MyCRA Specialist Credit Repair Lawyers

Tag: Identity Theft

  • “Huge” increase in identity theft from scams: ACCC

    scamScam report numbers have ballooned to a massive $89 million lost to scams in Australia, according to the Australian Competition and Consumer Commission (ACCC). Dating and romance scams topped the list of financial losses and the ACCC reports a “huge” increase in identity theft numbers from scams. We look at the details of the ACCC’s report, as well as which scams have taken the most victims. Be scam-savvy in order to protect your finances as well as your identity. Identity theft through scams, or any means can lead to credit file misuse, so it is important to know how to look out for scams as a way of maintaining your clean credit rating in this day and age.

    By Graham Doessel, Non-Legal Director MyCRA Lawyers www.mycralawyers.com.au.

    The ABC News Report ‘Scams cost Australians $89 million in 2013, says Australian Competition and Consumer Commission’ says the ACCC figures show a 10 per cent spike in scam reports last year, as well as an alarming trend in phishing and identity theft.

    Out of a total of 92,000 complaints received – losses amounted to $89 million. The ACCC’s Targeting Scams Report shows Australians lost $25 million to dating and romance scams with only 2,777 losses related to this type of scam.

    According to reports the most complained about scam was advance fee-upfront payment scams, where consumers are typically asked to make a payment with their credit card to access a bogus refund, prize or other kind of reward. More on this report:

    ACCC deputy chairwoman Delia Rickard says the figures are only a small snapshot of how much money people are losing to scams.

    “We talk to other agencies, and work is being done so there will be a central repository of all reported scams in Australia but that’s not in place just yet,” she told the ABC.

    “So we know it’s significantly more than the $89 million that was reported to us.”

    …Ms Rickard says she is very concerned about the “huge increase” in phishing and personal identity theft.
    “These can take all sorts of forms but usually it might be ‘fill in this survey and you could win a $50 voucher’ and you go to fill in the form and it will ask you for a range of private things with your name, age, address,” she said.

    “It might ask for your credit card details so they can deposit winnings into it, Medicare numbers, passport numbers.

    “What scammers do is they then use this information to impersonate you to open all sorts of accounts, run up debts in your name, drain your bank account.

    “So people really need to learn the importance of that personal information and not give it out unless they’re absolutely clear about who they’re dealing with and it’s clear why that person will need that information.”

    Identity theft including credit rating misuse can be pretty lucrative for fraudsters. In addition to your regular ‘scam’ fraudsters may also tack on a request for personal details, which signifies an attempt to misuse those details in the future, possibly for identity theft purposes. Requests for full names, dates of birth etc may leave victims vulnerable to identity theft.

    Fraudsters may also ask these questions:

    • With whom do you bank?
    • For how long?
    • What is your credit card number?
    • What is your driver’s licence number?

    If fraudsters have a person’s full name plus who they bank with, and what their driver’s licence number is they have the basic building blocks for an identity theft attempt. They can call the bank and have some kind of identity information on which to proceed with accessing bank accounts AND accessing further credit in your name.

    Sometimes you may not know you have been a victim until after you apply for credit and are refused.

    By that time, it is a struggle to recover your good name. For an identity theft victim to have a chance at removing bad credit history, you must prove you didn’t initiate the credit in the first place. This can be difficult if the scam happened months or years before.

    What to do if you are a victim of a scam

    1. Contact the Police immediately. Don’t be embarrassed or dismiss it because you don’t think the amount was significant enough. It is only through identity theft being reported that data gets collected and appropriate preventative measures eventually get put in place.

    2. Contact your Bank. They should be able to flag your accounts so that no credit can be obtained in your name.

    3. Contact the credit reporting agencies that hold your credit file. In Australia, this is Veda Advantage, Dun and Bradstreet and TASCOL (if in Tasmania). You should inform them that you may be at risk of identity theft and they may have a plan of action for protecting your credit file.

    4. At this time, you should also order a copy of your credit report. If there are any inconsistencies on your credit report – change of address, strange credit enquiries and instances of credit you don’t believe you’ve access, then you may already be a victim – and should do all that’s possible to follow up on each account so as not to accrue defaults on your credit file that should not be there.

    5. If you find you have defaults that shouldn’t be there, take steps to remove them. Although it seemed so easy for the fraudster to use your good name in the first place, you are now faced with proving the case of identity theft with copious amounts of documentary evidence in order to get the credit listings removed from your credit file.

    If you have neither the time nor the knowledge of Australia’s credit reporting system and credit legislation that you may need to fight your case yourself, you can seek the help of a professional credit dispute firm.

    Visit www.mycralawyers.com.au for more information on identity theft and bad credit or call us on 1300 667 218.

    The latest information about scams and tips for consumers can be found at the ACCC’s ScamWatch website, and you can also subscribe to alerts there:  www.scamwatch.gov.au.

    Talk to us about disputing your credit report

    Image: Stuart Miles/ www.FreeDigitalPhotos.net

  • Protect Your Personal Information To Prevent Identity Theft

    Identity crime

    (As seen on the ATO’s website)
    Your personal information is the key to your identity.
    Protecting your personal information is just as important as locking your front door.
    Do you know what you need to protect and how? Watch the ATO’s video and make protecting your personal information part of your day.

     

    Here is the full transcript for the video:

    Your personal information, like your identity – is unique. You use it to verify who you are and to access things like bank accounts, loans and tax returns.

    Protecting your personal information is important. But do you know what to protect?

    Personal information includes your name, address, date of birth, credit card details, myGov details, tax file number and driver’s licence details.

    Without proper protection your personal information can be stolen. For example, a scammer might use a fake job recruitment process to ask for information like your tax file number. Scammers can also email you, knock on your door and collect your details via online ‘classifieds’.

