternative site that is designed to look like the genuine site, but instead is used to collect personal information. Phishing is more widely known now and involves emails sent from what appears to be a legitimate business, usually citing a problem and asking for personal data to correct the problem. A new twist, called vishing, involves not only emails, but also follow-up phone calls from suspects trying to obtain personal information. Skimming occurs when a person, such as a waiter, takes your credit or debit card for payment. The card is swiped in an electronic reader and the data recorded and later used to create a fake card with the correct account information. This can be the most difficult to trace as consumers hand their debit/credit cards to merchants and their employees routinely.

There are also the cases in which the potential victim has no direct involvement at all. Think of recent news stories where databases have been lost or stolen along with thousands and even millions of individuals’ personal data per incident. More often than not, the data loss was not the real motive and was secondary to any actual crime, such as the theft of a laptop. In those cases, the involved individuals do not become victims of identity theft, but still have to remain vigilant.

People no longer use a personal seal to authenticate documents, but instead use numbers, usually a social security number or even a credit card number. Increasingly, merchants are requesting combinations of personal information in order to complete a transaction. For example, many online merchants request a customer enter a credit card number with the billing address for that card, even if the item is shipped elsewhere in order to verify that the purchase is legitimate. Some gas stations are now requesting the billing address zip code for credit card purchases as well.

The most common form of identity theft in more than ½ of the cases is simply the use of stolen credit cards to go on shopping sprees. This type of fraud is also the easiest to correct. However, about ¼ of the cases involve opening new accounts in the victim’s name and can be much more devastating and the impact can last much longer.

Rights and Responsibilities when Recovering from ID Theft

Everyone should understand their rights and obligations in regards to identity theft before becoming a victim. In general, victims are only liable for $50 for fraudulent debt. However, victims do need to notify their bank or credit card company within 60 days of learning of fraudulent activity. If an ATM or debit card is lost or stolen, victims need to notify the bank or credit union within two business days upon learning of the loss. In the case of fraudulent checks, victims need to notify the bank promptly in order to limit their liability.

Under Federal laws, everyone can obtain a free credit report once a year from each of the following three consumer credit-reporting companies: Equifax, Experian and TransUnion. Check the report for new accounts that you did not open. If you have been a victim of identity theft, you can place a fraud alert, which prevents new accounts from being opened in your name.

Many services offer protection from identity theft for monthly fees. Carefully evaluate the services offered to see if it is truly worthwhile for your situation. As noted, various laws limit the amount that a victim can be held liable for to $50 maximum. Be wary of the sales pitches that provide services already available free.

So what happens if you do become a victim of identity theft? The Federal Trade Commission (FTC) recommends placing a fraud alert with the three consumer credit reporting agencies and closing any accounts that may have been exposed to loss or accounts opened fraudulently. In addition, the victim should file a police report and file a complaint online with the FTC.

Unfortunately, filing a police report could be more difficult than it sounds. Identity theft often crosses numerous jurisdictions or is unclear where it exactly occurred. Police officers may refer victims to other agencies to file their report based on where part of the crime took place. The United States Department of Justice was involved in the development, along with several other organizations, of a national strategy to deal with identity theft. One of the recommendations is that police reports be filed in the jurisdiction where the victim resides. If a police agency is reluctant to take a report let them know about the recommendation. If the officer is still hesitant, ask that an ‘information only’ report be taken. Be sure to get the police report number for your records. Have an outline of the identity theft prepared ahead of time with dates, information on affected accounts, bank addresses and information on any other related police reports that may have been taken, as well as any suspect information, if available. This will make the reporting process easier and will help to make sure that no important information is forgotten or left out of the police report.

Solving ID Theft

Identity theft can be confusing and may happen in many different forms. One thing is clear – identity theft will continue, as the suspects evolve and develop new techniques to counter the steps used to thwart them. The FTC offers a wide-range of information on the Internet about identity theft and what to do if you become a victim. Protect your personal information; monitor your credit reports and review your account statements for any suspicious activity and you will minimize your risks.

 

Eric Smith, CPP is the leading authority on organizational self-defense. He has extensive experience in law enforcement as well as security management. Eric is available for staff education and security awareness training as well as business coaching to help organizations provide safe workplaces. To learn more email eric@businesskarate.com.

 

 

If you would like to reprint this post, please contact Eric at eric@businesskarate.com.

 

The 12 Crimes of Christmas

While most of us are getting ready for Christmas, there are those lacking the holiday spirit. With the added stress of the holidays, the parties, and shopping online or in the mall, there is a lot more opportunity for crooks to ply their trade. During the season, there are several crimes in particular that everyone should be on the alert for and take some extra measures to protect against.

