Archive for June, 2011

Fraud Alert or Credit Freeze, which should you do? by Henry Bagdasarian

This is a great explanation that keeps it simple!

Fraud Alert Or Freeze

Sometimes, individuals must select a credit report fraud alert or freeze as the best solution for preventing credit fraud when they face real threats of identity theft due to business notification of their lost or stolen personal information, or, when they suspect they might become a victim of identity theft. In order to decide which identity prevention tool is the best solution for your situation, you need to fully understand the purpose, features, benefits, differences as well as placement and removal requirements of both the fraud alert and credit freeze. Just in case you don’t have enough time to read this entire article but need to quickly learn about credit report fraud alerts and freeze, here’s a quick summary of what they are. A fraud alert can be placed on your credit report to notify creditors that any credit request to open new accounts or modify existing accounts under your name must be confirmed by you. This is to make sure that third parties, whether it’s a credit card company or a mortgage broker, validate your identity and ensure you are the person who has initiated the credit application. Although, there is no guarantee third parties will contact you because you placed a fraud alert, it’s definitely a good way to limit your identity theft risks if you suspect you are at risk. On the other hand, when a credit or security freeze is placed on your credit report, creditors can’t access your reports until you lift the freeze. And since creditors will not make any credit decisions without first looking at a credit report, credit freeze is definitely a better solution than fraud alert in our efforts to prevent identity theft

On the flip side, the placement and removal of credit freeze is much more time consuming than fraud alerts because it requires our direct and proactive involvement which may not be suitable for people who apply regularly for new credit accounts or modifications to existing credit accounts and who need a quick turnaround of their application. In some cases, it can take up to 3 business days to lift a credit freeze and it is also more expensive to place or remove a credit freeze. In summary, if you rarely apply for new credit or don’t mind the wait or the cost, a credit freeze may be just for you.

For those who want the flexibility of a quick turnaround every time they want to buy something on credit, they should consider a fraud alert. A fraud alert provides limited protection against identity theft because we are somewhat at the mercy of third parties to contact us and validate the credit request, but it’s better than having no alert or freeze placed on the reports. I’m not sure why we need to place fraud alerts and remind businesses to be extra cautious when making credit decisions but I guess that’s because we are still at the infancy stage of identity theft protection.

In conclusion, if you rarely apply for credit and want total control over your credit reports, go with a credit report freeze. And, if you often apply for credit to buy things and want flexibility and quick turnaround with limited identity theft protection, consider a fraud alert instead. You can’t go wrong with either a fraud alert or freeze for preventing credit identity theft since they are both better than having no protection at all.

To protect your existing accounts, you may also consider an account freeze if it is offered by your bank, phone company or other types of accounts. An account freeze will block any use of your accounts until you remove the freeze.

Press Release: Department of Justice Disrupts International Cyber Crime Rings Distributing Scareware

U.S. Department of Justice June 22, 2011

Office of Public Affairs (202) 514-2007/TDD (202) 514-1888

WASHINGTON—Today the Department of Justice and the FBI, along with international law enforcement partners, announced the indictment of two individuals from Latvia and the seizure of more than 40 computers, servers and bank accounts as part of Operation Trident Tribunal, an ongoing, coordinated enforcement action targeting international cyber crime. The operation targeted international cyber crime rings that caused more than $74 million in total losses to more than one million computer users through the sale of fraudulent computer security software known as “scareware.”

Scareware is malicious software that poses as legitimate computer security software and purports to detect a variety of threats on the affected computer that do not actually exist. Users are then informed they must purchase what they are told is anti-virus software in order to repair their computers. The users are then barraged with aggressive and disruptive notifications until they supply their credit card number and pay for the worthless “anti-virus” product. The product is, in fact, fake.

Warrants obtained from the U.S. District Court for the Western District of Washington and elsewhere throughout the United States led to the seizure of 22 computers and servers in the United States that were involved in facilitating and operating a scareware scheme. In addition, 25 computers and servers located abroad were taken down as part of the operation, including equipment in the Netherlands, Latvia, Germany, France, Lithuania, Sweden and the United Kingdom.