    Like locking up your house or covering your pin at the ATM, make protecting your personal information part of your day. Here are a few simple tips to follow:

    • firstly, don’t put your tax file number on your resume and only give it to an employer after you’ve started a job
    • never share your tax file number on social media
    • if your relationship status changes, think about changing any passwords you shared, and
    • if you’re going to use a tax agent, make sure they’re registered.

    Go to ato.gov.au/identitycrime for more tips.

    Protect your personal information and you’ll protect yourself.

  • Identity theft at their fingertips: Fraudsters and Social Media

    Media Release

    Identity theftIdentity theft at their fingertips:

    Fraudsters and Social Media

    5 June 2014

    As identity theft numbers increase in Australia, a consumer credit advocate shows how easy it can be for fraudsters to commit identity theft using social media, warning there are too many Australians disregarding their personal information, and leaving themselves wide open to identity theft and credit rating misuse.

    Graham Doessel, who is a Non-Legal Director of MyCRA Lawyers, a firm focused on credit dispute, says social media users who don’t opt in and maintain strong Privacy settings are ‘sitting ducks’ for fraudsters.

    “Fraudsters are trolling Social Media and other internet sites right now, looking for those consumers who are free and easy with their personal information,” Mr Doessel warns.

    “If you don’t strengthen your Privacy settings you run a grave risk – it’s not just the risk of having your account hacked, it’s the risk of having your identity stolen and having crime, including credit fraud, committed in your name.”

    Mr Doessel says the reason Facebook and other social media are so tantalising for fraudsters, is because many of the building blocks for identity theft are laid out.

    “If your Privacy settings aren’t secure your personal information is right at the fingertips of fraudsters,” he says.

    In order to obtain a birth certificate in Australia, a full name, date of birth, father’s name, mother’s maiden name, place of birth, and residential address are required.

    Mr Doessel says this can all be freely available on many social media profiles.

    “The other day I went on to a popular social media site, to see how easy it could be to obtain information. The frightening thing is, within five minutes of browsing a ‘random’ name, I was able to get four points of the information required on this person, and have a pretty good guess at the fifth. By simply changing the address, a fraudster could have a red-hot go at obtaining a birth certificate in this person’s name,” he says.

    Mr Doessel says other random browses proved to be similarly forthcoming, particularly amongst men using social media.

    “Women seemed to safeguard their information much better than the men I came across, begging the suggestion that women are much savvier when it comes to social media Privacy,” he says.

    His warnings come as part of Stay Smart Online Awareness Week 2014, a national education campaign aimed at helping Australians using the internet understand the simple steps they can take to protect their personal and financial information online.

    “We are raising awareness of some simple ways Australians can stay smart with their credit rating. Smart Facebook and other social media use have got to be number one,” he says.

    He is urging Australian users of social media to take some simple steps to protect the privacy of their profiles:

    Staying Smart on Facebook

    1. Don’t share too much, remember your personal information is valuable – and often once you’ve posted something online – it’s permanent.

    2. Install and maintain strong Privacy settings on social media.

    3. Change passwords regularly and use different passwords for different sites.

    4. Put a password on your mobile device.

    5. Don’t ‘friend’ someone you don’t know.

    6. Be wary about the type of requests, emails and attachments you click on.

    According to a recent Australian Institute of Criminology Identity crime and misuse survey, identity theft has increased to 1 in 10 Australians affected. 14 per cent of those victims were refused credit as a result.

    “Identity theft can lead to loans or other credit being taken out in the victim’s name, and often the victims don’t even know they’ve succumbed to identity theft until they’re refused credit themselves,” Mr Doessel says.

    He says recovery can be painstaking because the victim needs to prove they didn’t instigate the credit in the first place, but often necessary due to the victim being locked out of credit for between 5 and 7 years.

    “Identity theft can be really hard to prove, especially if the victim has no idea how their personal information was obtained in the first place. Police reports and large amounts of documentary evidence are generally required to substantiate to creditors the case of identity theft, but to those experiencing this, it’s a point worth fighting for,” he says.

    /ENDS.

    Please contact: Graham Doessel – Non-Legal Director MyCRA Lawyers Ph 3124 7133

    Lisa Brewster – Media Liaison MyCRA Lawyers media@mycralawyers.com.au

    www.mycralawyers.com.au www.mycralawyers.com.au/blog  www.mycralawyers.com.au/mediacentre

    MyCRA Lawyers 246 Stafford Rd, STAFFORD Qld Ph 07 3124 7133

    About MyCRA Lawyers: MyCRA Lawyers is an Incorporated Legal Practice focused on credit file consultancy and credit disputes. MyCRA Lawyers means business when it comes to helping those disadvantaged by credit rating mistakes.

    Image: Gualberto107/ www.FreeDigitalPhotos.net

  • Protect your child online, protect their credit rating.

    protect child onlineIf you know how to help your child stay smart online, you could just be protecting their future credit rating. One of the focuses of Stay Smart Online Week 2014 is protecting our children and helping them have safe and positive experiences online. There are significant risks to children in using the internet. Many parents may know that apart from the potential exposure to sexually explicit, violent, prohibited or even illegal content, our children may also experience cyber bullying or be at risk from contact by strangers.

    What many parents don’t know is that children are also a target for fraudsters. If they are not smart online, they may be at risk of damaging their credit rating, before they even have one. We reveal the dangers for children online when it comes to identity theft and their credit rating, as well as giving some general tips to help your child stay smart and stay safe online.

    By Graham Doessel, Non-Legal Director of MyCRA Lawyers www.mycralawyers.com.au . Stay Smart Online Week 2014.

    Stay Smart Online - Proud Partner LRProtecting the integrity of your child’s credit rating is a crucial part of protecting them online. A trick by fraudsters termed ‘data warehousing’ could mean we may see a new generation of identity theft victims. The fraud takes personal information (often freely available) and stores it until the child comes of age to take out credit or to apply for identity documents. The information is then used to take out loans, create false accounts or commit crimes.