1.     Robbery

With all the activity, shopping malls and parking lots can become a feeding ground for someone looking to steal from others. Shoppers with their arms full of bags and packages can easily become a target for a robbery. Suspects can lurk about undetected in busy crowds or unseen by distracted passers-by. A quick grab of a victim's packages and a run to a waiting car is all that is needed for this kind of strong arm robbery. A suspect using a gun or other weapon makes it more dangerous.

               Tip - Avoid overloading yourself with packages and walking alone through parking lots. Be alert to anyone sitting in cars in the parking lot or loitering about watching shoppers. Don't try to fight an armed suspect for property - only if your life is in danger. Don't forget the risks at ATMs.

2.     Identity theft

Christmas season is a great opportunity for identity thieves. Hiding in the crowds, it becomes easier to get passwords as people shop online at Wi-Fi spots or even use a cellphone to take a photo of a credit card to use the number online.

               Tip - Be wary of people using cellphones around you in lines or at Wi-Fi locations. Instead of texting they could be videotaping your card number, account user name and passwords. Check your credit card accounts for accuracy and report any suspicious activity right away. Same with bank accounts. If suspicious activity is reported right away, your loss is limited, generally to $50. Stay away from debit cards as a suspect can drain your account before you find out and then you have to work with the bank to even get your money back so the potential loss is greater, at least at first.

               Beware – most identity thefts occur by people we know – roommates, friends and relatives. These are the people in our homes who have easy access to credit cards and other ID information.

3.     Theft

Just as with robberies, it is easy to get distracted and leave items unattended or at least not closely watched. Where force or threats are used in robberies, thefts involve stealing something without the confrontation. Leaving a purse or package in a shopping cart and walking a short distance away is another example.

               TIP - Do not leave items unattended - ever!

               Did you know? The most commonly stolen items anymore are smartphones and tablets, such as iPads and iPhones. Keep a close eye on those electronic items.

4.    Phishing

With all the shopping including online, it is easy for crooks to send out blanket emails to potential victims, pretending to come from well-known online stores. An unsuspecting victim could respond to a believable email and respond to a convincing request to confirm account details. In short order, the suspect has the victims account details and can quickly get online to do their own shopping - at your expense.

               Tip - Even if an email appears to come from an account or online merchant that you have used, be wary that the email actually comes from the store. Check the link included in the email by hovering the mouse over the link. If the links do not match or do not appear to be from the vendor, do not click on it. Better to search for a phone number and contact the vendor directly to check for any problems.

5.     Burglary

This time of year there are a lot of reasons to be away from home. Christmas parties, work parties, family gatherings and shopping, not to mention vacations, keep us away from home more often than normal. But Christmas gifts probably sit under the tree, right by a front window, as part of the decorations. Burglars know this and are looking for signs that no one is home to break in and help themselves to your valuables.

               Tip – When leaving, be sure to set timers to turn on lights and keep gifts and other potential items of interest out of the view from windows. If you have Christmas lights, make sure that they come on even when you are not at home to give the appearance that someone is there. Nothing is more inviting to a burglar than a dark house and decorations turned off. Don’t let mail or newspapers pile up if you are out of town and have a neighbor shovel snow and even park in your driveway to give the appearance someone is home.

               The # 1 way burglars break into a home is through unlocked doors and windows – lock up before leaving!

6.    Vehicle trespass (car break-ins)

When running errands or picking up gifts, it is easy to make multiple stops and leave gifts in the car while inside another store. Crooks love window shopping too and will definitely look for items to steal.

               Tip – Keep valuables out of sight and in the trunk of your car. Try to time your stops so that little will be left in the car at any one time.

7.     Car jacking

Instead of a sleigh full of goodies, some crooks will look for a car loaded down with gifts.

               Tip – Keep valuables out of sight, in the trunk of your car and keep your doors locked. Always watch for anyone lurking about as you walk to and from your car and pay attention to any cars following you – yes, it does happen so if in doubt drive a few extra blocks to be certain no one follows you.

8.    Credit card fraud

Crooks get credit card information in many different ways. Going through the trash is one very low tech way. Meth addicts have been known to use their extra hours awake to reassemble shredded documents for ID theft, including all the mail with the credit card offers. A high tech way to get credit card info is to use skimmers, small devices that record account information. Make sure that card readers at gas stations or other locations work normally and if there is a problem, look for any unusual devices on the reader itself. Crooks sometimes put their own skimmers on and can be very hard to detect.

               Tip – As with other forms of ID theft, keep a close eye on all accounts. Ideally, never let the card out of your site. Even wait staff at a restaurant could keep a skimmer in their pocket to record your credit information.

9.    Family violence

This time of year we think of spending it with our families. Sometimes, that includes the crazy uncle or eccentric aunt. It can also mean violence from others you are around. The added stress of the holidays can contribute, especially if someone has a history of violence.

               Tip – If you have any concerns about others at parties or other gatherings, let family members you trust know beforehand. Limit alcohol and if someone does become threatening or violent, ask them to leave or even call police if necessary.

