So you’ve discovered that you’re a victim of identity theft, and you need to file a criminal complaint with law enforcement. Having a clear understanding of what your expectations should be in dealing with law enforcement, and what their role is and should be in mitigating the damage to your identity will give you the best chance of successfully cleaning up your good name.

The first thing a victim of identity theft should understand is that law enforcement probably won’t be able to catch your identity thief. It’s not that they’re not law enforcementcompetent, or that they don’t care. As any regular reader of ITRC blogs is likely already aware, the problem is that identity theft is a very 21st century crime and our jurisdictional system was designed in the late 19th – early 20th century to effectively police crimes that existed at that time. Identity theft as we think of it today did not truly become a major issue until the last few years of the 20th century.

Many cases of identity theft transcend traditional jurisdictional boundaries. A police officer in Arizona may or may not have the time and resources, let alone the authority, to help catch an identity thief in Florida. While there

are some exceptions to this general trend (as when the victim and the thief live in the same area, or the thief is known to the victim), generally the victim’s focus should be on cleaning up the damage and preventing future incidence of fraud, and not on catching the bad guy. Deliver what information you have to the police when you file your report, and let them determine the likelihood of bringing the thief to justice.

The good news is you don’t need to catch the thief to mitigate the damage from past identity theft, and protect your identity from future harm. The principle value of contacting the police for identity theft is simply to get the incident report. The existence of a police report gives your status as victim credibility. In order to mitigate the damage done from identity theft you may need to contact creditors, collection agencies, government offices, or anyone else who may have been affected by the illegal use of your personally identifying information.

The ability to provide a complaint made to law enforcement shows that you’re not just someone trying to cleverly skate on paying a bill. Having a police report is also a critical component to invoking your protections under federal laws such as FACTA, FCRA, and FDCPA. Understanding that in most cases of identity theft the report itself is a greater asset in your fight to restore your good name than seeing the criminal brought to justice is paramount when you seek the assistance of law enforcement.

“Helping Law Enforcement Help You” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the original article.

A company called OneID is developing some innovative and interesting solutions to identity and password security. Vinod Khosla, Founder of Khosla Ventures, one of the principle groups that invested heavily in bringing OneID to market, briefly outlined why his company was willing to infuse 7 figures of capital into this relatively unknown company in the information security space.

“We believe OneID will attract the most forward-thinking businesses to offer a more secure alternative to the way we sign in to sites and share personal information.”

Information security is an issue for every consumer today. In attempting to make their personal information as secure as it can be, consumers are routinely expected to handle a multitude of different usernames and passwords across various internet portals to manage each of their virtual profiles or identities. This obviously can be problematic, forcing the account user to choose between remembering literally dozens of different username/password combinations, or using the same username/password (or close derivatives) for multiple account credentials. Sadly, there is a great deal of potential damage which can occur if through cyber hacking or phishing, any one of these online identities is exposed. A hacker will understand that the email address and password for your Facebook account that they just harvested will likely be very similar to credentials used for your financial accounts.

When the hacker successfully opens a user account, it can often place the account owner in a “guilty until proven innocent” scenario, where they must actively prove they are not responsible for a certain online action or transaction credited to their identity. Businesses that rely on online transactions must invest more and more in password security, fraud mitigation processes, and consumer compensation issues. And, this problem is definitely not going away. As the prevalence of online commerce continues to grow, so too will the issues surrounding digital security.

The idea behind the OneID approach is to allow both consumers and online businesses to benefit from a highly secure digital identity system without sacrificing convenience. For consumers, the advantage will be that they will no longer need to remember multiple usernames and passwords; allowing for greater control of their personal, financial and credit card information. For online businesses, OneID hopes to provide a one-stop convenient, secure, and relatively thrifty solution to the digital authentication problem. It remains to be seen whether or not this will significantly reduce the costs and headaches associated with digital identity verification, but what is clear is this is an innovative, elegant new solution in the battle against digital fraud and identity theft. Now, which version of “GreenElephantTusks” did I use for my Yahoo password…..