    If the personal information is used to take out loans, the young person can end up with a series of defaults or other black marks and may be totally unaware until they apply for their first loan or credit card. For 5 years they could be locked out of credit, refused cards, loans, even mobile phones. It need not be major fraud to be a massive blow to the identity theft victim. Unpaid accounts for as little as $150 can have the same negative impact on someone’s ability to obtain credit as a missed mortgage payment. So any misuse of someone’s credit file can be extremely significant.

    Proving the case of identity theft when attempting to recover a clear credit rating is already difficult for the individual to undertake, as the onus is on the victim to prove to creditors they didn’t initiate the credit. Adding to that the fact that the perpetrator would be long gone with the actual act of identity theft happening years earlier – and those young people will have a very difficult task of recovery indeed.

    Late last year, the Courier Mail featured a story where Police were warning parents about criminals who are tracking the lives of children online, harvesting personal information to steal their identities once they become adults. The story, titled ‘Social media enables cyber criminals to build profiles for identity theft’ delved in to just how this type of fraud can occur.

    Queensland police fear a generation of youngsters could be burnt by their obsession for revealing all on the internet – left with bad credit ratings or associated with crimes they had no part in.

    Detective Inspector Phillip Stevens from the police service’s fraud and cyber crime group said criminals were harvesting the information for their own illegal purposes or to sell it to other fraudsters.

    He said social media sites were prime sources of information for online criminals. Names, ages, places of birth and addresses were all being stored and he warned parents to stop their children putting too many details online.

    “Everyone is a potential victim but we see children as vulnerable (because of the level of detail they post online),” Insp Stevens said.
    He said products such as low-document loans allowed criminals to apply for money over the internet.

    The lack of robust identity checking was enabling fraudsters to take out loans with stolen identities, he said.

    “By using a computer, criminals have no borders, can access more victims and recycled stolen identities.”

    He said by the time some children and adults become more savvy about their online personal details they may have already been a victim.

    “Identities are used for more than just fraudulent financial gains, they also used within the criminal environment as a means of providing a level of anonymity, in order to evade traditional policing methodologies.

    “If you have access to a supply of identities you can hide within the environment, commit crime under one name and hire a car with another. It makes it very difficult for police to actually know who they are looking for.”

    So how can we protect our children?

    It begins with taking an active role in your child’s computer use, and realising that their personal information is just as coveted as our own. Perhaps even more so – as the likelihood the child will have a clean credit history to begin with is even higher.

    It starts with talking to your kids about the internet, and to do that, you need to understand the spaces they are communicating in by being involved. Keep up with the latest sites and technologies to ensure you are always able to give relevant input to your child.

    Put an emphasis on protection, from settings to passwords on all devices and accounts, and encourage regular updating of passwords and codes. And ensure that they understand the importance of protecting their personal information no matter what age they are.

    Here are some other general tips which can help you ensure you are protecting your child online in all sectors, courtesy of Stay Smart Online:

    Top tips

    Know what your children are doing online-make sure they know how to stay safe and encourage them to tell you if they come across anything suspicious or if anybody says or does something that makes them feel uncomfortable or threatened.

    Get to know the technologies your children are using. This will help you understand the risks and to be able to talk to them about what they are doing online.

    Discuss the risks with your children and agree on some rules for internet use. Post them clearly near your computer.

    Tell your children if they are uncomfortable talking to you they can contact the Cybersmart Online Helpline (Kids Helpline) www.cybersmart.gov.au

    Place the computer in a family area of the home – the family or living room, rather than a bedroom.

    Install an internet content filter. This can be used to restrict what content is viewed and downloaded or the times when they can use the internet.

    Make sure your children know not to share personal information or photos. This includes their full name, mailing address, telephone number, the name of their school, or any information that could allow someone to work out who they are and where they live.

    Report inappropriate, harmful or criminal activities that occur online or via a mobile device to www.thinkuknow.org.au

    Report offensive content to the Australian Communications and Media Authority (ACMA). You can do this by completing the relevant online form at www.acma.gov.au/hotline or by sending an email to online@acma.gov.au or phone 1800 880 176

    Don’t let your children get caught with credit rating defaults that should not be there. Don’t let fraudsters take over their good name. Educate yourself and your child on what a valuable commodity your personal information is, and how you and your child can protect what is your ticket to financial freedom in this modern world – your credit file – from fraud.

    So our message this week is: take heed online, and safeguard your personal information to prevent identity theft and credit file misuse.

    For more information on credit file misuse, or to get more help or information about the security of your credit file, visit our main site www.mycralawyers.com.au, or you can contact us on 1300 667 218.

    Image: Ambro/ www.FreeDigitalPhotos.net

  • Secure your smartphone and other mobile devices to prevent credit rating misuse

    securing mobile deviceWith smartphones, tablets and other mobile devices, your life is there at the touch of a button. But the features that make your phone ‘smart’ also make it susceptible to viruses and malicious software. These attributes also make your mobile device a valuable commodity if it is lost or stolen. Your personal information can be accessed via your phone, as well as potentially your passwords, banking details, emails and photos. If fraudsters got their hands on your device, either virtually or physically, what could they get from it? Is the information on your device enough for fraudsters to access your money, or steal your identity or credit rating? For this post in aid of Stay Smart Online Week 2014, and it’s theme ‘On The Go’, we look at the best ways to secure your mobile device. 

    By Graham Doessel, Non-Legal Director of MyCRA Lawyers www.mycralawyers.com.au. Stay Smart Online Week 2014.

    Stay Smart Online - Proud Partner LR

    The rise in the use of mobile digital devices points to a need for users to be more cautious about the security of those devices, and aware of the potential for identity theft should they fall into the wrong hands.

    Mobile phones, especially smart phones are mobile computers. They allow you to access the internet and email, download applications and games and store personal contacts, photos and information. You need to protect and secure your phone just as you would your home or mobile computer.

