Home / Culture and Society / Science and Technology / How to Avoid Becoming a Victim of Identity Theft: Interview with Jeremy Duffy

How to Avoid Becoming a Victim of Identity Theft: Interview with Jeremy Duffy

Please Share...Print this pageTweet about this on TwitterShare on Facebook0Share on Google+0Pin on Pinterest0Share on Tumblr0Share on StumbleUpon0Share on Reddit0Email this to someone

With the recent news about the CEO of LifeLock having his identity stolen, I looked around the web searching for ways we could prevent ourselves from becoming a victim without having to pay monthly or annual fees.

Luckily, most of what companies like LifeLock and Free Credit Report do can be done by you and me for free.

In my search, I ran across Jeremy Duffy, who is something of an awareness advocate, offering many "How-Tos" on his website for free. And when I say free I mean it. No banner ads, no Google ads.

Jeremy Duffy has worked extensively on home computers since the mid nineties. After years of fixing his own computer problems, owning his own small business in computer service, and two college degrees, Jeremy has gained the technical skills to handle most of the problems normal home-users would face. Having worked in retail sales positions for almost 10 years, he has also seen the tricks and underhanded ploys that business will use to get your money.

In both cases, Jeremy has seen the ways that others will manipulate others for personal gain simply by exploiting their lack of knowledge of business and computer issues. As someone who values honesty and straight-forward dealings, Jeremy takes particular exception to manipulating others unfairly. It is for this reason that he started his Awareness Advocacy website and blog and also recently developed his seminar, "Computer and Internet Safety for Normal People". In each the goal is to provide the straight facts to equip a non-specialized citizen to deal with scams, manipulation, and fraud…

Jamison Braly: The first company many people think of when they think about protecting themselves from ID theft are companies like LifeLock. What do these companies do?

Jeremy Duffy: Besides taking people's money, not much. There are really only two categories of company such as this: monitoring services and insurance providers. Monitoring services essentially give you open access to your credit reports and send you alerts when there are inquiries or changes to your report. Note that this doesn't actually give you the ability to stop any of the inquiries; it just lets you know that something happened.

Insurance providers are nothing more than any insurance provider is, clean-up service. In theory, if you meet the conditions under which they will pay out, you will get some money as stipulated by your terms and conditions. Identity theft is a problem, true, but is it worth paying a monthly fee? Also, before you use any such service, you should ask yourself whether this company is solid and likely to be around when you have a problem. Will they pay out or shaft you as the car insurance companies often do?

JB: Do these companies do any more that we, as consumers, can't do ourselves for free?

JD: Yes and no. Monitoring services will let you access your credit report frequently and send you alerts rather than you having to go and check the reports yourself. Some people believe that it's just as efficient to order on of your free credit reports (you're allowed one free credit report per credit reporting company per year) every 4 months so that you're constantly monitoring your credit. That would be free, but it still requires more effort and is only checking every few months.

For insurance, there are many things you can do to reduce your risk to the point that the money would be better spent in savings or investments.

What about "Fraud Alerts"? Does this provide any comfort for a consumer worried about ID theft?

JD: To a degree. According to the FTC, with a fraud alert, "potential creditors must use what the law refers to as “reasonable policies and procedures” to verify your identity before issuing credit in your name". What constitutes reasonable can vary and, in my experience, retail stores aren't in a hurry to let a good sale go just because the buyer might be using stolen information.

JB: So rather than being aware of when someone steals our identity, how can we prevent it from happening in the first place when it comes to how and when we use credit and debit cards?

JD: Pay at the register in restaurants. This is to prevent "skimming", which is when a restaurant employee scans your card's information into a personal reader. This is much harder to do/impossible when you're standing right there the whole time watching.

Always cross out your card number on credit card sign slips. Many places only require a credit card number for a purchase. If your receipt contains your entire credit card number, you are making it easy for anyone who has access to that receipt to buy things with your card. Store employees, bookkeepers, anyone that goes through the company's trash, etc.

When shopping online, look for options to NOT store your number. There aren't many yet, but some stores provide an option to NOT store your credit card information in their system beyond the point at which your transaction is complete. Big stores like Amazon insist that storing your credit cards makes it easier for you to buy (and it does), but it also presents a security risk to you. If a given store doesn't have good security or if one of the employees feels like making some cash, the database storing the credit card numbers can be breached (a term I'm betting most people have heard about by now). Instead, if you can prevent the company from storing your credit card number in the first place, you're safe from breaches because they can't lose what they don't have.

