MyCRA Specialist Credit Repair Lawyers

Tag: credit fraud

  • Fraudsters cashing in on public fear over password security

    fake password checking siteAustralians are warned to be aware of a scam which is targeting public uncertainty following publicised hacking events or data breaches. People are being sent links to fake sites which ‘test’ your logon details for popular sites such as Twitter, LinkedIn, Facebook, Hotmail and Gmail. But be warned, many of these are fake password checking sites, or similar and are phishing for your user name, password and other personal information. We look at this scam in more detail, and how it could impact you and your credit file.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

    Giving away your details to these sites could put you at risk of identity theft and credit fraud– so the message from Australia’s ‘Stay Smart Online’ is – always be suspicious of sites asking for your user name, password or personal information. If you’re not sure – don’t take the chance.

    “Links to password checking sites often circulate on social media and email after publicised hacking events or breaches – such as the hacking of the Associated Press’s Twitter account – a time when checking the strength or security of your own account might seem appealing,” Stay Smart Online warned in an alert yesterday.

    SSO advises never to enter your username and password anywhere except on the site it is intended for:

    Don’t use links in emails or social media messages that take you to a log in page. Navigate there yourself independently to make sure you are on the legitimate site’s logon page.

    Make sure the addresses of the websites you use are correct.

    When logging on to a website, check for HTTPS (or a padlock) in the address bar. This is the secure form of HTTP. Websites that don’t offer HTTPS at logon are unsecured.

    Always be suspicious of unsolicited emails, especially those seeking personal or financial information.

    SSO says there are some legitimate password-checking sites out there, and some of the legitimate sites have been copied.

    Legitimate sites can use minimal information supplied by you, such as your email address (not your password!) to check your address against lists of stolen information found in data dumps on hacker sites. Other legitimate sites may offer to simply test the strength of your password. But trying to distinguish the real from the fake may not be worth the risk.

    SSO warns fake sites may be very difficult to distinguish from legitimate ones, and will simply collect your details.

    “…someone then has everything they need to access to your account,” SSO states.

    The danger in clicking on any link from an unknown source is not only that the personal information that you give out could be directly warehoused for future purposes of identity theft for fraud, but you could also end up downloading malware or a virus which takes that information from your computer.

    Recently MSN Money commented on this latest scam in its story Avoid Password-Checking Sites:

    Given that most people still use simplistic passwords and use them across multiple sites — as has been shown in a variety of data breaches and surveys — there’s a lot at stake when you give yours away. Imagine losing control of not only your social networks, but also access to your email, online banking and other personal and financial information.

    Even if you catch the breach quickly, it will still be a colossal pain to get everything back to normal.

    What can fraudsters do if they can get their hands on your personal information?

    They can steal passwords to your bank or credit accounts and they can also create a patchwork quilt of information that can allow them to eventually have enough on you to request duplicate identity documents, and apply for credit in your name.

    Running up credit all over town, perhaps buying and selling goods in your name, or in some cases mortgaging properties – the victim can have a stack of credit defaults against their name by the end of their ordeal – and sometimes no proof it wasn’t them that didn’t initiate the credit in the first place.

    Recovery can be slow, and in some cases victims have had no way to prove they weren’t responsible for the debt – with fraudsters leaving no trail and the actual identity crime happening long before the fraud took place.

    New laws coming through in March 2014 are aimed at protecting your credit file following an incidence of identity theft. If you know you have been scammed, you will be able to put a ‘ban’ on your credit file – so no one will be able to access your credit information – therefore protecting your credit information from misuse.

    But if you don’t know you have been scammed until it’s too late, or if you can’t pinpoint what’s happened to you, it may be still be difficult to protect your credit rating. So you have to be sure you protect all of that, by staying ahead of scams such as this, and by keeping strong passwords.

    MSN Money provides some tips from Microsoft about password security to consider when creating — or changing — a password:

    • Make your password at least eight characters long

    • Mix up the characters with capitals, lower case, numbers, symbols and punctuation marks

    • Change your passwords regularly

    • Use different passwords on different sites

    If you think you might have entered details into a fake site…

    * Change your password immediately. If you use the same logon information elsewhere you should also change these passwords, ensuring you create a unique password for each service.

    * Contact the Police – as well as your bank – especially if you have given over personal information to fraudsters. Don’t be embarrassed – it is only through identity theft being reported that data gets collected and appropriate preventative measures eventually get put in place. You should also contact the credit reporting agencies that hold your credit file and inform them that you may be at risk of identity theft.

    * Order a copy of your credit report. If there are any inconsistencies on your credit report – change of address, strange credit enquiries and credit you don’t believe you’ve accessed, then you may already be a victim – and should do all that’s possible to follow up on each account so as not to accrue defaults on your credit file that should not be there.

    Credit file defaults are difficult for the individual to remove and generally people are told by creditors they remain on our file for 5 years, regardless of how they got there.

    Although it seemed so easy for the fraudster to use your good name in the first place, you are now faced with proving the case of identity theft with copious amounts of documentary evidence.

    If you have neither the time nor the knowledge of our credit reporting system that you may need to fight your case yourself, you can seek the help of a credit repairer. A credit repairer can help you to clear your credit file and restore the financial freedom you rightly deserve.

    The reason a credit repairer is usually so successful in removing your credit file defaults, is their relationships with creditors, and their knowledge of current legislation.

    Visit www.mycra.com.au  for more information on identity theft or how to repair bad credit.

    image: foto76/ www.FreeDigitalPhotos.net

     

  • Cybercrime goes all the way to RBA but do our laws protect us?

    [fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” overlay_color=”” video_preview_image=”” border_color=”” border_style=”solid” padding_top=”” padding_bottom=”” padding_left=”” padding_right=””][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_color=”” border_style=”solid” border_position=”all” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” min_height=”” hover_type=”none” link=”” border_sizes_top=”” border_sizes_bottom=”” border_sizes_left=”” border_sizes_right=”” first=”true”][fusion_separator style_type=”default” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” class=”” id=”” flex_grow=”0″ top_margin=”” bottom_margin=”” width=”” alignment=”center” border_size=”” sep_color=”” icon=”” icon_size=”” icon_color=”” icon_circle=”” icon_circle_color=”” /][fusion_text]

    data breach notificationIt seems no Australian business is immune to cyber-attack, including the Reserve Bank of Australia which it was recently revealed has been hacked. A prominent cyber security specialist says cover ups happen all the time and that we must push for mandatory data breach notification laws to protect against the threat of identity theft and subsequent credit fraud. We look at the reality of these cyber-attacks, and the position SME’s find themselves in moving forward in issues of privacy.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

    How real is the threat of a major cyber-attack leading to mass money loss and credit fraud, or even cyber terrorism on our shores? As a recent story in the Australian Financial Review titled Attacks ‘highlight need for data breach notification law’ reveals, pretty real and it seems our lack of mandatory data breach notification laws is not only down-playing the threats Australians face, but could be helping these criminals.

    “Not a day goes by when someone is not attempting to hack into any of the banks around Australia.”

    This was a statement made by the outgoing technology chief of the National Australia Bank, Gavin Slater at a recent talk to investors.

    He also revealed that just a few weeks ago:

    “11 United States banks were targeted by terrorist organisations in response to something that happened in the Middle East.”

    So if our banks are constant targets, why aren’t we informed?

    It was recently uncovered that the Reserve Bank of Australia’s systems had been compromised by China-based hackers. In response, technology security experts, including the former head of investigations at the Federal Police’s Australian High Tech Crime Centre, Nigel Phair called for the passing of long planned mandatory data breach notification laws.

    Mr Phair, who is now Director of the Centre for Internet Safety at the University of Canberra says the breach highlights the need for these laws to be passed.

    “The RBA story was hugely important, because the attack happened some time ago, and we only found out about it because of a freedom of information request,” Mr Phair said.