    If you are unlucky to have your mobile device stolen it can be the same as someone breaking into your home or stealing your PC. If the device is not secure, often there is enough information on there for a criminal to go about hacking into your bank accounts, or stealing your identity and taking credit out in your name.

    Likewise if you are ‘hacked’ or download malicious software, passwords and personal information can be taken. The recent iCloud attacks are an example of how you can potentially be at risk. It demonstrates the importance of changing passwords on all accounts regularly. (See the story in The Australian ‘Hacked iCloud account victims face ongoing identity fraud risk‘).

    Identity theft can hit twice, and if you’re hit, you can face an uphill battle with your credit rating if it’s gone that far. Many times you are unaware your good name has been used until you apply for credit somewhere and are flatly refused. You can have credit applications as a minimum and possibly defaults, mortgages and mobile phones attributed to you incorrectly.

    You may have repayment history against your name on your credit rating at a minimum, or once an account remains unpaid past 60 days, the debt may be listed by the creditor as a default. Defaults remain listed on the victim’s credit file for a 5 year period unless they can prove they are an identity theft victim.

    It is not widely known how difficult recovery from identity theft can be. Unfortunately there is no guarantee that defaults can be removed from your credit file. The onus is on you to prove your case of identity theft to creditors.

    So to prevent this terrible crime from happening to you, take heed of Stay Smart Online’s Top Tips for securing your mobile device:

    Top tips

    Put a password on your phone and a PIN on your SIM card. Do not rely on the default factory settings. Using a password and PIN will stop thieves getting access to your phone or using the SIM in another phone to make calls. All phones have security settings so familiarise yourself with them and turn them on.

    Setup your device to automatically lock. If your phone has not been used for a few minutes, it should automatically lock and require a password or PIN to reactivate.

    Encrypt your data. Some phones allow you to encrypt your data, sometimes using third-party software. Encryption secures your data if your phone is lost or stolen.

    Consider installing security software from a reputable provider. Anti-virus, anti-theft, anti-malware and firewall software is available for some mobile phone operating systems.

    Stay with reputable websites and mobile applications (apps). Always keep an eye on your commonly used websites’ addresses and make sure you are not redirected or diverted to other websites. When using any financial mobile applications, such as mobile banking, make sure to only use applications supplied by your financial institution.

    Be careful when allowing third party unsigned applications to access your personal information. This includes access to your location. Always read permission requests before installing new apps or app upgrades, looking for unusual requests or pleas for money.

    Do not click on unsolicited or unexpected links. Even when they appear to be from friends.

    Check your phone bill for unusual data charges or premium rate calls. Contact your service provider immediately if you discover any unusual calls or data usage on your bill.

    Check for updates to your phone’s operating system regularly. Install them as soon as they are available.

    Be smart with Wi-Fi and Bluetooth. When connecting to the internet using Wi-Fi, try to use an encrypted network that requires a password. Avoid online banking or financial transactions in busy public areas and over unsecured Wi-Fi networks. Ensure that passers-by can’t watch what you are typing (known as shoulder-surfing). Turn Bluetooth off when you aren’t using it.

    Back up your data regularly. Set up your phone so that it backs up your data when you sync it, or back it up to a separate memory card.

    If you decide to recycle your phone, make sure you delete all your personal information first. Most phones have an option to reset to factory settings. Remember to remove or wipe any inserted memory cards.

    To assist you in case of your mobile theft or loss, ask your provider or manufacturer whether it has services such as mobile tracking and the ability to remotely wipe your information stored on the phone.

    So our message this week is: take heed online, and safeguard your personal information to prevent identity theft and credit file misuse.

    For more information on credit file misuse, or to get more help or information about the security of your credit file, visit our main site www.mycralawyers.com.au, or you can contact us on 1300 667 218.

    Image: adamr/ www.FreeDigitalPhotos.net

     

  • Keep updated about threats to your credit file:

    Do you really know if your credit rating is safe when you’re shopping, surfing, communicating and transacting online?  When you understand personal information and how it can be used by fraudsters, you want to do all you can to protect your personal information both online and offline. We look at one of the best things you  can do to stay up to date with threats to your identity and credit file, and ensure you Stay Smart Online.

    By Graham Doessel, MyCRA Lawyers www.mycralawyers.com.au.  Stay Smart Online Week 2014.

    Stay Smart Online - Proud Partner LR

    It’s important in our age of technology to be able to confidently engage online.  But it is equally important to be able to stay safe while doing that.

    How do you know when you need to update software? Or change a password? When will you know about Security breaches to entities which hold your personal information?

    The Australian Government provides a free subscription based service to home internet users and small businesses offering practical advice about security issues and observations which could impact you, your finances, your identity and your credit rating.

    The Alert Service provides easy to understand information about the latest internet threats, scams, and other risks, and how they can be recognised and addressed. If you’re using your computer at home (and lets face it – who isn’t?) this is like internet security 101.

    We encourage all of our readers to subscribe to this service. It could just save your bacon one day when it comes to internet threats.

    Click here to subscribe to the Stay Smart Online Alert Service.

    Internet fraud can lead to identity theft and in this situation often your credit file can be misused.

    If a fraudster is able to garner enough personal details to get duplicate documents in your name, they not only have your identity – they have access to your credit rating as well.

    This means they can take out credit in your name…and if they’re well-versed in this process – it may not be evident your identity is even compromised until you go to take out credit yourself and are refused.

    Unravelling the tangled web of identity theft at this point can be at times impossible. And unlike bank or credit card fraud, there’s not always reimbursement to be found. Some victims have found they have had to cop the 5 year default on their credit file, because they don’t understand and therefore can’t prove how the identity theft occurred in the first place.

    So our message this week is: take heed, and safeguard your personal information to prevent identity theft and credit file misuse.

    For more information on credit file misuse, or to get more help or information about the security of your credit file, visit our main site www.mycralawyers.com.au, or you can contact us on 1300 667 218.