“Introduction to the “OneID” System” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

Chances are you have a lot of accounts. Personally I have accounts (and passwords) for sites that I don’t even remember. And while I have more accounts than most due to my profession, I would bet many people deal with the same problem I do: Password Overload. Password overload is when you attempt to use your Pinterest, Twitter, work email and university login passwords (one after another) to get into your Money Market Account only to be locked out. Now you have to go into the branch with photo ID, or endure the dreaded “customer service hotline” (not-line) to prove that you are not indeed a thief. Maybe you haven’t experienced such an ordeal, but everyone has experienced something similar.

The problem seems like it could be easily solved by using the same password for everything. One password to remember, and no more jumbling through your notebook trying to find what password you used for your newest account creation or Facebook app. The problem with this approach is that if you are using the same passwords for all of your accounts, then if someone manages to get the password for say, your Instagram account, they would probably be able to drain your savings account, phish your family for personal information (such as your Social Security Number), or rack up a warrant in your name for writing bad checks…. This could all happen because you logged into Facebook at the internet café and re-use the same password for multiple accounts.

So, what do you do if you don’t want to tattoo 25 passwords on your arm (P.S. You would probably now have a MySpace log-in that would need to be covered up) and you don’t want to end up cuffed for felony check fraud? The answer is a password manager. This new service was created so that users can remember just one password, yet have access to all other passwords. The best part is that you can have access to these passwords from anywhere as most of the new password managers are internet based. As the need for password management increases, the options consumers have grown leaving even the strictest cybersecurity aficionado pleased with the service.

A few things you should look for when finding a password manager are:

  1. Is it cross platform? Will it work on your iPhone and your PC?
  2. How is the information (your passwords) encrypted?
  3. Does the service sync or will the user need to update the database every time they sign up for a new account?
  4. What is the initial authentication process and how strong is it?
  5. How reputable is the company who created the product and what is reported about the product itself?

By asking yourself these questions you should be on your way to making sure that your passwords are protected and you won’t lose your mind trying to keep track of them all. Just make sure you protect your login credentials for your password manager…. like really, really well…

“Too Many Passwords? Handle It…” was written by Nikki Junker. Nikki is the Social Media Coordinator at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

Are you considering selling your old laptop or smartphone? As some of us may be aware, deleting files or data from these mobile devices is not enough. The truth is that some of what we think are “files” in these devices are actually “shortcuts,” and deleting these from the devices will not delete the files themselves. Nowadays, personal computers and mobile devices, such as smartphones have replaced the old paper-file method for storing or even doing work. If you are thinking about selling or donating your personal laptop or any of your mobile devices, there are some precautionary steps you may want to take in order to ensure that any personal or sensitive information does not get left behind. Sensitive information left behind can be retrieved and pose a serious problem.

For computers there are two methods for getting rid of files or information stored in hard drives. These two methods are called reformatting and wiping the hard drive. When you format your computer, the files on the disk are not completely erased; it means the address tables are – where a search will prevent the files from being easily located. Formatting the disk is much more than deleting files, however, it is important to understand that it is not completely secure. Reformatting a drive may still allow your data to be recovered, making you susceptible to data theft.

So, it will all depend on the data you have stored in your device. Think about what you have used your computer for. If you have used your computer for online banking, paying bills online, personal email, storing income tax return forms, and/or other important documents – you may want to consider disk wiping. Disk wiping is the other alternative for computers – it removes software and data from the hard drive. The process of disk wiping overwrites your hard drive. If you are getting rid of your laptop, you may want to consider performing a disk wipe service. If unfamiliar how to perform it, there are technical support groups who may be able to perform this task for you.

Here is a link to an excellent short article on this practice: http://enterprisefeatures.com/2012/02/disk-formatting-vs-disk-wiping/

On the other hand, let’s talk about smartphones. It is said that if you have a Blackberry or Apple device – that data wiping will completely remove any stored data on your device. Therefore, you shouldn’t be worried about the possibility of someone hacking into the operating system and retrieving your data. You may either install wiping software or for these two devices, use the factory settings for data wiping. Now, we know there is a third party missing – the Android operating devices. There has been recently publicized advice that if you are considering getting rid of your Android device, that you are better off keeping it rather than letting it go.

Android devices also offer a factory data reset, where all the data on your phone is erased. While the phone is in use, the user can also setup data encryption, where all personal data on the phone is encrypted. In addition, files can be encrypted to your memory card and internal phone storage – you’ll find this under the storage encryption option. Regardless of the type of smartphone you use, you need to be aware of all the information it harvests, and make certain that data is not given away when you are done with the phone.