    “We desperately need data breach legislation; we are quite behind in ­global terms on that, to force businesses to disclose when sensitive data is breached. I don’t know what is holding it up, and I would like to think it is achievable. It will help other government agencies and businesses, to be aware that it is not just them being ­targeted, that the threats are pretty wide ranging,” he told the Fin Review.

    Mr Phair said many businesses wanted to avoid bad publicity and that it was understandable they would try to keep news of the loss of any intellectual property and customer details quiet. He said for listed companies, the fear that investors would be spooked was a big factor. But he said the current code of silence was only making it easier for cyber criminals.

    The Fin Review revealed these statistics on data breaches:

    KPMG estimates that 75 per cent of the 1000 largest Australian companies have had a material data breach, reported to cost Australian companies an estimated $2.16 million per company per year, according to a 2011 study by the Ponemon Institute. The Australian Bankers Association has defended the strength of IT security processes in Australia’s banking system.

    ABA chief executive Steven Münchenberg recently told The Australian Financial Review that there were no reports of similar attacks on other local banks, and that effective processes were already in place to co-ordinate fraud investigations with federal and state police.

    “The Australian Bankers Association is not aware of any successful ­hacking attempts on Australian banks,” Mr Münchenberg said. “Banks have systems in place to protect customer information and accounts – such as employee training, employee accountability, strict privacy policies, rigorous security standards, encryption and fraud detection software.”

    “The nature of these discussions needs to remain confidential as any details may be misused by criminals,” Mr Münchenberg said.

    But Mr Phair elaborates in the Fin Review how easily cyber-attacks play out in business situations:

    Mr Phair warned that a significant number of Australian businesses and government agencies were ill-prepared for the kind of social engineering attacks which penetrated the RBA. In the attack it just required internal staff to be tricked into clicking on a fake email purporting to be from management.

    “Lots of organisations like the RBA have great perimeter and other security mechanisms in place, but this was basically just a phishing, social engineering attack. If I was a decent cyber criminal, that is what I would be doing,” he said.

    “People are the most susceptible and the weakest link, so you target them with what looks like a bona fide email, with an executable file in an attachment, and that is how you gain a weakness.”

     Mr Phair said the RBA’s subsequent claims that the attacks had been contained and that no sensitive information had been stolen were largely a public relations move to calm fears in the market.

    He said it was not really possible to tell exactly what people do once they have had access to networks.

     He also believed the problem was much wider spread than is ever reported, because a large number of hacking victims remain ignorant of the fact.

    “The RBA was right to come out with its public response.

    “The average person out there reading your pages would like to know that the RBA is protected,” Mr Phair said.

    Last October, the federal government was considering requiring companies to notify customers and the public of serious data breaches. However, the Fin Review reports it is over four years since a similar recommendation was made by the Australian Law Reform Commission.

    The then attorney-general, Nicola Roxon, published a discussion paper on potential implementation of plans, which could require companies and public-sector agencies to notify the Office of the Australian Privacy ­Commissioner when names, addresses and financial data are leaked or obtained by someone else.

    A spokeswoman for Attorney-General Mark Dreyfus said there were voluntary guidelines on how Australian companies and organisations should report a security breach, but increasing risks meant tougher laws could be on the way.

    “The Attorney-General is considering proposals that would require companies to report to consumers and the Commonwealth Privacy Commissioner when a data breach occurs, to improve privacy, bolster the security culture within organisations and bring Australia into line with international jurisdictions.”

    SME’s and Data breach notification.

    data breach notification SME'sData breach notification is a complicated issue. Yes, by sharing how threats have occurred we could be inviting copy-cat attacks. But Australians need to be made aware of what could threaten them.

    There has been much criticism after past data breaches such as the well-publicised Sony data breach, that companies who have in the past “held out” on their customers following a data breach, waiting days or up to a week or so to notify customers were putting the consumer’s personal information may be at risk.

    And rightly so. During the time, of ‘silence’ it can be argued that hackers have free access to this personal information without the consumer being able to do anything to minimise their own risk, such as cancelling accounts, changing passwords and flagging their credit accounts and credit file.

    For small to medium businesses, we need to make plans and take precautions to prevent future attacks and protect our consumers – and without the requirement out there to disclose data breaches SME’s are missing a big opportunity to be guided by the example of big business in how to handle (or not to handle) cyber-attack.

    That wider issue is what Australian SME’s face today – we are in the firing line for cyber-attacks simply by having a website, and staff with email addresses – but we rarely have the same security capabilities, the same profit margin and in many cases the same ‘publicity’ power that large entities would have. I can’t help imagining that as data breach laws begin to be enhanced, that SME’s could become the section of business most concerned with privacy issues, and the application of privacy law and indeed lawsuits against SME’s could be just as big a threat as the data breaches themselves.

    That is another reason why big business needs to set the example. Until the law requires them to do so, it would be ideal for them to voluntarily disclose data breaches as they  occur, with a view to educating the whole community on the nature of cyber-attack, and showing examples of the correct process for both preventing occurrences and dealing with them when they happen.

    Currently, the best place to go for up to date information on cyber-security and your rights and obligations is the Office of the Australian Information Commissioner (OAIC). The OAIC’s article A Guide To Handling Personal Information Security Breaches is really essential reading for SME’s and includes information on obligations under the Privacy Act 1988, and advice on both handling a data breach, and preventing future data breaches in your company.

    As consumers.

    If you suspect your credit accounts may have been affected by identity theft – either through a cyber-attack or any form of credit fraud, you should do three things:

    1. Contact Police to report it.

    2. Notify your banks and Creditors.

    3. Notify the credit reporting agencies which hold your credit file.

    Act quickly. The faster you are able to take these actions the better you will be able to protect your credit file from impairment.  Catching identity theft early could prevent defaults and other credit listings.T

    This is why mandatory data breach notification is so important from the perspective of the consumer. Recovering your clean credit file following identity theft which has led to credit fraud can be difficult for individuals to do, as you have to prove you didn’t initiate the credit in your name.

    For further help or advice contact a MyCRA Credit Repair Advisor on 1300 667 218.

    Image 1: renjith krishnan/ www.FreeDigitalPhotos.net

    Image 2: AscensionDigital/ www.FreeDigitalPhotos.net

    [/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

  • Threat of identity theft looms as business cyber-assaults take new form.

    cyber-assaultMedia Release

    Threat of identity theft looms as business cyber-assaults take new form.

    20 February 2013

    The ramping up of efforts by fraudsters to go after Australian businesses holding personal information could contribute to a greater risk of identity theft and subsequent credit fraud for Australian consumers, warns a consumer advocate for accurate credit reporting.

    Yesterday new Attorney-General, Mark Dreyfus QC advised that recent national survey results for more than 250 major businesses show cyber-crime is becoming increasingly targeted and coordinated, with one in five businesses experiencing one in the last year.

    Mr Dreyfus said that cyber assaults have shifted from being indiscriminate and random to being more coordinated and targeted for financial gain. Most occur from outside the business, although it appears internal risks are also significant.[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][i]

    The 2012 Cyber Crime and Security Survey Report commissioned by CERT Australia and conducted by the Centre for Internet Safety at the University of Canberra revealed that most serious assaults involved the use of malicious software, theft or breach of private information and denial-of-service.

    In one case, an organisation reported the theft of 15 years’ worth of critical business data.

    A third of instances involved the theft of notebooks, tablets or mobile devices.

    CEO of MyCRA Credit Rating Repair, Graham Doessel says Australians should feel concerned about where their personal information could be exposed to potential company data breaches, as personal information has become a valuable commodity used to commit identity theft and potentially ruin the victim’s credit rating and their financial future.