Use virtual cards to make storing your credit card number impossible. This is one of the best ways to keep companies from putting you at risk by storing your credit card data. Some banks and credit unions allow you to create a "virtual card" for use in a single transaction. You specify the amount to put on the "card" and your bank gives you all the normal information that would be necessary for a credit card purchase. The key is that since the card is created for just this one transaction, any further attempts to charge the card are fruitless. This prevents the problem of breaches, but also issues with companies that don't let people cancel their accounts (which has sadly been quite an issue in recent years).

Never use "contactless" pay systems. RFID (Radio Frequency IDentification) technology is very useful for some things, but attaching it to your ID or credit cards is very dangerous. There have been many studies, experiments, and, sadly, real life situations where such wireless chips were cloned remotely. This means that I could sit on a bus across from you, have some equipment in my coat or briefcase that copies the data from all your cards onto mine. Now I can shop as if I was you and I never even stole your wallet. All I had to do was be near you for a bit. Note that in some cases, RFID chips can be read and cloned from hundreds of feet away.

Leave your cards unsigned and put CHECK ID instead. While this may not lead a company to carefully check picture ID and in some cases can cause them to refuse to give you service (based on the fact that most major cards aren't considered valid until signed), it usually doesn't create a problem, might cause difficulty for a thief who steals your card, and, most importantly, prevents someone who steals your physical card from copying your signature. Challenging false charges is much easier when the signatures don't match at all.

JB: What about when using our Social Security number or card?

JD: So many places ask for an SSN that don't need to. I've even had a video rental store ask for it once. Spreading this number around can cause you to be more at risk for ID theft so make sure you don't provide it without a fight. Ask them why they need it. Ask them if it's required. Ask them if they can use an alternate or generic ID number. If all else fails, lie using the "0" trick (when it's legal, ethical to do so).

JB: What about our personal data? How can we prevent ID theft when it comes to a need to give out this information?

JD: Protect your personal data at all times. The fact is that the more someone knows about you, the easier it is for them to harm you, people you know, or your place of business. That guy at the bus stop might seem friendly, but could just be sizing you up to see if your skull would fit the others in his collection. Or, more realistically, an employee of X company that you ticked off because you didn't buy the extended warranty and now they're going to get punished by their management might look up your address and slash your tires.

JB: Is purchasing online safe?

JD: I don't really have any issue with purchasing online, but be careful about which companies you do it with. Research them first via review sites, a Google (or other search engine) search, and friends (if they've used the site). Always pay with credit card NOT debit since there are federal protections on credit purchases, but not for debit.

JB: What can we do in and around our home to prevent ID theft?

JD: First, watch for RFID technology to become more commonplace. The industry is trying to get them into a variety of consumer products so they can better assess the things you buy and how you use them with casual scans of your house, your trash, or your person.

Second, don't use shopper reward cards or at least use fake data. The store will still get valuable statistics on shopping trends, but they won't be able to profile and send you junk advertisements. If you really trust the company, perhaps you can allow them to have the data and you might get ads for stuff you really want, but I think it's far more likely that they'll sell the data to someone who will use it in a less beneficial manner (less beneficial to you anyway).

Certainly shred your document (using the smallest output shredder possible) and be cautious about advertising the things you buy by leaving the product boxes at the curb. When you have company over, make sure your documents, ID, and such are not in obvious places. The vast majority of ID theft is committed by family/friends.

Powered by

About Jamison BraIy

  • I understand how Jeremy can offer this advice since it’s the same information that 98% of the folks out there think is Identity Theft, and really it’s only about 26%, and only one of five areas of Identity Theft!