The first of the international criminal groups disrupted by Operation Trident Tribunal infected hundreds of thousands of computers with scareware and sold more than $72 million of the fake antivirus product over a period of three years. The scareware scheme used a variety of ruses to trick consumers into infecting their computers with the malicious scareware products, including web pages featuring fake computer scans. Once the scareware was downloaded, victims were notified that their computers were infected with a range of malicious software, such as viruses and Trojans and badgered into purchasing the fake antivirus software to resolve the non-existent problem at a cost of up to $129. An estimated 960,000 users were victimized by this scareware scheme, leading to $72 million in actual losses. Latvian authorities also executed seizure warrants for at least five bank accounts that were alleged to have been used to funnel profits to the scam’s leadership.

A second international crime ring disrupted by Operation Trident Tribunal relied on online advertising to spread its scareware products, a tactic known as “malvertising.” An indictment unsealed today in U.S. District Court in Minneapolis charges the two operators of this scareware scheme with two counts of wire fraud, one count of conspiracy to commit wire fraud and computer fraud. The defendants, Peteris Sahurovs, 22, and Marina Maslobojeva, 23, were arrested yesterday in Rezekne, Latvia on the charges out of the District of Minnesota. According to the indictment, the defendants created a phony advertising agency and claimed that they represented a hotel chain that wanted to purchase online advertising space on the Minneapolis Star Tribune’s news website, The defendants provided an electronic version of the advertisement for the hotel chain to the Star Tribune, and technical staff at tested the advertising and found it to operate normally.

According to court documents, after the advertisement began running on the website, the defendants changed the computer code in the ad so that the computers of visitors to the were infected with a malicious software program that launched scareware on their systems. The scareware caused users’ computers to “freeze up” and then generate a series of pop-up warnings in an attempt to trick users into purchasing purported “antivirus” software, which was in fact fake. Users’ computers “unfroze” if the users paid the defendants for the fake antivirus software, but the malicious software remained hidden on their computers. Users who failed to purchase the fake antivirus software found that all information, data and files stored on the computer became inaccessible. The scam allegedly led to at least $2 million in losses. If convicted, the defendants face penalties of up to 20 years in prison and fines of up to $250,000 on the wire fraud and conspiracy charges, and up to 10 years in prison and fines of up to $250,000 on the computer fraud charge. The defendants also face restitution and forfeiture of their illegal profits. An indictment is merely a charge and defendants are presumed innocent until proven guilty.

“Today’s operation targets cybercrime rings that stole millions of dollars from unsuspecting computer users,” said Assistant Attorney General Lanny A. Breuer of the Criminal Division. “These criminal enterprises infected the computers of innocent victims with malicious scareware, and then duped them into purchasing fake anti-virus software. Cyber crime is profitable, and can prey upon American consumers and companies from nearly any corner of the globe. We will continue to be aggressive and innovative in our approach to combating this international threat. At the same time, computer users must be vigilant in educating themselves about cyber security and taking the appropriate steps to prevent dangerous and costly intrusions.”

“This case shows that strong national and global partners can ensure there is no sanctuary for cyber-crooks,” said U.S. Attorney Jenny A. Durkan of the Western District of Washington. “We will continue to work with the public and the computer industry, to fortify our cyber defenses. A combination of safe on-line habits and smart technology will help reduce the threat posed by these organized criminal groups.”

“The global reach of the Internet makes every computer user in the world a potential victim of cyber crime,” said U.S. Attorney B. Todd Jones of the District of Minnesota. “Addressing cybercrime requires international cooperation; and in this case, the FBI, collaborating with our international law enforcement and prosecution partners, have worked tirelessly to disrupt two significant cybercriminal networks. Their efforts demonstrate that no matter the country, Internet criminals will be pursued, caught and prosecuted.”

Assistant Director Gordon M. Snow of the FBI’s Cyber Division said, “Scareware is just another tactic that cyber criminals are using to take money from citizens and businesses around the world. This operation targeted a sophisticated business enterprise that had the capacity to steal millions. Cyber threats are a global problem, and no single country working alone can be effective against these crimes. The FBI thanks the participating foreign law enforcement agencies for their ongoing partnership and commitment in disrupting this threat.”