    “We can’t take lightly the possibility that any company that keeps data on its customers could be at risk of cyber-crime. Identity theft is becoming more prevalent, and personal information is lucrative for fraudsters,” Mr Doessel says.

    Last week the Australian Taxation Office (ATO) announced the identities of four tax agents were stolen and used to fraudulently obtain AUSkeys giving access to specialist tax agent online services.

    Whilst the ATO was able to contain the threat, and cancel the AUSkeys, it said in a statement to the media that doing business online has benefits, but also comes with risks.

    “People looking to commit identity fraud constantly look for ways to profit so it is critical to remain vigilant regarding your personal information and online security,” the ATO statement said.[ii]

    Mr Doessel says this instance is one of a long line of assaults on Australian businesses and government entities in recent years.

    “Unfortunately it seems everywhere people turn one entity or another has been hacked – and it seems everyone with a computer is at risk. It is still extremely scary the level of risk peoples’ personal information undergoes these days when it is stored online,” he says.

    Personal information in the wrong hands can lead not only to identity theft but credit fraud, which involves the use of the victim’s credit rating, which can have significant long term consequences.

    “Basically, a lot of identity fraud is committed by piecing together enough personal information from different sources in order for criminals to take out credit in the victim’s name. Often victims don’t know about it right away – and that’s where their credit file can be compromised,” he says.

    He says once the victim’s credit rating is damaged due to defaults from this ‘stolen’ credit, they are facing some difficult times repairing their credit rating in order to get their life back on track.

    “These victims often can’t even get a mobile phone in their name. It need not be large-scale fraud to be a massive detriment to their financial future – defaults for as little as $100 will stop someone from getting a home loan,” he says.

    Once an unpaid account goes to default stage, the account may be listed by the creditor as a default on a person’s credit file. Under current legislation, defaults remain on the credit file for a 5 year period.

    “What is not widely known is how difficult restoring a credit file can be – even if the individual has been the victim of identity theft, there is no assurance the defaults can be removed from their credit file. The onus is on the victim to prove their case and provide copious amounts of documentary evidence,” he says.

    Changes to the Privacy Act 1988 should help consumers collectively when businesses experience cyber-crime which leads to a data breach.[iii]

    From March 2014, increased powers of the Privacy Commissioner will force organisations that experience a breach to do something about it. Previously, the Commissioner could investigate and make recommendations as to what the organisation should do, but it had no way of requiring the organisation to take action.

    The Commissioner can also issue civil penalties to organisations that experience a breach and either fail to take reasonable steps to protect the information entrusted to them, or fail to adequately respond.

    Mr Doessel says consumers need to be insisting that the companies who hold their personal information have adequate tools to prevent a data breach, but he says despite this, the changing nature of cyber-crime means it can be difficult to keep up with the technology of fraudsters.

    “Despite our best efforts to keep our details safe, we don’t have control over the IT systems of the company which holds our information, so we have to place a lot of trust in them to stay one step ahead of fraudsters. With most organised crime gangs now placing identity theft on their repertoire, more damaging and more frequent assaults are probably imminent in the future,” Mr Doessel says.

    He says as a matter of routine, consumers should check their bank and credit card statements thoroughly when they come in, and should also order a copy of their credit report regularly – which would indicate if their credit file had been misused.

    Under current legislation a credit file report can be obtained at no cost every 12 months from the major credit reporting agencies Veda Advantage, Dun and Bradstreet and TASCOL (if in Tasmania) and is sent to the owner of the credit file within 10 working days.

    /ENDS.

    Please contact:

    Lisa Brewster – Media Relations media@mycra.com.au

    Graham Doessel – Director Ph 3124 7133

    Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog

    MyCRA Credit Repair 246 Stafford Rd, STAFFORD Qld

    MyCRA is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files.

    ——————————————————————————–

    [i] http://www.attorneygeneral.gov.au/Mediareleases/Pages/2013/First%20quarter/18February2013-CyberattacksonAustralianbusinessmoretargetedandcoordinated.aspx

    [ii] http://www.ato.gov.au/corporate/content.aspx?doc=/content/00345567.htm

    [iii] http://www.oaic.gov.au/privacy-portal/resources_privacy/Privacy_law_reform.html#whats_changed

    Image: Victor Habbick/ www.FreeDigitalPhotos.net[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

  • Has your tax file number been given out to debt collectors?

    If you have a tax bill you haven’t paid – be aware your tax file number may have been given out to debt collectors contracted by the Australian Tax Office. This is despite the recent warnings from the ATO that compromised tax file numbers are leading to identity theft. We look at the story behind this recent revelation and report on the prevalence of tax file number – related identity crime. Identity theft can lead to credit fraud which can leave you in debt and with bad credit history.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    The Herald Sun reported yesterday in their story ‘Debt collection agents given tax file numbersthat the ATO gives out the tax file numbers of consumers whose debt they are referring to debt collection agencies. The numbers are used for identification purposes.

    “THE tax file numbers of Australians are being passed on to contracted third-party debt collection agencies by the Australian Tax Office, despite the ATO claiming compromised tax file numbers are leading to identity theft,” the lead in states.

    This surprising revelation comes after the Herald Sun revealed this month there had been a surge in compromised tax file numbers. See last week’s post ‘Over 23,000 accounts of tax file number identity theft last year.’

    The newspaper published data from the Australian Taxation Office showing over 23,300 Australians had their tax file number compromised in the 2012 financial year. This was up from 22,000 last year.

    Likewise, ATO’s August campaign involved urging consumers to keep their tax file numbers safe to avoid identity theft. They revealed that scams such as fake job ads and bogus ATO emails were leading to compromised tax file numbers and identity theft. Here is an excerpt from their media release ‘Scammers target job seekers’ with comment from Tax Commissioner Michael D’Ascenzo:

    “Personal information can be used by scammers to lodge false tax returns in your name, enable the use of your credit cards or even result in people taking out a loan in your name. In some cases, identity crime can take years to resolve.”

    This year there have been over 6,000 reports from the community about bogus e-mails using the ATO brand, and over 4,000 reports of attempted phone scams.

    At this time of year when many people expect refunds, scammers use the opportunity to pretend to be from the ATO.”
    Only certain people and organisations can ask for your TFN, the most common being:

    • the ATO, when discussing your tax records
    • your employer, but only after you start work
    • your bank or other financial institutions
    • Centrelink, and
    • your superannuation fund.

    It was not mentioned which people and organisations are commonly recipients of Australian tax file numbers.

    ATO response on tax file number referral

    The ATO told the Herald Sun that contractors use the numbers for identification purposes only and said there is no risk because strict security requirements are placed on them.

    Here is an excerpt from the Herald Sun story:

    Four companies are contracted to do debt collection for the ATO and only two responded to queries from the Herald Sun asking about security arrangements or how many staff would have access to public tax file numbers.

    The ATO stated: “The four debt collection agencies we use are subject to strict security and privacy provisions as part of their contract. Any breach could nullify the contract and result in prosecution.

    “No taxpayer information, including tax file numbers, is to be sent overseas.”

    The ATO added that every two years it checked the premises and IT systems of third-party debt collection companies, and the last checks were done between July and October this year with no major risks or breaches identified.

    But the country’s biggest accountancy body has expressed concerns about the use of tax file numbers when not necessary.

    “If the tax office is sharing TFNs with third parties, regardless of the contractual arrangement, then there is a concern and a great risk … that the information is distributed, that the information could be misused somewhere along the line,” CPA Australia head of tax Paul Drum said.

    “In that regard, it seems unusual that the Tax Office would need to provide a TFN when the information provided to the debt collectors includes a claims reference number anyway.”

    Whilst the security checks employed by the ATO seem acceptable, I too question the requirement for sharing of this crucial financial information to outside bodies if not absolutely necessary.