Ultimately, the truth of the matter is your security depends on the type of information or data you have stored in your device. Often times, if we store personal identifying information or sensitive information that can lead to identity theft, we should be very concerned of the possible threat if we haven’t taken the measures to appropriately delete or erase the data. Exercise precaution.

Facebook privacy seems to be an ever more common theme of discussion. While the positive uses for Facebook and social networking platforms like it are numerous, use is not without risk. Aside from malicious use of personal information stored on Facebook, controlling how you share your information is an imperative skill set for anyone who has a Facebook page and makes a living in the corporate world, where unflattering pictures or posts could result in a negative impact on one’s career. It’s important to note that photos and posts you’re tagged in can show up on your profile even if you didn’t post them yourself.

The best way to take control of what shows up on your Facebook is to understand how to control the privacy settings related to Facebook tags. Here is how you do it:

From your home page which displays your news feed. Click the drop down menu tab in the top right corner, designated by a down facing arrow directly to the right of the “home” button. From there click the “privacy settings” option. That will bring you to a page where you can customize what information you share and with whom. About half way down this page is a section that’s labeled “timeline and tagging” with an “edit settings” button directly to the right of it.
From this page you can control what things you can be tagged in and where it will appear. For those in the professional world, it is wise to select the option that requires all tags to be pre-approved by you the user, before it can show up on your profile page.

This way, no matter how inappropriate you behave on Friday night, you can rest assured the co-workers in your office won’t be snickering at them on Monday morning. You can approve the tags you like and reject the ones you don’t. Learning how to manage the flow of information displayed through Facebook is an essential practice for most users, and especially those with a professional reputation to protect. Spending 20-30 minutes perusing through this section is all it should take to be comfortable with the settings and it could save you a mountain of trouble later on.

“How to Stop People from Tagging You in Facebook Pictures” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

“Botnet,” has become commonplace terminology in the world of cyber-security. This term is used to refer to a network of private computers (or bots) infected with malicious software and controlled as a group without the owners’ knowledge. Major breach and hacking events over the past few years have awakened many to the potential dangers created by hackers with the ability to utilize other individual’s computers remotely.

Botnets are commonly used to mass email spam, malware, viruses, or to overload a specific website with so many simultaneous requests that it overloads the site causing it to temporarily shut down (commonly known as a DDoS attack).

Last week, the US Federal Communications Commission (FCC) launched a new voluntary U.S. Anti-Bot Code of Conduct (ABCs) for Internet Service Providers (ISPs). It creates new opt-in procedures for ISPs who are dealing with the networks of enslaved zombie computers.

According to FCC Chairman Julius Genachowski, “The recommendations approved [last week] identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners. Among these recommendations, were things such as: increasing end-user education to prevent bot infections; more aggressive and assertive detection of bots; notification to law enforcement government and consumers of potential bot infections; remediation of bots; and collaboration and sharing of information.”

Many large providers such as AT&T, Sprint, Time Warner Cable, and CenturyLink have all voiced their approval of this approach. They perceive there will be several benefits. The idea is to increase consumer goodwill through taking this active role in anti-bot activities. Some of the expected benefits of this new initiative are fewer calls to help desks from customers with infected machines, reduced upstream bandwidth consumption from denial-of-service (DDos) attacks and spam, and a drop in spam-related complaints.

“Introducing the New FCC Anti-Botnet Code” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

Most of us at some point in our lives have had to struggle our way through the difficult task of sorting through old pictures, scrap books, and family albums of a deceased friend or relative. The idea being that family members and loved ones may cherish the memories associated with these deeply personal reminders of a person’s life and experiences.

As more and more of these types of photos, albums, and shared experiences are becoming digitalized in social media platforms like Facebook, a new legal dispute has arisen, and has become more and more common. It involves the loved ones of someone who passed wanting access/ownership rights to photos, posts, and digital information shared on (and therefore owned by) Facebook.