  • Protect your credit file campaign fights identity theft

    Media Release

    Identity theft‘Protect your credit file’ campaign fights identity theft.

    16 May, 2014

    As the Attorney-General announces rates have ballooned to 1 in 5 Australians affected by identity theft, a credit reporting advocate is running an awareness campaign aimed at reducing the numbers affected by this terrible crime.

    Graham Doessel, who is Non-Legal Director of MyCRA Lawyers, a firm focused on credit disputes, says identity theft can have devastating effects, including damaging the victim’s credit rating.

    “Some identity theft victims can wind up banned from mainstream credit for years because a fraudster has stolen their good name,” Mr Doessel says.

    This comes as a result of an Australian Institute of Criminology survey which revealed that 20.7 per cent of those surveyed had experienced identity theft at some time. 14 per cent were also refused credit following the event and 5 per cent had to commence legal action to clear debts and/or their name.

    Mr Doessel says when fraudsters assume someone else’s identity they can leave a trail of destruction on their credit file.

    “Fraudsters are never so kind as to pay the credit back. Defaults can then mount on the victim’s credit rating and ruin the victim’s ability to obtain credit in their own right,” he says.

    Mr Doessel says there are 10 identity theft prevention tips to be aware of:

    1.       Install automatic software updates on your computer and perform regular scans.

    2.       Change passwords regularly and use a variety of passwords.

    3.       Keep your privacy settings secure on all sites you use.

    4.       Subscribe to the government’s ‘Stay Smart Online’ alerts for computer security updates.

    5.       Check your credit card and bank statements each time they come in for strange activity.

    6.       Shred all personally identifiable information which you no longer need.

    7.       Buy a safe for your personal information at home, and a lock for your mailbox.

    8.       Be aware of who gets your personal information and for what purposes. For instance, is it really necessary for the site you are registering on to store your date of birth?

    9.      Visit the ACCC’s ‘SCAMwatch’ website for updates.

    10.   Check your credit file regularly.

    MyCRA Lawyers is encouraging all consumers to check their credit file to make sure it is as it should be. You can do this for free through www.freecreditrating.com.au once per year.

    “We feel so passionately about credit file awareness, and want to promote how important a credit check is to preventing identity theft and all other credit rating inconsistencies,” Mr Doessel says.

    He says during their ‘protect your credit file campaign’ (which began last week during Privacy Awareness Week, and runs through the month of May 2014), MyCRA Lawyers is giving away up to 50 personal shredders to their new clients. (Conditions apply, see website www.mycralawyers.com.au for full details).

    “Personal information is so important to protect, and one of the simple ways we can help our clients avoid identity theft is by promoting the shredding of personal documents they no longer need,” he says.

    /ENDS.

    For interviews and more information please contact:

    Graham Doessel – Non-Legal Director MyCRA Lawyers Ph 3124 7133

    Lisa Brewster – Media Liaison MyCRA Lawyers media@mycralawyers.com.au

    www.mycralawyers.com.au       www.mycralawyers.com.au/blog www.mycralawyers.com.au/mediacentre

    MyCRA Lawyers 246 Stafford Rd, STAFFORD Qld Ph 07 3124 7133

    About MyCRA Lawyers: MyCRA Lawyers is an Incorporated Legal Practice focused on credit file consultancy and credit disputes. MyCRA Lawyers means business when it comes to helping those disadvantaged by credit rating mistakes.

    http://aic.gov.au/publications/current%20series/rpp/121-140/rpp128/07_results.html

    Image: Chris Sharp/ www.FreeDigitalPhotos.net

  • Privacy Awareness Week 2014: Protecting the Privacy of Your Customers

    There has never been a more important time in business to consider the privacy of your customers. Personal information is more accessible than ever before, and with that, comes the need to create and define boundaries around personal information in the private sector. New laws have just been implemented which expand the scope of privacy law in Australia. This it seems is not merely being ‘over-cautious’ with privacy. A recent survey on identity crime shows it has officially become one of the more common crimes in Australia. Results from a survey of 5,000 Australians on their experiences of identity crime and misuse conducted by the Australian Institute of Criminology (AIC) on behalf of the Attorney-General suggest identity crime directly affects around 1 million Australians each year.

    personal information

     

    The survey has found almost 1 in 10 people experienced misuse of their personal information in the previous 12 months, and 1 in 5 people experienced misuse of their personal information at some point in their lives, with 5% of people experiencing identity crime or misuse resulting in a financial loss in the previous 12 months. Identity theft can impact the finances and the credit rating of victims. If your business handles personal information, this Privacy Awareness Week 2014, with its emphasis on education of Australia’s new Privacy Laws, is a good time to ensure you are meeting your responsibilities to consumers and to your business around Privacy, particularly if your business has obligations under the Privacy Act 1988 (Cth).

    By Graham Doessel, Non-Legal Director of MyCRA Lawyers www.mycralawyers.com.au.

    With the emphasis on privacy protection in Australia’s new Privacy Laws, businesses which handle personal information are required to update their Privacy Policies and possibly their systems to fall in line with new changes. Under the new privacy law the IPPs and NPPs has been replaced by the new, unified, Australian Privacy Principles (APPs) – these will apply to businesses with a turnover of at least $3 million, as well as government agencies. This is just one of the many significant changes to the Privacy Act 1988 (Cth).

    The Federal body which handles Privacy in Australia, the Office of the Australian Information Commissioner (OAIC) has previously suggested some basic questions for businesses to prompt further investigation if necessary into possibly obligations under the Privacy Act 1988 (Cth).

    • Does your business or agency handle personal information? There are some changes to what constitutes personal information under the Privacy Act

    • Do you need to review your business or agency’s privacy policy? You should have an up-to-date policy that is reviewed regularly. The new laws set out some requirements for privacy policies

    • Do you need to review your business or agency’s outsourcing arrangements? You will need to do this particularly if you are sending personal information overseas.