    In this day and age when instances of identity fraud are reportedly on the rise, and becoming more sophisticated by the day; when we are urged by Government, by law enforcement, by banks, even by the ATO to regard our personal information as a valuable commodity – it seems unusual that the policy for sharing this crucial financial information still remains in place.

    Identity crime and your credit file

    Compromised personal information in any form is a big threat to our credit file health.

    If fraudsters get hold of your identity information they can duplicate it, and attempt to take credit out in your name. If successful, they can borrow anything from credit cards, mobile phones, cars, even mortgage properties. They are never so kind as to pay that debt back – so your credit file, your good name is left compromised and you are left with debt you didn’t initiate.

    It can be difficult to correct any credit file discrepancy – but identity crime can be even more difficult to remove from your credit history – because you have to prove – somehow – that you didn’t initiate the credit in the first place. This can involve evidence that you may or may not have. You may not be able to get any documentation, and also the identity theft could have occurred long before you find out about it.

    If you find out any personal information is compromised, or you know you are the victim of identity theft, the best place to go first if the Police.

    Once you are in a position to try to recover your good credit history, a Police report will go a long way to proving your innocence.

    Police may also advise you of other avenues open to you as well as an identity theft victim, such as requesting a Victims of Commonwealth Identity Crime Certificate.

    If you need help recovering your credit file health for whatever reason, contact a Credit Repair Advisor on 1300 667 218 or for more information visit the MyCRA Credit Rating Repairs website www.mycra.com.au.

    Image: Arvind Balaraman/ www.FreeDigitalPhotos.net

  • New laws to penalise identity thieves

    The Attorney-General Nicola Roxon announced yesterday new laws in Australia will mean white collar criminals and serious and organised crime groups will face tougher penalties. We look at what those penalties will mean, and how they can prevent identity theft and subsequent credit fraud leading to bad credit history.

    This week is National Identity Fraud Awareness Week October 8-14.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    Legislation introduced into Parliament yesterday – The Crime Bill, will aim to deter white collar criminals and organised crime groups. The Bill will increase financial penalties for all Commonwealth crimes, and create a new offence of using a false identity when travelling on aeroplanes. It will make it a crime to use a false identity to book a flight over the internet or to take a commercial flight. It will also be a crime to use a false identity when identifying oneself for a flight.

    Another significant change as part of The Crime Bill will be an increase to penalty units. “Penalty units” in the Commonwealth Crimes Act will increase from $110 to $170. These have not increased since 1997.

    “Identity theft is one of the fastest growing crimes in Australia. This Bill will make it a criminal offence to use a false identity when travelling within Australia by air or booking domestic flights online or using a mobile phone,” the Attorney-General Nicola Roxon said in a statement to the media.

    “Organised criminals invent or steal identities in order to evade detection and commit serious crimes such as money laundering, drug offences, fraud and terrorism.

    The bill expands laws against identity theft by making it a crime to use a carriage service like the internet or a mobile phone to obtain identity information with the intention of committing another offence.

    So for instance, if fraudsters use the internet to obtain your personal information and it was shown the intention was to commit fraud, then the new laws should in theory kick in -placing a crime in not only the attempted fraud, but the actual misuse of your identity information.  Personal information is such a valuable commodity in criminal circles. Criminals can use your personal information to impersonate you, commit crimes, and also to take out credit in your name, leaving you with a pile of debt and bad credit history as the calling card. So this is a significant improvement.

    Ms Roxon said an example of the effect of the increase in penalty units was the maximum fine for obtaining a financial advantage by deception would jump from $66,000 to $102,000 for an individual.

    “This is a significant increase and should send a strong message that crime does not pay,” she told The Australian yesterday (Flying under false name to be a crime).

    Some more examples of how changes could deter criminals:

    •  A person who dishonestly uses the financial information of another person without their consent will face up to $51,000 in fines, up from $33,000. Companies who commit this crime could be liable for more than a quarter of a million dollars in fines, up from $165,000;

    •  A person who knowingly makes a false or misleading statement in documents they lodge with ASIC will face up to $34,000 in fines, up from $22,000. A company will be liable for up to $170,000 in fines, up from $110,000.

    This may go some way to deterring identity thieves within Australia. But there is still a significant amount of fraud related crime which originates from outside Australia. Widespread internet use means identity crime can have very long arms. And this is the real problem with this type of crime. It can be difficult to find let alone prosecute and penalise criminals for identity crime and other financial crimes when it doesn’t originate on our shores. But it was probably a necessary to step for the government to take to fight this global problem of identity crime nationally.

    To find out more about identity crime, and how it could impact your credit rating, you can read our last post Is your good name at risk? What you may not know about identity theft and your credit file. If you are looking to remove bad credit history after identity theft, contact a Credit Repair Advisor on 1300 667 218 or visit our main site www.mycra.com.au.

     

  • How Malware can infect your life and put you and your credit file at risk of fraud

    Think malware is a term used to describe clothes you go shopping in? Then you might have a big problem. Malware is what’s known as a syntactic form of identity crime – where fraudsters attempt to exploit technical vulnerabilities in order to commit fraud. Today the total malware count is just shy of 80 million. That’s scary stuff. We tell you exactly what it is, and what you can do to prevent your personal information from being exploited by fraudsters and prevent debt and bad credit history from credit fraud.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    Last week I received a warning from the Stay Smart Online alert service about a new spam email containing a Trojan horse virus as an attachment. This must have caught out enough people for SSO to put out a warning about it. In fact, new forms of malware catch out millions of people every day. It is reported there are 55,000 new unique malware samples per day sent out there. So how can we stay on top of it?

    Stay Smart Online defines malware, and explains how it can infect your life through your computer:

    What is ‘malware’ and how does it affect your computer

    Malware—short for ‘malicious software’—is the term often used to refer to any type of malicious code or program that is used for monitoring and collecting your personal information (spyware) or disrupting or damaging your computer (viruses and worms).

    Spyware

    The term spyware is typically used to refer to programs that collect various types of personal information or that interfere with control of your computer in other ways, such as installing additional software or redirecting web browser activity.

    Examples of spyware include:

    Keyloggers

    A keylogger is a program that logs every keystroke you make and then sends that information, including things like passwords, bank account numbers, and credit card numbers, to whomever is spying on you.

    Trojans

    A Trojan may damage your system and it may also install a ‘backdoor’ through which to send your personal information to another computer.

    Viruses and worms

    Viruses and worms typically self-replicate and can hijack your system. These types of malware can then be used to send out spam or perform other malicious activities and you may not even know it.  Both can use up essential system resources, which may lead to your computer freezing or crashing.  Viruses and worms often use shared files and email address books to spread to other computers.

    How does your computer become infected with malware

    Most spyware is installed without your knowledge. It often gets onto your computer through deception or through exploitation of browser vulnerabilities.

    •Spyware can come bundled with other software. When you download a program, the spyware can be downloaded and installed at the same time.
    •Some spyware infect a system through security holes in the Web browser or in other software. When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and installation of spyware.
    •Be wary of USB sticks from unfamiliar or untrustworthy sources, for example those given away at conferences, trade shows, or in promotional packs. These devices may contain malicious software, which could cause severe damage to your computer or compromise your personal information.
    •Some “rogue” spyware programs masquerade as security software.
    •Worms can also be used to install spyware on your computer.

    A recent article published in the Sydney Morning Herald Tech Section has some alarming concerns from some pretty hefty security people about the internet’s battle with malware. Many wonder if we could possibly be losing the fight against it – with updates unable to keep up with new developments, and anti-virus letting some slip through the cracks. If you’re game, you can read this article here: Anti-virus can’t keep up with threat onslaught.

    Concerns aside, far and away the best way we can have any hope of fighting it – is with installing updates on our computers. Here are Stay Smart Online’s best tips for preventing malware:

    How to prevent spyware from getting onto your computer

    •Install anti-spyware and anti-virus software and set it to automatically check the product website for updates. This will ensure that your computer is protected against the latest viruses and spyware.