Under Facebook’s current policy, deaths can be reported in an online form. When the site learns of a death, it puts that person’s account in a memorialized state. Certain information is removed, and privacy is restricted to friends only. The profile and wall are left up so friends and loved ones can make posts in remembrance. Facebook will provide the estate of the deceased with a download of the account data “if prior consent is obtained from or decreed by the deceased or mandated by law.”If a close relative asks that a profile be removed, Facebook will honor that request, too.

The problem is, for those of us without the foresight to leave our consent for family members with access our “digital estate,” loved ones longing for access to the shared memories on Facebook may be at a loss. The current standard operating procedure upon notification of a death seems to be to change passwords and lock down the account, prohibiting even close relatives from gaining access. Currently several states are pushing legislation through that would grant users rights to their “digital estate,” which would allow family members to have a kind of shared ownership right of the material on their loved one’s Facebook page. Right now, the only option for concerned relatives may be to bring legal action to compel Facebook to grant them access.

While it is stated in the Facebook terms of use that any and all material posted becomes the property of Facebook, with the rise of the digital age it is about time that social media users had more control over use and ownership of the personal material they post. Hopefully digital estate laws will catch on and become commonplace in the US over the next several years.

“Facebook Profiles and the Deceased” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

When identity theft strikes, it can be hard to know where to start.

The goal of the following information is to enhance your working relationship with law enforcement and credit investigators. It includes:

  • Why Should I Have To Do Most Of The Original Work?
  • First Steps: Prior To Talking With The Investigator
  • Making Your Report
  • Behind The Scenes
  • Evidence Issues
  • What You Can Do To Help Your Investigator

One of the most common complaints we receive from identity theft victims is that they feel that law enforcement doesn’t care. Many also complain that fraud investigators at banks and credit card companies don’t appear to have the victim’s best interest at heart. It’s possible, but more likely this feeling is related to poor communication and a lack of information.

The tips in this sheet will help you to focus on the pertinent facts.  It will also help you state your case in a way that is most useful to the police and fraud investigators

WHY SHOULD I HAVE TO DO MOST OF THE ORIGINAL WORK?

Fraud crimes involving identity theft are complicated. As one police detective said, the person who knows the facts and details of this case best is YOU. The ability to solve these crimes is usually contained in the details. When one person tells a complicated story, the person hearing the details may only get a rough idea of the situation. This is often what happens when a police officer takes a fraud report from a victim who may not understand which points are the most important to the case and which points are just not relevant at the time. By writing down the details for yourself, you will outline and organize the case in your mind so that you can tell the story clearly.

FIRST STEPS: PRIOR TO TALKING WITH THE INVESTIGATOR

  1. Prior to speaking with an investigator, start a journal so you can record details as they occur (refer to ITRC Fact Sheet 106 – Organizing Your Identity Theft Case).
  2. Rough Draft: Outline the story, in chronological order, exactly the way that you discovered it. Put down anything you think is important. Don’t censor your thoughts. You’ll edit it later. There are certain things that are important to include:
  • How you first discovered the fraud/theft – who told you and under what circumstances.
  • Any clues you may have as to the identity of the imposter – not guesses, but hard facts.
  • Locations where fraudulent applications were signed or submitted (presented in your name). Get exact addresses whenever possible.
  • Locations where the fraudulent activity occurred and/or purchases were made. Be as specific as possible.
  • Exact addresses where goods, services, utilities were delivered in your name.
  • Home addresses and telephone numbers listed on those applications.
  • Names used either as primary or secondary account holders.
  • The entire account number of any accounts that are referenced
  • The full name, address, phone number and date of birth (if you have it) of any suspect referred to in your case.
  • The names of any companies, investigators, or customer service representatives you have contacted about a potential fraud, and their phone numbers, emails, and fax numbers. Include dates and times you spoke to them and a brief summary of the conversation. You should ask each of these people for a letter to include in your file.
  • Photocopies of any letters, account statements, or correspondence you received regarding this case.

Some of the information on this list can only be obtained after you present a copy of the police report to the merchant or credit provider. Get together what you can for the initial report, then supply the additional information as you receive it.