Operation Trident Tribunal was conducted by the FBI’s Cyber Division, Seattle Field Office and Minneapolis Field Office; the Computer Crime and Intellectual Property Section and the Asset Forfeiture and Money Laundering Section of the Justice Department’s Criminal Division; the U.S. Attorney’s Office for the District of Minnesota; and the U.S. Attorney’s Office for the Western District of Washington. Operation Trident Tribunal was the result of significant international cooperation and substantial assistance from the Criminal Division’s Office of International Affairs. Multiple foreign law enforcement partners provided invaluable assistance in this operation, including the Cyprus National Police in cooperation with its Unit for Combating Money Laundering (MOKAS); German Federal Criminal Police (BKA); Latvian State Police; Security Service of Ukraine; Lithuanian Criminal Police Bureau; French Police Judiciare; the Netherlands’ National High-Tech Crime Unit; the Cyber Unit of the Swedish National Police; London Metropolitan Police; Romania’s Directorate for Combating Organized Crime; and the Royal Canadian Mounted Police.

To avoid falling victim to a scareware scheme, computer users should avoid purchasing computer security products that use unsolicited “free computer scans” to sell their products. It is also important for users to protect their computers by maintaining an updated operating system and using legitimate, up-to-date antivirus software, which can detect and remove fraudulent scareware products.

Additional tips on how to spot a scareware scam include:

Scareware advertising is difficult to dismiss. Scareware purveyors employ aggressive techniques and badger users with pop-up messages into purchasing their products. These fake alerts are often difficult to close and quickly reappear.
Fake anti-virus products are designed to appear legitimate, and can use names such as Virus Shield, Antivirus or VirusRemover. Only install software from trusted sources that you seek out. Internet service providers often make name-brand anti-virus products available to their customers for free.
Become familiar with the brand, look and functionality of the legitimate anti-virus software that is installed on your computer. This will assist you in identifying scareware.

Computer users who think they have been victimized by scareware should file a complaint with the FBI’s Internet Crime Complaint Center,

FBI Offers 10 Tips on Avoiding Fraudulent Charitable Contribution Schemes

FBI National Press Office (202) 324-3691

In response to the recent tornadoes that affected several Southern states and caused loss of life and flooding that has damaged property, the Federal Bureau of Investigation and National Center for Disaster Fraud remind the public to be aware of and report any instances of alleged fraudulent activity related to relief operations and funding for victims. Unfortunately, criminals can exploit these tragedies for their own gain by sending fraudulent e-mails and creating phony websites designed to solicit contributions. The FBI has already received complaints alleging fraudulent schemes.

Tips should be reported to the National Center for Disaster Fraud, (866) 720-5721. The line is staffed 24 hours a day, seven days a week. Additionally, e-mails can be sent to, and information can be faxed to (225) 334-4707.

The National Center for Disaster Fraud was created by the Department of Justice to investigate, prosecute, and deter fraud in the wake of Hurricane Katrina, when billions of dollars in federal disaster relief poured into the Gulf Coast region. Its mission has expanded to include suspected fraud from any natural or manmade disaster. More than 20 federal agencies, including the FBI, participate in the National Center for Disaster Fraud, which allows the center to act as a centralized clearinghouse of information related to disaster relief fraud.

The FBI reminds the public to perform due diligence before giving contributions to anyone soliciting donations or individuals offering to provide assistance to those affected by the tornadoes. Solicitations can originate from e-mails, websites, door-to-door collections, flyers, mailings, telephone calls, and other similar methods.