    • Do you use direct marketing to reach your customers? If you do, you will need to provide an easy way for people to opt-out of receiving these communications. There are some new rules in the area of direct marketing

    • Does your business or agency receive unsolicited personal information. There are some new rules on how to handle this information

    • Do your information security systems need to be reviewed and updated?

    privacy policyOn Monday, the OAIC launched ‘A guide to developing an APP privacy policy’ to assist organisations and agencies meet this challenge. The Guide sets out a step-by-step process for developing privacy policies and a helpful checklist. There are also a number of tips to ensure that privacy policies are accessible and clearly expressed.

    The OAIC also launched ‘A revised Guide to undertaking privacy impact assessments.’ A Privacy Impact Assessment (PIA) is an assessment tool that ‘tells the story’ of a project from a privacy perspective. PIAs analyse the possible privacy impacts on individuals’ privacy and recommend options of managing, minimising or removing these impacts. PIAs are one way of building an organisational culture that respects privacy while also minimising the risk of data breach which can result in reputational damage and a range of other costs.

    What else can businesses do to ensure it is creating a culture of respect for Privacy of its customers?

    Privacy and your business

    Good privacy practice is important for more than just ensuring compliance with the requirements of the Privacy Act. If an entity mishandles the personal information of its clients or customers, it can cause a loss of trust and considerable harm to the entity’s reputation. Additionally, if personal information that is essential to an entity’s activities is lost or altered, it can have a serious impact on the entity’s capacity to perform its functions or activities.

    It is important for entities to integrate privacy into their risk management strategies. Robust information-handling policies, including a privacy policy and data-breach response plan, can assist an entity to embed good information handling practices and to respond effectively in the event that personal information is misused, lost or accessed, used, modified or disclosed without authorisation. (OAIC Guide to Information Security)

    There is a large amount of help in the OAIC’s Privacy Business resources section on their website, including a Privacy checklist for small businesses.

    It is important businesses don’t leave privacy to chance. Possible ramifications of not protecting personal information can be that customers are left embarrassed, distressed, or potentially financially affected. In the case of identity theft, where personal information is used to assume the identity of the victim, there is a grave potential for credit to be taken out in the vicitm’s name. Their credit rating can be destroyed for 5 to 7 years due to defaults they haven’t actually incurred themselves. Click here to find out more about the ramifications of identity theft on the credit rating. (Article courtesy of MyCRA Credit Repair).

    Under the amended laws, the Privacy Commissioner has been given enhanced powers to conduct assessments of privacy performance for government agencies and businesses, as well as the ability to accept enforceable undertakings and importantly, to seek civil penalties in the case of serious or repeated breaches of privacy.

    MyCRA Lawyers is an Incorporated Legal Practice focused on credit file consultancy and credit disputes. MyCRA Lawyers means business when it comes to helping those disadvantaged by credit rating mistakes.

    MyCRA Lawyers is a proud partner for Privacy Awareness Week 2014.

    PrivacyWeek-Banners-R1 - 2013-3

    Link to see more on the AIC Survey on Identity Theft and Misuse in Australia 

    Image 1: pakorn/ www.FreeDigitalPhotos.net

    Image 2: Stuart Miles/ www.FreeDigitalPhotos.net

     

  • Privacy Awareness Week 2014: New Privacy Laws and You

    PrivacyWeek-Banners-R1 - 2013-3MyCRA Lawyers is a proud partner for Privacy Awareness Week (PAW), held 4-10 May 2014. Privacy Awareness Week is held every year to promote awareness of privacy issues and the importance of the protection of personal information. This year is focused on our new Australian Privacy Laws, which came into force on 12 March 2014. Find out about how Privacy Laws may affect you and your credit rating, this week during PAW.

    By Graham Doessel, Non-Legal Director of MyCRA Lawyers www.mycralawyers.com.au.

    In an age of increasing accessibility of personal information, privacy is growing ever more important, and more valued for Australians. According to a recent survey by the Office of the Australian Information Commissioner (the federal Australian Government body responsible for privacy in Australia), a third of Australians reported they had a privacy problem in the last year. In addition, 60% of Australians decided not to deal with a private business and 25% have decided not to deal with a government agency due to concerns as to how their personal information will be used.

    Australia’s new privacy laws were the most significant changes to privacy laws in over 25 years, affecting a large section of the community. The changes to the Privacy Act 1988 include a new set of Australian Privacy Principles that regulate how your personal information is handled and new enforcement powers for the Office of the Information Commissioner (OAIC).

    One of the aims of the new privacy laws is to ensure that your personal information is managed in an open and transparent way.

    Here are some tips provided by the OAIC during PAW, to help you protect your personal information:

    • Know your privacy rights

    • Read privacy policies and notices

    • Always ask why, how and who — this will help you to know how your personal information is going to be used, and if it is going to be given to another agency or organisation

    • Only give out as much personal information as you need to — always think before handing your personal information over

    • Ask for access to your personal information

    • Make sure the information an organisation or agency holds about you is accurate and up to date

    • Take steps to protect your online privacy

    • Make sure your hard copy records are properly destroyed

    • You can ‘opt out’ of marketing communications if you do not want to receive any further contact of this kind

    • Make a privacy complaint if you consider that your personal information has not been handled properly.

    Many identity theft cases that impact your credit rating could have been prevented with better education and more vigilance around the protection of personal information. Complacency around personal information, both on the part of consumers and entities such as agencies and businesses, can be the undoing of someone’s ability to obtain credit.

    Pieces of personal information are the building blocks for credit file misuse. You can lose your personal information to fraudsters in many ways, and you may be unaware of how or when it has occurred – particularly if it has happened via malware, through data breaches or even through too much sharing online.

    Sometimes it’s not until you apply for credit and are refused that you even find out you have been exposed to identity fraud, and by then it may be too late to detect how it took place.