  1. Working draft: Now write a concise narrative, removing any emotional responses (for example, “He was very rude to me on the phone.”). This draft will lengthen as you uncover more information. [click here for Example of Victim Summary or Narrative]
  2. Include your identifying information:
  • First, middle, and last name
  • Any prior names you had that may be involved in the crime
  • Home and business address
  • Home, business, and cell phone numbers

Be ready to provide, but do not record on this document, the following three items:

  • Date of birth (DOB)
  • Driver’s license number
  • Social Security number
  1. NOTE: Some states are “right to report” states, meaning they will take your report of identity theft regardless of if you have proof or not. Check our interactive map to see if your state is a “right to report” state.

MAKING YOUR REPORT

  1. Listen and Participate
  • Call your local law enforcement agency on the non-emergency number. It is very important to state that you are a victim of identity theft (or a victim of criminal impersonation if it is a case of criminal identity theft). Avoid using the word “fraud” as that is a different type of crime. Ask if they have a fraud or identity theft investigation task force who can take your report. If they do, ask to be transferred. If not, ask to speak to an officer or a detective.
    • Some departments will take your report over the phone, some will direct you to an online form, and some will only file an “incident” report (depending on evidence and situation).
  • Be polite and work with the officer. Make sure you explain that you need a report of identity theft so you can clear your name. In many cases, a thief is operating out of a police officer’s jurisdiction and the officer cannot pursue the case themselves. You can, however, request the officer forward the report to the jurisdiction where the crime occurred.
    • If the officer you are speaking with will not file a report, you can request to speak with the Watch Commander on duty. This is the person in charge of that shift of police officers.
    • If you still cannot file a report, show the officer this letter by the Federal Trade Commission to show the officer the importance of the police report.
    • If you are still met with resistance, go to the next closest precinct and try again. Report all officers who refused to assist you to the Attorney General’s office for your state.
  • Obtain a business card or write down the name and phone number of the officer who took your report, and write down the police report number.
  • Request a copy of the report. Ask how much it will cost and how long it will take to be ready.  They may charge you a fee and it can take up to two weeks for an official report to be made available to you.  Follow up as necessary to ensure you have a copy of your report. You may not receive notification when it is ready.
  1. Asking Your Questions – You may have some questions for the investigator once your report is made. These might include:
  • What are the procedures from this point forward?
  • Who is the primary contact for your case?
  • What should you do if you find out more information, or if you get another collection notice? Should you call, email, or mail it to them?
  • How long will it take to get a copy of the police report (or a letter of investigation if you’re contacting a credit card company)?
  • What can I (the victim) be doing in the meantime? Is there something I can do to move things along faster?
  • Is there any action I (the victim) might take that would harm the case?
  • What chance does the law enforcement officer think they have in catching this person? (Although it’s difficult to accept, your focus should initially be on clearing your name rather than getting an arrest.)
  • Can they provide any written documentation you can use to show you are not the imposter (for instance, a letter of clearance)?

BEHIND THE SCENES – WHAT’S TAKING SO LONG?

The handling of your report and case will depend on the available resources of the agency that takes the report. If law enforcement feels that the case is unworkable, then focus on clearing your name.

  • Your case will be referred to a fraud investigator. Depending on caseload size, this might take several days.
  • You will be called and told who will be covering your case. You may be interviewed by phone or asked to come in. If this is not possible due to work or distance, tell them so and try to arrange for an alternate way to gather information.
  • The detective will triage your case by reading the initial report in order to determine the potential for moving forward with the case. Remember, the better you communicate the crime, the better the opportunity for action.
  • As time permits, the detective will start to gather evidence IF they think there is a chance that they can make a case and find the imposter.
  • Your case will be one of many, as detectives rarely work on one case at a time. Your case may stall while they wait for a credit card company to send them the official copy of a fraudulent application, or while they wait for someone from the bank to return a call. Some banks and credit card companies could take several weeks and several reminder calls before sending out requested information.
  • If the detective is required to get a court order to get information, that will take additional time.
  • Your case might also get preempted if a detective is given a new case where the criminal has just been arrested. Many states have laws regarding a “48-hour rule.” This means that the officer has just one day to put together a case to present to the prosecutor on a suspect who has been arrested so the suspect can be arraigned on the charges within the second court day of his arrest. If not, the suspect must be released and cannot be rearrested for the exact same incident at a later date. So those types of cases always have priority.
  • Detectives rarely close an open case. It may seem like nothing is happening but they do remain aware of your case. Sometimes cases may sit for months with no activity, then suddenly the imposter does something foolish and evidence is found to tie them to your case.