    •Install a firewall. It will prevent unauthorised access to your computer and the installation of spyware on it. Some firewalls can also prevent information being taken from your computer and sent to someone else.

    •If you must use a USB stick from an unfamiliar source, you should always scan the USB stick for viruses or other malware before accessing any of its content. You should also disable the autorun function, which is commonly enabled on the Microsoft Windows operating system. This will lessen the risk that any malicious software that may be on the USB stick, will automatically start when you connect it to your computer.

    •Keep yourself informed about the latest security threats and solutions. You can sign up for the free Cyber Security Alert Service from this website. Alternatively, your anti-virus software vendor may have an email alert system. Look for a ‘keep informed’ tab or section on the software’s main screen.

    •Be cautious about opening emails from unknown or suspicious sources. Look at the sender of the email as well as the body and the subject of the email. Do not open email attachments or click on hyperlinks in these emails. You should install spam filters to minimise the amount of spam you receive.

    •Set your anti-virus software and anti-spyware software to automatically scan incoming email.

    •Only download files and software from reputable web sites. Read the licence agreement and terms of use before you download software and don’t download it if you don’t understand or trust the terms and conditions.

    •Be wary when exchanging files even with colleagues or friends. Scan the files before you install them or run them on your computer.

    •Never click on an ‘Agree’, ‘Ok’ or ‘No’ button to close a window on a suspicious website or pop-up. This can launch spyware onto your computer. Instead, click the red ‘X’ in the corner of the window to close the window.

    Your credit file at risk

    In SMH’s article, Charles Wale, security and risk consultant at Lee Douglas and Associates, who has consulted for over 50 ASX-listed companies says consumers need to realise their machines are targets.

    “They are after your personal information for identity theft and login details, especially for banking sites so they can remove funds in their favour,” he tells SMH.

    What can fraudsters do if they can get their hands on your personal information?

    They can steal passwords to your bank or credit accounts and they can also create a patchwork quilt of information that can allow them to eventually have enough on you to request duplicate identity documents, and apply for credit in your name.

    Running up credit all over town, perhaps buying and selling goods in your name, or in some cases mortgaging properties – the victim can have a stack of credit defaults against their name by the end of their ordeal – and sometimes no proof it wasn’t them that didn’t initiate the credit in the first place.

    Recovery can be slow, and in some cases victims have had no way to prove they weren’t responsible for the debt – with fraudsters leaving no trail and the actual identity crime happening long before the fraud took place.

    So to prevent devastating identity crime, which leaves you in debt and can leave you without any way of obtaining new credit for years to come, make it your business to educate yourself on internet and or computer risks. And think before you click….it could save your financial future.

    If you need help in recovering your good name following identity theft, you may find a professional credit repairer can give you the best chance at having the defaults removed from your credit file. Contact MyCRA Credit Rating Repairs on 1300 667 218 for more information.

    Image: Idea go/ www.FreeDigitalPhotos.net

     

  • Identity theft risks high for pre-retirees

    Media Release

    Identity theft risks high for pre-retirees

    27 July 2012

    Baby boomers scrambling to secure their future before retirement are prime targets for fraudsters who are dangling a whole host of carrots to lure their savings and a national credit repairer warns they are also candidates for credit fraud.

    CEO of MyCRA Credit Rating Repairs, Graham Doessel says victims of the latest very elaborate investment scams could also be at risk of identity theft and having their good name used to take out credit.

    He says pre-retirees who fall victim to scams lose their nest egg, and could also have their identity hijacked and potentially credit taken out in their name, which can rob them of the ability to obtain credit in the years when they will need it most.

    “Many people in this age group also generally have a good clean credit rating, and if fraudsters are prepared to go to elaborate lengths to get them to part with their cash, what’s to say they haven’t set up fake identities and taken out credit in their name as well?,” he says.

    Investors were earlier this month hit with the news of an elaborate scam involving overseas investments.

    The Australian Crime Commission and Australian Institute of Criminology reported that more than 2600 Australians have lost in excess of $113 million to these investment frauds, but it is believed there is a high level of under-reporting and the extent is far greater.

    They warn that the scam is incredibly sophisticated and has fooled even experienced investors with elaborate back up data, including fake websites and publications and fraudsters even issuing online press releases in the hope of extracting major dollars from their victims.

    Australians have been targets for this fraud because of high levels of superannuation and retirement savings. The Australian economy is also known to have been less affected by the global financial crisis than other nations.

    Mr Doessel says if criminals gain access to information like names, dates of birth and addresses they can build a profile with enough information to request duplicate identity documents – enabling them to take out loans, credit cards, even mortgage properties in their victim’s name.

    “Fraudsters are never so kind as to pay the credit back -meaning the identity theft victim is hit twice – financially ruined and with no ability to borrow for 5 to 7 years,” he says.

    The Australian Bureau of Statistics data shows 514,500 Australians were victims of scams in 2011, with 44,700 people citing actual identity theft in the same year.

    Credit reporting agency Veda Advantage also recently reported in its Australian Debt Study that one in five Australians have had their identities stolen or had their personal or financial data illegally accessed.

    Matthew Strassberg, a Veda senior advisor said: “Whilst credit card fraud is a common form of identity crime, many people do not realise that with only a small amount of personal data, an identify thief could take out a second mortgage on a house, or open up a new line of personal credit and purchase items in their name or under a false identity.”

    Mr Doessel says pinpointing identity and credit fraud early can be difficult.

    “Fraudsters often change contact details, and many victims don’t know they have been scammed until they apply for credit and are refused,” he explains.

    He says sometimes there can be some early warning signs of identity theft, and people should watch out for these occurrences:

    1. Strange unaccountable withdrawals on credit or personal bank accounts. It may not need to be a big amount to indicate fraud. Many criminals do ‘test’ amounts to begin with before extracting more significant amounts.

    2. Phone calls or emails from what often appear to be legitimate companies, asking for money or personal details. If you have given bank details or personal information in this way either online or on the phone there is a high chance it was a scam. Verify with the company in question.

    3. Can’t log in to social networking or bank accounts.

    4. Bills or letters of demand sent to you for accounts you don’t know about.

    5. Missing mail – particularly credit card statements which could indicate someone has overtaken your accounts. In this case no news is not good news.

    6. Credit refusal due to a bad credit rating.

    If people feel they may be vulnerable to identity theft, they should alert their creditors, and also alert credit reporting agencies, who may be able to ‘flag’ their accounts to prevent fraudsters accessing credit in their name.

    Mr Doessel says if a credit check reveals any “surprise bad credit” through possible identity theft victims should act immediately to notify Police.

    “This crime is not very widely reported. But it is only through people reporting it that any real statistics get collated. Likewise, if people want to try and repair their credit rating following identity theft, the first thing I tell them is to make sure they have a Police report,” he says.

    For more information on restoring a credit rating following identity theft, contact MyCRA Credit Repairs on 1300 667 218 www.mycra.com.au.

    /ENDS.

    Please contact:

    Lisa Brewster – Media Relations Mob: 0450 554 007 media@mycra.com.au

    Graham Doessel – Director Ph 3124 7133

    Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog 246 Stafford Rd, STAFFORD Qld

    MyCRA Credit Repairs is Australia’s leader in credit rating repairs. We permanently remove defaults from credit files.

     

    ——————————————————————————–

    Image: photostock/ www.FreeDigitalPhotos.net

     

  • Veda throws new light on identity theft and credit fraud: 1 in 5 affected

    Identity theft numbers continue to climb. How can this impact your credit file and possibly lead to a wrong default listing? And what action can you take if you are a victim of identity fraud?