10. DUI

Speaking of alcohol, there is certainly a bit more this time of year with eggnog and holiday drinks and holiday parties. 

               Tip – When driving, watch the cars around you and keep your distance from cars weaving or driving erratically. When starting from a red light, check to make sure no one is running the light in the cross traffic.

11.  Road rage

 The stress of the holiday can really show itself on the highways as people are rushing back and forth and that can lead to some anger management issues behind the wheel.

               Tip – Do not get into pointless arguments on the road. If someone is flipping you off, ignore it and keep driving. Let aggressive tailgaters pass and if you are being followed, head to a crowded, public location, such as a busy grocery store. Use your cellphone to call police and pay attention to where you are and what street you are on.

12.  Vehicle theft

Our cars are one of our biggest and most valuable assets and we take them everywhere. And they could be a crook’s getaway car or a way to get extra spending money at your expense.

               Tip – Never, ever leave a car running unattended or with your kids inside to run a quick errand or warm up the car. Don’t leave the keys in the car. Park in well-lit areas; avoid isolated parking.

Seasons Greetings

From Business Karate

Eric Smith, CPP is the leading authority on organizational self-defense.  He has extensive experience in law enforcement as well as security management.  Eric is available for staff education and security awareness training as well as business coaching to help organizations provide safe workplaces.  To learn more email eric@businesskarate.com.

 

 

If you would like to reprint this post, please contact Eric at eric@businesskarate.com. 

4 Lessons from Wal-Mart’s Bribery Scandal

Bribery, corruption, illegal activity and lawsuits may make for a great Hollywood movie or an exciting novel, but when it involves your business, it can be disastrous.  Wal-Mart has found itself in this position over the last several weeks as allegations of $24 million in bribes were paid to Mexican officials in order to expedite the building process for new stores.

Sponsored Link-

Friend of Foe?  Learn how to deal with visitor access with this special report (click here).

The bribes reportedly started several years ago.  At one point, an internal investigation was conducted and was terminated when the recommendations came out that possible violations had been made and the incident should be reported to both Mexican and U.S. officials.  Allegations now point that senior executives within Wal-Mart were aware of the bribery and legal issues, but chose to do nothing.

The initial fallout has included a drop in the U.S. stock price for Wal-Mart, threats of lawsuits by shareholders, plenty of negative publicity and even possible criminal charges for violations of the U.S. Foreign Corrupt Practices Act. 

Lessons Learned

With any situation like this, it is a good time for reflection and looking at what lessons can be learned.

1. Don’t get cocky.  The first key point is that this could happen to almost any organization.  If you take the outlook that your enterprise could be vulnerable, then that is a major first step for making sure that your company doesn’t end up on the front pages.  By realizing the potential, serious steps can be taken to remove both the temptation and the means to become involved in corrupt practices.  Fraud, embezzlement or corruption can come at the highest levels and the higher in a corporation the higher the loss amount.  No one is above suspicions.  Bernie Madoff was a well-known financier and well respected, but committed one of the largest Ponzi schemes in history. 

2. Be wary of justifications.  Police officers talk to crooks, thieves, violent offenders on a daily basis.  When asking a suspect why they did what they did, invariably the response will involve some kind of justification.  It was not as bad as what someone else did.  “I only took a joy-ride in a car; it’s not like I murdered anyone.”  “He was going to kill me if I didn’t get him first.”  “She was cheating on me, that’s why I beat her good.”  No matter the crime, crooks will try to downplay or come up with excuses to justify it.  When employees at any level start justifying their actions, be very wary.  This could be the first step down a path that should not be followed.  In the case of Wal-Mart, it would be very surprising if there were never conversations that mentioned all businesses are doing it (paying bribes).  Or, that is how that country operates.  It is the only way to succeed without wasting time.  It didn’t hurt anyone.  All are likely excuses that an executive turning a blind eye probably made and many times over.

Suspects commonly try to justify their crimes.

3. Leadership cannot be ignorant.  The mindset or culture of honesty starts at the highest levels.  If an organization’s leadership ignores or deliberately remains in the dark about business operations, then it is much more likely to have corruption or fraud running unchecked.  In the case of Wal-Mart, the amount of the bribes was relatively small compared to the company’s worth and budget.  However, it would be interesting to know what questions the board asked about the subsidiary's growth in Mexico.  The country has been listed on the State Department’s travel advisory list due to increasing violence, it is well known that bribery, and corruption, is commonplace.  Did the board ever question how the growth projections were being met and what steps were being taken to ensure that Wal-Mart followed all the requirements of the Foreign Corrupt Practices Act?  As some pension groups have already sued the directors, hopefully the answers will come out down the road (although there will almost certainly be a settlement tied to non-disclosure of the terms). 