EVIDENCE ISSUES

What might seem to you to be clear-cut evidence might not help your case due to various evidence laws. Law enforcement must clearly prove a chain of evidence that connects the crime to the imposter. For a more detailed look at “The Evidence Trail,” please read ITRC Fact Sheet FS 114.

  • “I threw some old checks in the trash. Why won’t you arrest him?” Taking paper from your trash does not prove that this person passed the bad checks. The police must have conclusive proof. Examples include a witness or videotape of the transaction.
  • “The only place I left an application with my middle initial was at the phone company. It must be the employee who took the info.” Again, where is the proof?
  • “The thief used a credit card to get a computer. I know the address it was delivered to.” The police must prove that the person receiving the merchandise committed the crime.
  • “I know the person who took my identity. He stayed at my house a couple of days.” The police must first prove that you didn’t give the suspect permission to take the info and that this “friend” actually committed the crime.
  • A criminal uses your stolen driver’s license. The imposter could claim, “I must have picked this up from the bar instead of my own. I thought it was mine.”

WHAT YOU CAN DO TO HELP YOUR INVESTIGATOR

Once you make your report, it is now the investigator’s case. However, you can ASK how you might help and work with them. This is not their only case, so respect their time and be brief in your phone calls. Get right to the point. Remember, rudeness never works. Identity theft cases are slow and may take months to complete.

  • Contact the detective when you have new evidence, but no more than once a week during the active period of the case.
  • Contact your detective once every 3 – 4 weeks even if you don’t have evidence to share. Do NOT telephone them more frequently than this. Ask about the status of the case.
  • Don’t use law enforcement or investigators as a therapist or a person to dump emotional frustration on.
  • Ask what you can do to help move the case forward. Is there anything they are waiting for? Maybe a call to your fraud contact at the bank or credit card company might help.

SOME FINAL THOUGHTS

As much as we would like them to, most identity theft cases do not end in arrest. Usually, this is not the fault of law enforcement; they are overworked and understaffed. Leads may not pan out, and evidence we thought might be perfect may not legally prove a case. We hope that you’re the case will end in an arrest and conviction, but if it does not, know that you did everything humanly possible. Many detectives face unsolved cases while hoping that sometime, somehow, a new piece of evidence will finally prove to be the imposter’s undoing.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Traveling overseas offers a unique set of risks for American consumers. Travelers by necessity have to carry several pieces of sensitive information like a passport, bank cards, drivers license, and an assortment of additional documents that could put them at risk if lost or stolen.

So the next time you’re traveling abroad, be mindful of a few tips you can use to reduce your risk of becoming an identity theft victim while in another country.To protect your identity while you travel within your own country or abroad, it’s a good idea to take the following precautions:

oversea travelTravel light: and we don’t mean that you should leave behind the extra set of shoes and winter coat. Leave behind unnecessary credit cards, bank cards, social security card – anything you have in your wallet that you won’t need on your trip. The less information you bring, the less you put at risk.

Make copies of your passport, driver’s license, and any credit cards you plan to take with you: Leave one copy with a friend or family member you can call while on your trip and keep one copy with. If your stuff is stolen while traveling, you will have the information you need to lock down your credit and start the process of obtaining new documents.
Leave the checks at home: You won’t need them while traveling, and most places have significant restrictions on check-writing these days anyway. Besides, checking account fraud is one of the most difficult types of identity theft from which to recover. Use cash and credit cards while traveling and pay the bill when you get home.

If you have a hotel safe, use it: Many hotel employees have access to your room and there is tremendous risk of burglary while you’re out. If the safe in your room is not working, ask for a room with one that does.

All that being said, there are so many wonderful places to travel throughout this world of ours and these tips will help you do so more safely! So get out there and see how amazing travel can be…oh and don’t forget your sunscreen!

“Guarding your Personal Documents While Traveling Abroad” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

Tax time, whether it’s in April, June, October or December, often puts important personal identifying information at risk for exposure. Your W-2’s, and other IRS reporting forms, include your Social Security Number and, in some cases, financial account information. These numbers can be a gold mine for identity thieves. Your personal information can enable thief to obtain a job, open up new lines of credit, access existing financial accounts or stock portfolios, get welfare, avoid a criminal history and generally create havoc in your life.