    This is why it is so important for all Australians to educate themselves on how to keep their information secure, and to demand that any information they are required to give over to any person or company be treated with the utmost privacy. Australia’s new Privacy Laws will hopefully add the requirements for all entities holding our personal information to be more aware of and accountable for upholding personal information privacy.

    You can find out about your rights in more detail through the OAIC’s Privacy factsheet ‘How changes to privacy law affect you.’

    THIS PAW WEEK: If you have a business, get some help in our next post with how to navigate the new privacy laws, including how to update your Privacy Policy, and how and when to conduct a Privacy Impact Assessment. For consumers and businesses alike, also stay tuned this week for how Australia’s new Privacy Laws may impact your ability to obtain credit, through changes to credit reporting laws.

     

  • Critical internet security information: bug ‘Heartbleed’

    Is your website or online service running OpenSSL? Or are you an internet user who gives out personal details or uses services within OpenSSL? Then your security may be at risk. According to internet security experts ‘Heartbleed’ is a major vulnerability in common encryption software which is affecting many websites and online services. Heartbleed is so widespread it could leave millions of servers on the internet open to an attack and could allow sensitive data including usernames and passwords to be stolen. We look more at this vulnerability, what you can do about it, and what the risks are when personal and financial information has been stolen, especially for the affected person’s credit rating.

    By Graham Doessel, Non-Legal Director MyCRA Lawyers www.mycralawyers.com.au.

    internet security

    The bug

    The Government’s Stay Smart Online (SSO) website has issued a HIGH priority security bulletin for those websites and online services running OpenSSL due to a major security vulnerability which has been discovered:

    The OpenSSL vulnerability is reported to have been around since 2011. Following recent publicity, there is growing evidence that websites are being targeted using this vulnerability.

    According to SSO, around two-thirds of websites and many other services currently use affected versions of OpenSSL (which stands for Open Secure Socket Layer, the most common cryptographic software used on most web servers). You would recognise websites using OpenSSL by the small padlock icon in the browser address bar or the ‘s’ added to the ‘http’ prefix for web addresses.

    There is an official webpage for this bug, and I encourage all to read the webpage, and seek help in this area if necessary. It advises that unlike bugs in single software or library which are able to be fixed by new versions, this bug is more dangerous because it has left a large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously.

    Heartbleed.com explains in more detail what the bug does:

    The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

    The even scarier part of this vulnerability, is that if there had been someone hacking information, they would leave no trace of attack.

    Who is at risk

    OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet.

    According to Heartbleed.com:

    Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL. Many of online services use TLS to both to identify themselves to you and to protect your privacy and transactions. You might have networked appliances with logins secured by this buggy implementation of the TLS. Furthermore you might have client side software on your computer that could expose the data from your computer if you connect to compromised services.

    How widespread is this?

    The most notable software using OpenSSL are the open source web servers like Apache and nginx. The combined market share of just those two out of the active sites on the Internet was over 66% according to Netcraft’s April 2014 Web Server Survey. Furthermore OpenSSL is used to protect for example email servers (SMTP, POP and IMAP protocols), chat servers (XMPP protocol), virtual private networks (SSL VPNs), network appliances and wide variety of client side software. Fortunately many large consumer sites are saved by their conservative choice of SSL/TLS termination equipment and software. Ironically smaller and more progressive services or those who have upgraded to latest and best encryption will be affected most. Furthermore OpenSSL is very popular in client software and somewhat popular in networked appliances which have most inertia in getting updates.

     

    Affected versions of the OpenSSL

    Status of different versions:

    •OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable

    •OpenSSL 1.0.1g is NOT vulnerable

    •OpenSSL 1.0.0 branch is NOT vulnerable

    •OpenSSL 0.9.8 branch is NOT vulnerable

    Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

    In Australian Broker on Wednesday, Deloitte security, privacy and resilience head Anu Nayer said it is vital for businesses who run a website or online service that the company’s technical team knows all the websites and web services the organisation has so they can check all the necessary sites. He outlined some important questions to determine your level of risk:

    •How have you determined whether each of our websites and web services has OpenSSL service enabled?

    •What type of sensitive information do we have that is accessible from the internet? What type of information would have been at risk?

    •Have we looked at our logs to determine if there have been any successful or unsuccessful attempts to exploit this issue? What did we find? Are we monitoring our network to look for indications of attacks?

    •What steps have we taken to mitigate the issue?

    •How have you confirmed that the fixes have been applied successfully?

    •Have you got assurances from our vendors, external hosting providers and application cloud services that they have fixed any vulnerable systems?

    The risks

    Obviously the information being shared in OpenSSL is of a secure nature for one reason or another, so someone with access to this information could do a whole host of things, including make use of, or on-sell information to fraudsters, cyber-terrorists or spammers.

    They can also use the information to commit identity theft – the fastest growing crime in Australia.

    Information like dates of birth, account numbers, full names and other personal information can be used to steal your identity and take credit out in your name. Fraudsters have been known to go so far as to take out personal loans, credit cards and even mortgage homes in their victim’s name. Unfortunately fraudsters are never so kind as to pay this credit back – which leads to defaults on your credit rating. Most victims are unaware of this until they apply for credit in their own right and are flat out refused.

    Defaults remain on the credit file of individuals for between 5 and 7 years. Often not much of a trail is left and prosecutions don’t come easily.

    The fix

    Open SSL 1.0.1g or newer should be used.

    If this is not possible software developers can recompile OpenSSL with the handshake removed from the code by compile time option -DOPENSSL_NO_HEARTBEATS

    Nayer says for organisations, it would also pay to consider if it is appropriate to revoke any Certificates which were used while the organisation ran exposed versions of OpenSSL.

    “Even after a fix is applied, the private cryptographic keys your systems are relying on to protect their communications could already have been compromised and this fix won’t address that compromise,” he said.