    According to the FTC (Federal Trade Commission) there are five areas of Identity Theft – 1) DMV Identity Theft. This is where a person gets your ID and then gets a drivers license with their picture and your info on it. This can be done for under $30.00, from several website on the internet, and these are almost undetectable even by law enforcement because they have all of the holographic symbols and electronic strips. The ID thief then gets a ticket with you info and they don’t show up for court, YOU now have a bench warrant out for your arrest, and you don’t even know it until you are stopped for a simple traffic ticket, and you then find yourself face down on the hood of your car being arrested. 2) Social Security Identity Theft. There are nearly 40 MILLION Illegal emigrants in the US, who want jobs, and in order to get a job, they need a social security number, and they can purchase yours for under $50.00. They get a 1099 job with you social security number, and do you think that they are going to pay taxes on their income??? The IRS then sends you a letter demanding the taxes that their records show you owe. They then levy you paychecks and seize you bank account. I have lived through this nightmare, and then you have to prove that you’re you, and that your not the person that owes this money. 3) Medical Identity Theft. This is the fastest growing area of Identity Theft; this is where someone uses your insurance information to have medical procedures done in your name. A friend of mine was affected by this in the following way. He had a person get an AIDS test done in his name, and it came back that the thief was HIV Positive, this information was then entered into my friends MIB (Medical Information Bureau) record. My friend was then in an accident and was taken to a hospital who refused to treat him because his records showed that he was HIV Positive!!! 4) Character/Criminal Identity Theft. I don’t think that I need to convince you why a criminal would want to have your ID, especially if they were a pedophile. They are limited to where they can live. 5) Financial Identity Theft. This is the type that most people are aware of, this isn’t were someone gets your credit card info, or your bank account info, it’s where they open up new accounts that you are not aware of, and according to the FTC, if there are charges, you have 30 days to refute the charges, or you owe them!!! If you don’t know about the account, how can you refute the charges???

    Who are you going to call? CityBank? LifeLock? These companies don’t cover all area of Identity Theft; they are only credit monitoring services. There is only ONE company out there that have licensed investigators who will COMPLETELY RESTORE your Identity, and that is Pre-Paid Legal Services, with the Identity Theft Shield!!!

    I have been a victim of Identity Theft, I have tried several different programs out there, and have put Pre-Paid Legal membership to the test and have proved that they work, and all of the people that I work daily with who have also been victims.

  • What a great promotion for yourself (judging from your URL, you not only put pre-paid legal services to the test, but you administered the test yourself).
    Borderline Spam Comment as laid out in the “Comment Policy”, but in any case, thanks for the comment.

  • That was great information by Jeremy Duffy, but he did only spell out part of the identity theft problem. Its a whole lot more than what he wrote.

    And Jamison – I gained just as much insight into ID Theft in the previous comment as I did to your interview with Mr. Duffy. Thanks!

  • Yes, ID Theft is a much larger problem than what Mr. Duffy talked about, but he is an awareness advocate to mostly people who have no clue about this sort of stuff. His target audience would be that group of people who see an email from their “bank” that starts out with “Dear bank member” and think it really is from their bank.

    People like me and him know that ID theft and other scams can run much more deeply than discusses here, but I know as well as he does (Since I work at a school and encounter many parents and teachers with the same basic questions) that there is a need out there to teach people m any of the BASICS. And his awareness advocacy program does that.

    Teach the clueless the basics, then move them up.

    Thanks for the comment Mike, if Mark wants to promote his services and teach the masses a greater portion of ID Theft and it’s dangers, anyone of us blogcritics writers (including myself) would be happy to conduct an interview with him. He will get more promotion that way than by commenting. We welcome your solicitations for an interview Mark.

  • For those who bring up the point that I’m only covering a partial aspect of ID theft, you’re right. I’m a computer and technology guy and focus on what I know. If I was aware of a simple answer to some of those other kinds of problems, I would promote it as as well, but the only thing I can currently recommend is to be as private with your information as possible to limit the spread and get a credit freeze to prevent people from getting credit in your name.

    From what I see, while those other options are possible, they are far less likely and far easier to prove you weren’t involved with than a simple fake credit account.

    Other than that, pushing your state to pass strong data protection laws or a federal law outlawing data brokering would be a GREAT start.

  • Steve Sanchez

    Great topic and answers! As an ex-police officer I can appreciate all of your efforts, they are easily used without much effort and make such a big difference! Being a techie I’m surprised that you didn’t suggest to folks to sanitize (wipe) their hard drive from their old computers that they give away or sell.

    So much information can be retrieved from an old hard drive. Most are probably safe in the hands they are in, but you never know… and a google search can provide free resources for software that can do the trick!