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    Credit reporting agency Veda Advantage has revealed more results of their annual Australian Debt Study, of around 1,000 Australians that one in five have had their identities stolen or had their personal or financial data illegally accessed.

    The results, released on Thursday to the Sydney Morning Herald and published in the story Identity theft hits one in five: study, shows the figures have climbed higher than previous studies on identity theft. This includes the widely attributed study on identity theft commissioned by former Attorney-General Robert McLelland twelve months ago, which revealed one in six Australians had fallen victim to, or knew someone who was a victim of identity theft.

    It was reported that credit card crime such as skimming is one of the major problems plaguing consumers. Here is more from that story:

    Australians aged 35-49 are the most likely group to fall victim to identity fraud while 18-24 year olds are the least likely to report illegal access to their personal or financial data…

    …people earning more than $70,000 are much more likely to be targeted for bank account and credit card crime than those earning $40,000 a year or less and cases of identity theft and financial fraud are highest in Western Australia and NSW.

    Findings also show that almost one in three Australians suffered some form of credit crime and lost their wallet containing credit cards and identification.

    Matthew Strassberg, a Veda senior advisor said: “Identity crime is a thriving industry in Australia, with the Australian Bureau of Statistics estimating the cost of personal fraud to consumers at $1.4 billion dollars a year.

    “Whilst credit card fraud is a common form of identity crime, many people do not realise that with only a small amount of personal data, an identify thief could take out a second mortgage on a house, or open up a new line of personal credit and purchase items in their name or under a false identity.”

    Credit card fraud is the most common type of identity crime, but it is buffered by substantial bank insurance and good general knowledge of the steps to take should a person’s credit card be stolen – cancel cards, let the bank know etc etc – but the silent ‘killer’ if someone’s wallet is stolen or a home is broken into; or personal information accessed over the internet or through the various sophisticated computer viruses that are out there – could be the personal information that can be accessed and misused.

    We consider if someone is alerted to having money stolen from credit cards early, or perhaps is able to call their bank and stop fraud in its tracks – that they are the lucky ones.

    The unlucky identity theft victim is unaware of the fraud until their identity is misused, and their credit rating with it. When identity theft damages a person’s credit rating – it is because the fraudster has been able to overtake credit accounts, or has gained access to enough personally identifiable information about the victim to forge new identity documents.

    This gives the fraudster access to credit cards, loans, even mortgages which allows them to extract significant amounts of money without the victim realising it straight away.

    If credit accounts are not repaid – after 60 days the victim may be issued with written notification of non-payment and the intention for the creditor to list a default on their credit file. It is at this moment that some people who were previously unaware of any problems find out they have been victims of this more sophisticated type of identity theft.

    But often the credit file holder has also had their contact details changed – and this means it is not until they apply for credit in their own right and are refused that they find out about the identity fraud. This can be a significant time after the initial crime.

    It can often be difficult for Police to track down who was responsible for the fraud, and likewise, it can be difficult to prove to creditors the victim did not instigate the credit in the first place. People can be left not only owing thousands of dollars, but can also be left robbed of the ability to take out new credit. Major fraud such as this can completely debilitate a family for years after the crime took place. Bad credit sticks around for between 5 and 7 years, depending on how the unpaid credit is listed on the victim’s credit file.

    Knowing how to dispute a credit report which is damaged from identity theft is a science, as is all credit listing complaints. The onus is on the credit file holder to prove to the creditor they did not initiate the credit. This requires proof, including Police reports and documentary evidence.

    This is why many identity theft victims – and all victims of credit file mistakes – turn to professional credit repairers to repair their bad credit in these instances. Often there is only one shot at disputing a credit listing with a creditor. Seeing a professional can give people the best chance of correcting bad credit and having those mistakes (including mistakes from fraud) which appear on their credit report removed for good.

    If you are the one in five who has been a victim of identity theft, have you checked your credit file lately? Do you know whether you could be at risk of identity fraud and credit misuse?

    You can get a free copy of your credit file annually from one or more of the credit reporting agencies in Australia and you should do this to make sure your good name hasn’t been compromised.

    If there is something on your credit report that you don’t agree with, or you think you may have fallen victim to identity crime, contact Police and contact a credit repairer – don’t be embarrassed, and don’t put up with bad credit that shouldn’t be there.

    Image: scottchan/ www.FreeDigitalPhotos.net

    Image: vichie81/ www.FreeDigitalPhotos.net

  • Cyber security is about protecting your credit rating.

    MyCRA is proud to be a partner for Cyber Security Awareness Week 2012, running this week from 12 to 15 June.  Awareness Week helps Australians understand cyber security risks as well as educating home and small business users on the simple steps they can take to protect their personal and financial information online. Today, we address the importance of cyber security for preventing bad credit history.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    Cyber Security Awareness Week 2012 is an Australian Government initiative, held annually in partnership with industry, community and consumer groups and state and territory governments. According to the Stay Smart Online website, cybersecurity awareness is more important than ever.

    “Australians are increasingly relying on the internet in their everyday lives for banking, shopping, education and communication. It is, therefore, important that they are able to use the internet in a secure and confident manner. The government has established a range of initiatives to raise the awareness of Australian internet users about the importance of cybersecurity and the simple steps they can take to protect their personal and financial information online.”

    One of the big risks for Australians is that their internet use will lead to fraudsters stealing their personal information for purposes of identity theft (now the fastest growing crime in Australia) and potentially fraud. The good credit rating of the victim could then be damaged.

    If cyber-crooks are able to get their hands on enough personal information they may be able to construct a fake identity, which can lead to some serious credit fraud. Fraudsters have been known to go so far as to take out personal loans, credit cards and even mortgage homes in their victim’s name.

    When the identity theft goes so far as to affect the credit file of the victim, the issues can be huge. Unfortunately fraudsters are never so kind as to pay this credit back, so the victim is often unaware of a stream of defaults run up against their name, until the apply for credit in their own right and are flat out refused.

    For between 5 and 7 years identity theft victims can be locked out of credit while their credit rating shows up someone else’s defaults.

    Unfortunately in the past it has not been easy for identity theft victims to prove they did not initiate the credit, particularly if they have no idea how they were duped in the first place.  Often this sophisticated type of fraud is instigated by overseas crime syndicates who don’t leave much of a trail, or even if they do, can’t be prosecuted easily.

    But the ability to obtain credit is so crucial to functioning well in today’s society, that if the identity theft victim has also been a victim of credit fraud, they should make their clear credit rating a point worth fighting for.

    Firstly, the victim should contact Police as soon as they are made aware of possible identity theft, they may even be able to prevent the credit fraud occurring. If it has already happened, a Police investigation and report will be a good starting point for proving the person did not initiate the credit in the first place.

    Credit file repair can be difficult for the individual, but if there is an error on a person’s credit file it is worth pursuing. It can be made easier with the help of a credit repairer. A credit repairer has extensive knowledge of credit reporting legislation and how to apply the letter of the law to the credit file holder’s circumstances to ensure the best chance of having the listing or listings completely removed from the credit file if it has been placed unlawfully, for instance if the listing contains an error, is unjust or just shouldn’t be there.

    The best thing people can do for themselves is to prevent that crime from happening in the first place. People can provide a safety buffer for themselves and their family around one of the main channels for fraudsters to enter our lives – the internet.

    To start, people can follow these top tips provided by Cyber Security Awareness Week 2012 on how to stay safe online:

    • Install and update your security software; set it to scan regularly.
    • Turn on automatic updates on all your software, particularly your operating system and applications.
    • Use strong passwords and different passwords for different uses.
    • Stop and think before you click on links and attachments.
    • Take care when transacting online – research the supplier and use a safe payment method.
    • Only download “apps” from reputable publishers and read all permission requests.
    • Regularly check your privacy settings on social networking sites.
    • Stop and think before you post any photos or financial information online.
    • Talk with your child about staying safe online, including on their smartphone or mobile device.
    • Report or talk to someone if you feel uncomfortable or threatened online – download the Government’s Cybersafety  Help Button.

