Vol.III, No.10
www.renewssource.com
May 15, 2017
Is Your Personal Information “Out There?” By Pat Farrell
PRSRT STD U.S. Postage PAID San Antonio, Texas Paid Permit #1590
After looking at how identity theft can happen through the loss or theft of wallet or credit cards, it is time to take a look at what is happening “out there” on the web, as identity thieves are working 24/7 to find any and all particulars that may be available about you and/or your clients, because you are actually saleable commodities. Unfortunately the internet is a major platform for thieves to try to obtain sensitive information that includes such things as usernames, passwords, and credit card details by disguising themselves as trustworthy entities in some form of electronic communication, better known as “phishing” – the equivalent of dumpster diving on the internet. While it is more likely that an elderly person will respond to fraudulent ads or emails online, sometimes these “opportunities” or “warnings” can catch
others unaware as they seem to be so real. For example, if one receives an email displaying the trusted Microsoft logo that warns that there is a serious problem with the software on their computer, it could elicit enough concern that they will act upon it before noticing that their response is going to another site such as “Micosoft.com” (note the missing r) as opposed to the legitimate site for Microsoft. There have been other instances where an alert pops up, warning the user that the computer has been seriously compromised and urges them to call an 800 number to talk with a “technician” who will help resolve the problem. Naturally the technician on the other end of the 800 number is part of the scam and is usually able to convince the caller to allow them access to their computer so they can properly fix the problem. At that point everything on the computer is now available to the scammers. And, one of the most recent scams being perpetrated has media alerts now being issued to warn about receiving a Google gmail that may contain a booby trapped attachment which allows any information entered no to access the email, to be captured by identity thieves. The internet is a very complex entity where most of us spend our time on what is referred to as the regular or surface web. There we can access sites that have been indexed which makes them searchable by popular search engines like Google, Bing, etc. It has, however, been estimated that the surface web represents only about 4% of the entire internet. But there are also sites within the vast deep web which is essentially a subset of the internet, that are non-indexed, so they will not be found via your search engine, but
you can get there if you know the address. The deep web allows privacy when sharing information with others and affords members of groups the ability to link and to share data safely with other members which has been important to corporations, general businesses and private individuals who did not wish to share their data with outsiders. There is also another very active non-indexed area of the deep web, known as the dark web or darknet, that is comprised of subsets within the deep web, that require the use of specific software (ex. Freeware, TOR, 12P - in case you really want to go there) and perhaps additional authentication, to access the sites. Many of those actively engaged in criminal activities like assassinations, drug sales, gambling and pedophilia may have set up shop on the darknet to sell their wares and services because of the anonymity and relative protection provided. And this is the area where private information, full credit card data, names, addresses, phone numbers, birthdates and social security numbers of individuals are bought and sold daily. Is some of your information out there? Probably so! We wonder how did that information get out there? Maybe it was picked up when a public WiFi connection was used during a visit to the local coffee shop or during a hotel stay. Or maybe one’s home router has not been properly secured with a password, and any and all those who drive by have been able to access their connection and make good use of it. Perhaps someone previously provided information on a “trusted” site that was actually bogus and the criminal was able to collect all the data they were seeking. Maybe the last time someone
was at a restaurant their credit card was skimmed by the waitperson who was being paid to do so by a scammer. Or what if, instead of taking time to shred information, the folks were not being careful and just tossed their latest “Pre Approved” offers for the newest credit card, or the included checks to pay off all their debt. The information seekers love that. I am sure most have heard about the problem with criminals filing and collecting IRS refunds, long before the real taxpayer tries to file, and when doing so learns “that according to IRS information this return has already been filed and the refund has been sent, received and cashed.” All the required information had to be obtained by the criminal from somewhere, in order to allow them to benefit. Unfortunately we do not always have control over how our information is handled by others. Think of all the people and places that you are associated with that require your or your child’s personal information: schools, banks, doctors, clinics, hospitals, mortgage companies, credit card issuers, landlords, etc. – what if they are not careful with your information? And then there is “Ghosting Identity Theft” that refers to someone able to assume the identity of another, be it a senior citizen, child or someone who is deceased. While other identity thefts have usually been done for financial gain, ghosting may serve only as a means to gain a new identity if the old one is a problem. This especially applies to the assumption of the identity of someone deceased. Once the deceased is buried and the estate settled, the family does not usually know there is anything more to do, so thieves have plenty of time to establish