The question is: where are those forms kept in your home? Are they lying on a table top or somewhere anyone can see them? Or, are they in a locked box or file cabinet? Many consumers are not aware of the potential threat that these forms represent, and take little notice of the necessary steps which should be taken to secure these items. With this in mind, the ITRC wants to remind consumers and businesses to be careful when handling tax-related documents and information.

Here are some tips on how to minimize the risk of identity theft:

Paper security

Whether it’s in the home or in the office, make sure all tax documents and paperwork are secured in a safe, locked location at all times. Any financial statement or item which contains personal identifying information (PII) should not be left unsecured or visible to others.

Data on the Move

Financial documents don’t belong in a briefcase left unattended in your car. Law enforcement has reported increases in vehicle break-ins to steal items which can be used to commit identity theft. When transferring tax documents between home and the accountant, make sure they are hidden from view, i.e. locked in the trunk, at all times.

Computer Security

If your computer is linked to the internet, be sure to regularly update firewall, anti-virus, and anti-spyware software to protect you from attack. Since many taxpayers now file online, or store financial information on their computers, it is vitally important to install and update these types of security programs. Sensitive documents should be kept on a computer with a password protected log-on. This computer should never be used by children others who might install peer-to-peer software or expose the computer to unrestricted web browsing. These activities often result in security problems within days, if not hours.

E-Filing

While preparing your tax return for filing, make sure to use a strong password to protect the data file. Once your return has been e-filed, burn the file to a CD or flash drive and remove the personal information from your hard drive. Store the CD or flash drive in a lock box or safe. If working with an accountant, you should query them on what measures they take to protect your information.

Mail Theft Awareness

Be sure to retrieve your mail every day. An unlocked mailbox is an open invitation to an identity thief to steal your tax refund or other important documents. When mailing your tax documents, take them directly to the Post Office. Drop them in a box inside the Post Office. If you must use an outside Post Office pickup box, it’s best to drop your mail before the last pick-up of the day. Don’t leave tax documents in an outgoing mail box at work.

Tax Preparers and Personal Privacy

Be selective about who works on your taxes. Investigate tax preparation companies with the Better Business Bureau, especially new or seasonal offices. Ask the preparer how your information will be stored? Will it be encrypted? What computer security software is used? Who has access to this information? Has the person working on your taxes undergone a thorough background screening? How many years have they worked for the company? Do you see personal papers displayed on desks? Trust your impressions. If you feel uncomfortable, or doubt the firm’s commitment to protecting your privacy, take your business elsewhere. The phrase “buyer beware” especially applies to “on-line tax preparers.” Who are these people? What do you know about them? Are they really a company or legitimate accountant or is it a scam to gather Social Security and account information from you? Avoid doing financial business in supermarkets, or other public concession booths, where others may hear or see your transaction. Those mini offices are not soundproof – and criminals have been observed using binoculars or shoulder surfing to gather information. Go some place where you have privacy.

Tax Time Scams

If you receive an email asking for your Social Security Number or financial information, delete it or send it to the FTC at spam@uce.gov for investigation. The IRS does not send emails stating you are being electronically audited or that you are getting a refund. If you have any questions about an email you received from the IRS, or a letter that sounds suspicious, immediately call the IRS Taxpayers Advocates at 877-777-4778.

Document Disposal

Put papers you no longer need through a cross-cut shredder. These include credit card receipts, other papers with Social Security Numbers (i.e. income reporting forms), financial statements, health benefit statements and loan documents. Do not store these documents intending to shred them at some future time. As soon as you determine the document is no longer needed, shred it!

Document Storage

When storing your tax returns and other sensitive financial documents, use a locking file cabinet or even better, a safe. Make sure you know who else has access to this storage.

Employment Identity Theft

Identity theft goes beyond the well-known forms of financial identity theft. Sometimes identity thieves use your identity to get a job, obtain welfare, or medical services. They may be employed and using your Social Security Number – or even your child’s Social Security Number. In these situations, the IRS may send a notice indicating that more than one person is using a Social Security Number, or that you owe taxes. If this happens, immediately contact the IRS Taxpayer Advocates or the Identity Theft Resource Center at 858-693-7935 for assistance.