4. Pay attention to the warning signs.  Some warning signs may be subtle, such as unexpected acceleration of growth plans (presumably, the bribes would have achieved that).  Some warnings are not so subtle, such as a whistle-blowing warning of violations or an internal investigation that identifies possible legal issues and is shut down.  Again, if the highest levels of the organization are left in the dark or do not take action, the enterprise is very likely to end up with problems.  The board should review all serious allegations and investigations and be kept advised of the outcome.

Wal-Mart will survive this scandal.  The stock price will recover, lawsuits will be discretely settled and eventually the PR dust up will blow away.  For most organizations, however, this kind of scenario would spell doomsday.  Take steps to avoid becoming embroiled in corruption through solid and ethical leadership, open communications and a clear eye on the potential risks.

Eric Smith, CPP is the leading authority on organizational self-defense.  He has extensive experience in law enforcement as well as security management.  Eric is available for staff education and security awareness training as well as business coaching to help organizations provide safe workplaces.  To learn more visit http://www.businesskarate.com. 

If you would like to reprint this post, please contact Eric at eric@businesskarate.com. 

Anatomy of a Fraud

               Victor Lustig had all the trappings of being the perfect salesman.  He was able to convey confidence and build trust.  Even though he was in his heyday in the 1920’s, his 10 commandments could easily be mistaken for being part of a modern sales program. 

               The problem?  He was selling scrap metal – from the Eiffel Tower!  I know this sounds far-fetched and you have to wonder how anyone could believe it.  Certainly, it is a reflection on how convincing Lustig must have been, but also was not as ridiculous as the idea seems today.

               The Eiffel Tower was built in 1889 for the Paris Exposition.  Initially, Parisians hated it; most thought it was ugly and ruined the skyline.  One author of the time complained that he would eat at the restaurant in the Eiffel Tower, as it was the one place in Paris he could eat without seeing the tower on the cityscape.

               Furthermore, the tower was only supposed to last for 20 years before being taken down.  Modern technology saved it as the Eiffel Tower remained, albeit with the addition of radio antennas affixed.

               Even in that environment, Lustig had his work cut out for him.  So how did he succeed?  His first commandment was to be patient and listen.  Listening was the first step to build the kind of trust needed to make a sale – especially a dubious one.  Along those lines, he did not pry into personal matters.  He let the relationship develop with patience.

               Lustig would wait for his ‘mark’ to reveal their political and religious views and then agree.  He did not boast nor would he act bored, helping to make the other person the center of attention.  To further enhance and develop trustworthiness, he believed in being tidy and organized.  He would not get drunk and would carefully hint at intimate topics, only following up if there was an encouraging response.

Photo by Benh Lien Song

               From Lustig’s example and his basic fraud commandments, you can build a picture of what a ‘typical’ fraud might look like. 

1.      The In.  In as in intro.  The swindler needs to build that first step to get in with the target and start to build trust.  This can be an introduction by others, such as a church group (a common approach by many modern scammers).  It may be through past experience, such as Bernie Madoff, who, as chairman of the Nasdaq, seemed completely trustworthy.

2.     Build trust.  Once the foot is in the door, the swindler has to become a trusted source.  Listening, agreeing, and not boasting worked well for Lustig here. 

3.     The Hook.  The moment has come where the swindler must present his plot, but do it in a way that answers the question, “what’s in it for me?”  This could be done subtlety, or as we often see with great bravado – “Take this pill and lose 20 lbs in one week!”  The hook may be an appeal to help others, such as getting donations to a fake charity.  This happened recently in Denver where a calendar featuring firefighters was sold to raise money for a children’s group, but was actually going to the director behind the charity.

4.     Buy in.  Now it is time to close the sale, so to speak.  Once the trust has been built and the hook tossed out, the swindler has to get the mark to take the bait.  Generally, that means paying out money, or promising to pay, such as someone getting a will changed.  There will be some form of loss and a pecuniary gain, as lawyers like to say, for the suspect.

5.     The Bust.  One way or another, the fraud will be revealed.  Either when authorities arrest the suspect or when he has sailed off into the sunset absconding with the loot.  Either he/she will be busted or the victim’s bank account will be or maybe both.

               So how to avoid becoming a victim?  The two most dangerous steps are the hook and the buy in.  Check and double-check all the facts before turning over any money or items of value.  Make sure you really know whom you are dealing with.  Don’t be taken in by someone who seems nice or who agrees with you.  If you are, you may end up in step 5 with your savings going bust.

Photos courtesy of WikiCommons

              

Eric Smith, CPP is the leading authority on organizational self-defense.  He has extensive experience in law enforcement as well as security management.  Eric is available for staff education and security awareness training as well as business coaching to help organizations provide safe workplaces.    To learn more visit http://www.businesskarate.com/profile.html. 

If you would like to reprint this post, please contact Eric at eric@businesskarate.com.