    In addition, people can and should subscribe to the email notifications from Stay Smart Online Alert Service. The Stay Smart Online Alert Service is a free subscription based service that provides home users and small to medium enterprises with information on the latest computer network threats and vulnerabilities in simple, non-technical, easy to understand language. It also provides solutions to help manage these risks.

    Also, people can look at securing different sections of their internet use in more depth with the help of Stay Smart Online’s key factsheets for online security.

    They can also help raise awareness of the issue amongst their own group of family and friends and insist that anyone who has their personal information has a responsibility to keep it safe.

    People should also check their credit file regularly, and act quickly on any discrepancies there – which can often be the first sign of identity theft. Copies of consumer and business credit files can be ordered from one or more of Australia’s credit reporting agencies, and are free for the credit file holder once per year.

    Stay tuned for more information updates as Cyber Security Awareness Week unfolds.

    Image above: Victor Habbick: www.FreeDigitalPhotos.net.

     

     

     

  • 12 Quick Privacy Tips for Parents

    As we close off Privacy Awareness Week 2012, it’s important to take away some information that people can use in their daily lives to protect their personal information, to prevent identity theft and to protect the integrity of their credit file from credit fraud. If you are a parent who wants to get involved in what your child is doing online, or even if you feel overwhelmed by the online options open to young people today – this information could save you from the dangers that occur through internet use and allow both and your child to get on the same page about online safety.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    The Office of the Privacy Commissioner, Canada has put together some information for parents on 12 Quick Privacy Tips which show how to navigate a digital environment and how parents can lead their children in better Privacy practices.

    We have included this information sheet for you in its entirety:

    12 Quick Privacy Tips for Parents

    It can be tough raising kids in a digital environment. Many of them use the Internet effortlessly, and easily adapt to new devices that connect to it. For many of us, these tools have become a routine part of our children’s lives, as they use them to chat, surf, post, play and learn. The Internet has become one of the most powerful tools they have to connect with friends and make new ones.

    Many kids, however, don’t fully understand the impact that some online activities may have on their privacy. Below are 12 tips to help you limit the risks to your children’s personal information, while allowing them to make the most of their time online.

    •1. Talk to your kids.
    It’s important to know the Internet spaces your kids frequent and the devices they use to go online, to help you understand the nature of personal information they may be sharing. Technology changes rapidly and many children are ahead of adults in adapting to new options. Talk with them often about their online activities to keep up with what they are doing and interested in.

    •2. Try it out.
    It’s not enough to know what online spaces and devices your kids are using. To understand the nature of the personal information they are sharing, you should know how they are using and experiencing them. So, dive in. Try out the family web cam if you have one, play the online games they love, create a profile on the social networking sites they frequent, and download some music.

    •3. Keep up with the technology.
    Many mobile devices, like smart phones, tablets and gaming consoles, can connect to the web and have video cameras. The lines between devices are blurring, and it is important to know what kind of device your child has, so that you know whether they are merely playing a game, or if they are using the Internet and sharing personal information.

    •4. Make restricting privacy settings a habit.
    Most social networking sites have extensive privacy options that children should learn to use. For each site where your kids are posting information about themselves, their family and their friends, sit down with them and review that site’s privacy policy. Then modify the privacy settings of their account, and have them consider how the information they are posting could be used – or misused – by others.

    •5. Make password protection a priority.
    Children need to understand that their online information will be better protected if they use passwords. They should use different passwords for different sites and they should change them regularly. Encourage them to ensure their passwords are strong (eight characters or more and a variety of letters and/or numbers), to change them regularly, and to never share them with anyone.

    •6. Emphasize the importance of protecting mobile devices.
    The first thing anyone should do with a new mobile device is activate the password protection. Talk to your kids about this, and the importance of protecting the device itself – not just because it may be expensive, but because it may contain their personal information. A device that gets into the wrong hands could result in embarrassing or even malicious videos or pictures being posted online by someone else in your child’s name.

    •7. Remind your kids that what they post on the Internet is not always private.
    Your kids should understand that once they post content online, they no longer have control over it. It can be forwarded, copied and pasted, manipulated, printed out or saved – it can remain online, in some form, potentially forever. They should know that even password-protected pages are not totally secure, and that deleting information doesn’t mean that it’s gone forever.

    •8. Teach your kids to think before they click.
    It can take only seconds to snap a photo and post it to the Internet, or to post a comment. But it can be nearly impossible to permanently delete that comment or photo once it’s posted, as it can then be downloaded or archived by others. This is why it’s so important for kids to think twice about every piece of personal information before they post it to the Internet. They should only post things that they would be comfortable with the whole world seeing.

    •9. Stress the importance of knowing your real friends.
    Kids need to know that, online, they can’t be 100% sure of who they’re talking to, so they should never accept friend requests from people they don’t know in real life. Online friends can end up accessing online photo albums, reading personal comments, copying and pasting information, knowing what you’re doing and where you are. Remind your kids that a “friend” of a “friend” of a real-life friend is really just a stranger.

    •10. Teach your kids that their personal information is valuable.
    Kids need to know that many people and companies want their personal information to sell or market things to them in the future. New and exciting technologies are emerging daily, but often personal information is the cost of admission. Review the personal information they often need to surrender in order to play online games, fill out an online survey or quiz, join virtual worlds or even just shop online. Discuss potential ways to limit that information, for example, by completing only required fields, using pseudonyms, and using incomplete information.

    •11. Let your kids know that you are there if they make a privacy mistake.
    Stay calm if your child makes a mistake, like posting something they shouldn’t have. Help them remove the post, where possible, and talk with them about how they can avoid a similar mistake in the future. If you “freak out” or deny access to them, they may not come to you for help when they really need it in future.

    •12. Set a good example.
    Remember, those cute potty training or bathing photos of your own child that you are tempted to post can also be copied and shared, and remain online forever! Just as you would respect your friends when posting photos or other items that contain their personal information, respect your kids’ personal information too. Set a good example when you’re online so your kids have a good role model to look to if they’re wondering what kind of information is OK to post.

    Credit fraud: What can happen to your child if their personal information is extracted by fraudsters

    Superintendant Brian Hay from the Queensland Fraud Squad told Channel 7’s Sunrise Program in October last year, that criminals were targeting the personal information of our young Facebook users.

    Supt Hay said criminals had been known to be storing the personal information of children around the world in databases to be used when they turn 18 and are able to take out credit.

    “We know that the crooks have been data warehousing identity information, we know that they’ve been building search engines to profile and build identities,” he told Sunrise.

    “We need to tell our children if you surrender your soul, if you surrender your identity to the internet it could come back to bite you in a very savage way years down the track,” he says.

    Most identity theft victims have no idea they have given away personal information to fraudsters until it is too late. If identity fraud sees accounts in the victim’s name going undetected and unpaid past 60 days, the credit file holder can have their good name destroyed for 5-7 years due to defaults.

    It need not be major fraud to be a massive blow to the identity theft victim. Unpaid accounts for as little as $100 can have the same negative impact on someone’s ability to obtain credit as a missed mortgage payment. So any misuse of someone’s credit file can be extremely significant.

    For more education for parents about the risks of cyber-crime and tips for staying safe, the Government has put together the CyberSmart website, which has special sections for parents and children. You may also like to visit the government’s Stay Smart Online website, which provides information for Australian internet users on the simple steps they can take to protect their personal and financial information online. It also has an Alert system which you can subscribe to, which notifies you of the latest risks to your personal information or computer.

    Don’t get caught with credit rating defaults that should not be there. Don’t let fraudsters take over your good name. Educate yourself on what a valuable commodity your personal information is, and how you can protect what is your ticket to financial freedom in this modern world – your credit file – from fraud.