Before making a donation of any kind, consumers should adhere to certain guidelines, including:

*Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages, because they may contain computer viruses.
*Be skeptical of individuals representing themselves as members of charitable organizations or officials asking for donations via e-mail or social networking sites.
*Beware of organizations with copy-cat names similar to but not exactly the same as those of reputable charities.
*Rather than follow a purported link to a website, verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status.
*Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
*To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf.
*Do not be pressured into making contributions; reputable charities do not use such tactics.
*Be aware of whom you are dealing with when providing your personal and financial information. Providing such information may compromise your identity and make you vulnerable to identity theft.
*Avoid cash donations if possible. Pay by credit card or write a check directly to the charity. Do not make checks payable to individuals.
*Legitimate charities do not normally solicit donations via money transfer services. Most legitimate charities’ websites end in .org rather than .com.

Consumers can also report suspicious e-mail solicitations or fraudulent websites to the FBI’s Internet Crime Complaint Center,

Identity Theft of the Dead

I tell you the dead are not safe from Identity theft. Read the following FBI press release.

Doctor Pleads Guilty to Billing Medicare and Medicaid for Counseling Sessions with Dead Patients
Dr. Williams Claimed $2 Million in Phony Health Treatments, Saying It Was Group Therapy
U.S. Attorney’s Office June 06, 2011

Northern District of Georgia (404) 581-6000

ATLANTA—ROBERT WILLIAMS, 72, of Atlanta, Georgia, pleaded guilty today in federal district court on two counts of health care fraud as part of a scheme to bill for group psychological therapy that WILLIAMS never provided.

United States Attorney Sally Quillian Yates said, “With so many elderly citizens and others who need specialized psychological care, this defendant ignored his duty as a doctor and became a billing machine who claimed to treat patients who were in fact dead. This blatant attempt to rip off the system took funds and care away from real live patients with real problems. Medicare and Medicaid need all the money they can get for legitimate patient care and this physician will get none of that money.”

“This case sends a strong message that Medicare and Medicaid fraud will not be tolerated in Georgia,” said Georgia Attorney General Sam Olens. “At a time when our state budget is heavily strained, every dollar intended for the needy must reach the recipient. We will continue to work with our partners, the U.S. Attorney’s Office, and the FBI, to weed out fraud in Georgia.”

Brian D. Lamkin, Special Agent in Charge, FBI Atlanta Field Office, said, “Dr. Williams had for years, enjoyed a position of trust within the medical and health provider industry. He chose to abandon that trust and instead displayed a level of greed that will not be tolerated. Medicare fraud should be promptly reported to the nearest FBI field office so that the much needed federal health care benefits will be there for those individuals who truly need them.”

According to United States Attorney Yates, the charges, and other information presented in court: WILLIAMS was a licensed physician, practicing in the Atlanta area. From approximately July 2007 through October 2009, he contracted with a medical services company to provide group psychological therapy to nursing home patients in a variety of nursing homes. Under his signature, thousands of claims were submitted to Medicare and Georgia Medicaid seeking reimbursement for group psychological therapy that WILLIAMS purportedly provided to beneficiaries at several nursing homes in the Atlanta area. In many instances, however, WILLIAMS did not actually provide the therapy.

Specifically, from July 2007 through October 2009, Medicare claims data indicated that over 55,000 claims were submitted using WILLIAMS’ provider number for group psychological therapy. Those claims sought reimbursement for over $2,000,000, and ultimately caused Medicare to reimburse WILLIAMS over $750,000. For the same time period, over 40,000 Medicaid claims were submitted by WILLIAMS for group psychological therapy, causing Georgia Medicaid to pay out over $225,000.

An investigation of WILLIAMS’ claims showed that, in many cases, he sought payment for services provided to beneficiaries who were deceased at the time he purportedly rendered the care. In two cases, the patient died over a year before he was allegedly seen by WILLIAMS in the nursing home. Numerous claims were submitted to Medicare and Medicaid for group psychological therapy when the beneficiary was hospitalized at the time of service and, consequently, could not have received care at the nursing home as represented.

WILLIAMS was indicted on February 22, 2011 on 10 counts of health care fraud. Today WILLIAMS pleaded guilty to two of those counts. He could receive a maximum sentence of 10 years in prison and a fine of up to $250,000 for each count. In determining the actual sentence, the court will consider the United States Sentencing Guidelines, which are not binding but provide appropriate sentencing ranges for most offenders.