    Image above: Keerati/ FreeDigitalPhotos.net

    MyCRA Credit Rating Repairs is proud to be a Partner for Privacy Awareness Week 2012.

  • Privacy Commissioner reports data breaches on the rise

    As part of Privacy Awareness Week 2012, over 180 business leaders met in Sydney this week to discuss the topic of data breaches. Data breaches can occur through lost or stolen laptops, portable storage devices and paper records, or through databases being ‘hacked’ into or organisations mistakenly providing information to the wrong person. The effects of data breaches can be theft of identity and potentially credit fraud leading to bad credit history for the victim. The Privacy Commissioner claims there is in effect one data breach a week in Australia – an increase of 27 per cent from last year.

    This is an excerpt from Privacy Commissioner Timothy Pilgrims statement to the media on Monday on data breaches in Australia:

    “The Office of the Australian Information Commissioner (OAIC) was notified of 56 data breaches in the last financial year, equivalent to a data breach a week. This is up from 44 in the previous year, an increase of 27 per cent,” Mr Pilgrim said.

    However, the Privacy Commissioner also noted that he opened a further 59 investigations into other breaches where he wasn’t notified of the incident.

    “Serious harm can befall people when the security of their personal information is compromised”, Mr Pilgrim said. “It is our view that whenever there is a real risk of serious harm, affected individuals should be notified.”

    …Data breach notification is not a mandatory obligation applying generally to government and business in Australia. However, there is increased pressure on the Government to introduce laws to make it a general legal requirement as it is elsewhere — data breach notification is already a mandatory requirement in Europe, the UK and the United States….

    The Privacy Commissioner warned that in some circumstances, it may be a breach of the Privacy Act not to notify as organisations covered by the Privacy Act must take reasonable steps to protect the information they hold.

    For businesses who would like a reference for guidelines on handling personal information security breaches, the OAIC has released this document:

    Data breach notification: A guide to handling personal information security breaches. It outlines four steps to consider when responding to a breach or suspected breach and also outlines preventative measures that should be taken as part of a comprehensive information security plan.

    Personal information has become a valuable commodity used to commit identity fraud and potentially ruin the victim’s financial future.

    We can’t take lightly the possibility that any company that keeps data on its customers could be exposed to data breaches. Identity theft is becoming more prevalent, and personal information is lucrative for fraudsters.

    Personal information in the wrong hands can lead not only to identity fraud, but the misuse of the victim’s credit file, which can have significant long term consequences.

    Data breaches are difficult for individuals to have any control over, and the only way people can ensure their details are safe are to demand that the companies they deal with have strong IT systems before disclosing that information.

    The Australian Crime Commission’s Identity Crime report advises consumers on ways they can protect their personal information. They advise all individuals to obtain a copy of their credit report annually in order to keep abreast with any changes to their credit file which may point to identity theft.

    This could detect suspicious entries such as new credit enquiries or changes in contact details which would point to an identity theft attempt, allowing steps to be taken before the fraud affects the person’s good credit rating.

    If a person may be vulnerable to identity theft through a data breach, they should check their credit file immediately, and also contact Police who will advise them on the best course of action to take to restore their accounts and potentially their good name. This could include applying for a Victims of Commonwealth Identity Crime Certificate – which covers particular Commonwealth Identity Crime and can aid in recovery.

    If people need help to prepare a case to creditors for default removal following identity theft, it may help to contact a reputable credit repair company.

    Image above: David Castillo Dominici/ FreeDigitalPhotos.net

    MyCRA Credit Rating Repairs is proud to be a partner for Privacy Awareness Week 2012.

  • MyCRA Partners Privacy Awareness Week 2012

    MyCRA Credit Rating Repairs is proud to be a Privacy Awareness Week (PAW) Partner for 2012 which runs 29 April to 5 May.  The team at MyCRA hope we can help educate more people on Privacy Issues this week and in doing so reduce the numbers of identity theft cases in Australia. Privacy of your personal information is crucial to prevent identity theft and subsequent credit fraud. This week, through information provided by the Office of the Australian Information Commissioner (OAIC) and also through our own information, we want to help clarify how Privacy (or lack of it) can affect your credit file and promote safety of your valuable personal information.

    This post features a newsletter titled “Privacy It’s All About You” provided by the OAIC which will clarify the origins of PAW and the importance of Privacy in your business, your life and for maintaining your good credit history. Please find full newsletter below:

    Privacy: it’s all about you

    Privacy Awareness Week (29 April – 5 May) is an annual event during which the Asia Pacific Privacy Authorities join forces to remind everyone to take steps to protect their own privacy and safeguard personal information about others that they might hold.

    “Privacy is recognised in many countries, including Australia, as a human right,” says Privacy Commissioner Timothy Pilgrim. “Serious consequences can arise when someone’s privacy is breached and we all have responsibilities to look after the personal information we handle.”

    Organisations and government agencies covered by the Privacy Act must meet responsibilities when collecting, using and disclosing personal information. This includes giving sufficient notice about why personal information is being collected and how it will be used and disclosed.

    Businesses covered by the Privacy Act are subject to ten National Privacy Principles or NPPs while most Australian, ACT and Norfolk Island government agencies must comply with eleven Information Privacy Principles or IPPs.

    Quick privacy tips for business and government agencies:

    • Don’t collect personal information that is unnecessary for your business
    • If you do need to collect people’s personal information, tell them why you are doing this, what the information will be used    for and how long it will be kept
    • Make it clear who will have access to that personal information, including any third parties
    • Take steps to destroy or de-identify personal information that is no longer required, subject to other record keeping    requirements.

    What about you?

    When it comes to protecting your own information, Mr Pilgrim is urging all Australians to be increasingly more vigilant about protecting their information.

    “You really need to pay attention to what information you are sharing and how it may be used, particularly online and when using smartphones, where personal information is routinely collected and stored by any number of entities.”

    Mr Pilgrim says people tend not to think about what information they are giving away or what will happen to it, especially as they make quick transactions online.

    Know what’s going on

    When your online search history is aggregated with other information you may have shared online, a detailed picture emerges that could compromise your privacy.

    Most search engines today track and store details about your browsing habits to help guide you to the information you are seeking. But Mr Pilgrim says that many of us remain unaware of how this happens or where our information may end up.

    “Find out how your information is being used by checking the privacy policy of the search engines you use.  If you want more control, look for options that allow you to prevent aggregation and keep information you post across various accounts separate.”

    Different search engines operate in different ways.  So if you are unhappy with the way your information is being used by one provider, consider using another.

    “I’d encourage people to always use the provider that offers them most control about how their personal information is used,” Mr Pilgrim added.

    Similar issues apply to apps: when you download them, you usually agree to your personal information being collected in some way.

    “Next time you decide to download an app, take a moment to look at the terms and conditions that set out what you are signing up for, what type of information the app developer is collecting and how it will be used.”

    While these kinds of details can be buried in the fine print, Mr Pilgrim says it’s worth making the effort to know and understand what you are agreeing to so your information is not used in unexpected ways.

    “Just as in the real world, if you want to safeguard your privacy, you need to pay attention to what information you are handing over and ask companies what they are doing with it.”

    Find out more at www.privacyawarenessweek.org/oaic

    Stay tuned for more information on Privacy, your personal information and your credit file.

    If you think you may be a victim of identity theft, firstly contact Police who will assist you.

    If identity theft has affected your credit file (credit fraud) and you need help with removing negative listings such as defaults and clearouts which should not be there, it might be helpful to contact a credit rating repairer to go through your options for credit rating repair.

    Graham Doessel, Founder and CEO of My CRA Credit Rating Repairs and www.fixmybadcredit.com.au.

    Image: suphakit73 / FreeDigitalPhotos.net