Sentencing has been scheduled for August 23, 2011, at 11:30 a.m. before United States District Judge Richard W. Story.

This case is being investigated by special agents of the Federal Bureau of Investigation and the Georgia Medicaid Fraud Control Unit.

Assistant United States Attorneys Kurt R. Erskine and Nick Oldham, and Senior Assistant Attorney General Nancy Alstrom from the Georgia Medicaid Fraud Control Unit, are prosecuting the case.

For further information, please contact Sally Q. Yates, United States Attorney, or Charysse L. Alexander, Executive Assistant United States Attorney, through Patrick Crosby, Public Affairs Officer, U.S. Attorney’s Office, at (404) 581-6016. The Internet address for the HomePage for the U.S. Attorney’s Office for the Northern District of Georgia is

Don’t be a Victim of Job Identity Theft Scams

Are you searching for a new job right now? In these tough economic times, identity thieves are taking advantage of vulnerable job seekers like never before with job identity theft scams. Whether they’re using job search sites like to “hook” an unemployed person with a job offer that may be too good to be true, then sending emails requesting bank account information and Social Security numbers, or even creating fake Web sites that don’t match the job description on a jobsite, scammers are relentlessly trying to steal your identity. Fortunately, by paying attention to ID theft warning signs and using tips to prevent ID theft, you can avoid the scammers and land a great job this year.

How to Spot Job Identity Theft Scams
How can you be sure job postings are legitimate and not job identity theft scams? Ask yourself these questions before you apply:

Does the company have a Web site?: If not, or if the information doesn’t match the company’s description on the jobsite, you should be extremely cautious. Although not all companies have Web sites, most do, and you can get a feeling for the company by visiting the site. Does it look professional? Does it have contact information? Another simple research tool is simply to use Google to see what search results reveal for the company (if they exist!)
Does the company ask for money to submit an application?: If you’re asked to pay anything before you can get information on the job, it’s probably one of the many job identity theft scams. This is especially prevalent in work-at-home jobs. Just remember that legitimate employers will never charge to hire you.
Does the company have references?: They work both ways. If you’re unsure whether an employer is legitimate, ask for references. Most companies will be happy to provide you with them.
Does the company make financial promises?: This is another favorite tactic of job identity theft scams. If a job listing guarantees financial success in a short period of time, you can bet they’re trying to drain your bank account in a short period of time.

Another easy way to spot job identity theft scams is to contact the Better Business Bureau to see whether the company has a high or low rating, and whether any suspicious activity has been reported.

How to Avoid Job Identity Theft Scams
Job identity theft scams are rampant online, so you have to be vigilant. Use common sense and follow these tips to prevent your identity from being stolen by unscrupulous identity thieves posing as employers:

Social Security number: A common job identity theft scam is asking you to provide your Social Security number before you’ve even had a face-to-face interview. Don’t fall for it. A scammer will ask for your SSN under the guise of needing to perform a background check, but a legitimate employer can’t legally do a background check until after the interview.
Financial information: Never provide any financial information, such as your bank account, until you’ve been hired. These types of job identity theft scams are made under the pretenses that the employer needs your financial information to perform a credit check. Not true. A legitimate employer can do a credit check with just your name, address, and Social Security number.
Online forms: Be very careful when completing forms for online job applications. These forms make capturing sensitive information easy for job identity theft scams. If you’re completing an application online, make sure the Web site is both legitimate and secure before providing personal information such as your Social Security number or driver’s license number.
Email: When communicating with an employer, always ensure the emails originate from the company’s email address, not a personal address. Legitimate companies will always send official communications through their company email address. Many job identity theft scams involve identity thieves using personal email addresses to impersonate representatives from a legitimate employer.

Want to learn more about preventing ID theft and avoiding job identity theft scams?
Contact The Identity Advocate at 310.831.4400 or via email at

Patient Privacy Rules from HHS

Health and Human Services has establish more patient privacy rules. See article at Employee Benefit News:

You are currently browsing the The Identity Advocate blog archives for June, 2011.