    For consumers, changing passwords regularly may help, and in addition a regular credit check can ensure you aren’t vulnerable to identity theft. Look for changes in personal details as well as suspicious credit enquiries in your name as a first sign of identity theft.

    Image: joesive47/ www.FreeDigitalPhotos.net

     

  • Online shoppers preyed on by fraudsters this Christmas

    Media Release

    christmas shopping onlineOnline shoppers preyed on by fraudsters this Christmas.

    26 November 2013

    More Australians will shop on the internet this Christmas, but a consumer advocate warns the increase in online trading could bring out more fraudsters looking to prey on time-poor and budget conscious consumers with schemes to not only take money, but personal information for purposes of identity theft.

    Graham Doessel, Non-Legal Director of MyCRA Lawyers, a firm which helps clients dispute their credit rating, says any unfamiliar retailer should be treated with caution, particularly those seeking personal information.

    “Consumers should be weary of those retailers seeking more personal information than would normally be necessary for a standard transaction, as we know that personal information can be stored and used to commit identity theft against unsuspecting consumers,” Mr Doessel says.

    “If fraudsters are able to get enough personal information they can request replacement copies of identification in your name and gain hold of your credit rating, so it may be your personal details that the crooks are really after.”

    He warns that unlike cases of bank fraud, where consumers may be reimbursed for stolen funds, an identity fraud case can be much more complicated and harder to recover from.

    “An identity theft victim may not always know the exact circumstances leading to debts in their name. In some cases they don’t even know they’ve been a victim until they apply for credit. There can be defaults and Judgments against their name which see them locked them out of credit for 5 years,” he says.

    According to the ACCC’s annual report on scam activity, online shopping scams have increased by 65 per cent since 2011. The ACCC cites the increase in online activity as the reason for the rise in scams.

    The Government’s Stay Smart Online website provides some online transaction safety advice:

    • Be wary if the website looks suspicious or unprofessional or makes unrealistic promises. Bargains which look too good to be true often are.
    • Only pay via a secure web page-one that has a valid digital certificate.
    • Use a secure payment method such as PayPal, BPay, or your credit card. Avoid money transfers and direct debit, as these can be open to abuse. Never send your bank or credit card details via email.
    • Always print and keep a copy of the transaction. Keep records of any emails to and from the seller.
    • Always conduct transactions within the auction website. Avoid private contact or payment directly with buyers or sellers-scammers will often use this ploy to ‘offer a better deal.

    Mr Doessel says if people worry they may have been caught out by identity theft this Christmas, they should act quickly to prevent credit file repercussions.

    “They should contact Police immediately, as well as their bank. They should also order a copy of their credit report – which would indicate if their credit file had been misused,” he says.

    In some cases victims may need the services of a credit reporting lawyer following identity theft to help with recovering their good name.

    About MyCRA Lawyers    : MyCRA Lawyers is an Incorporated Legal Practice focused on credit file consultancy and credit disputes. MyCRA Lawyers means business when it comes to helping those disadvantaged by credit rating mistakes.

    /ENDS.

    Please contact:

    Graham Doessel – Non-Legal Director MyCRA Lawyers Ph 3124 7133

    Lisa Brewster – Media Relations     media@mycra.com.au

    Ph 07 3124 7133     www.mycra.com.au  www.mycra.com.au/blog

    MyCRA Lawyers     246 Stafford Rd, STAFFORD Qld

    http://www.accc.gov.au/publications/targeting-scams-report-on-scam-activity/targeting-scams-report-of-the-accc-on-scam-activity-2012
    http://www.staysmartonline.gov.au/home_users/protect_yourself2/smart_online_shopping

    Image: sixninepixels/www.FreeDigitalPhotos.net

  • 1 in 12 Australian credit ratings threatened by identity theft.

    Media Release

    Identity theft1 in 12 Australian credit ratings threatened by identity theft.

    24 October 2013

    A survey conducted for the Attorney-General’s Department reveals Australian credit ratings are under increasing threat from ballooning identity theft numbers, and a consumer advocate for accurate credit reporting warns victims can pay heavily, with many locked out of mainstream credit for years.

    CEO of MyCRA Credit Rating Repair, Graham Doessel says when fraudsters take out credit in their victim’s name they can leave a trail of destruction on the victim’s credit file.

    “Fraudsters are never so kind as to pay the credit back. Defaults can then mount on the victim’s credit rating and hinder the victim’s ability to obtain credit in their own right,” Mr Doessel says.

    He goes on to say that “unless the victim can prove they didn’t initiate the credit in the first place, these defaults stay on the credit file for the term, which is five years.”

    The warnings come following the release of the ‘Identity Theft Concerns and Experiences‘ survey conducted by Di Marzio Research for the Attorney-General’s Department. (1)

    The survey found that identity theft had increased by a massive 40 per cent from 2011 to 2012 to almost one in four Australians having been a victim or known somebody who has been a victim of identity theft.

    It also showed 31 per cent of those victims had had their identity used to obtain finance, credit or a loan. This is an increase of 5 per cent from the previous survey in 2011.

    These figures correlate to almost one in every twelve Australians being victims of identity fraud which has had the potential to impact their credit rating.

    Mr Doessel says pieces of personal information are the building blocks for credit file misuse.

    “People can lose personal information in many ways, and they may be unaware of how or when it has occurred – particularly if it has happened via malware or even through too much sharing online,” he explains.

    “Sometimes it’s not until the victim applies for credit and is refused that they find out they have been exposed to identity fraud, and by then it may be too late to trace how it took place.”

    The survey pinpointed the private sector (Credit Providers such as banks and telcos) as providing victims with the most help with recovery, at 48 per cent – followed by Police at 32 per cent. Interestingly the government was cited as providing only 8 per cent of help with recovery, and 18 per cent of people had no help with recovery.

    But Mr Doessel warns that whilst Credit Providers may be able to help with reimbursing some identity theft victims, those that end up with defaults may not be so lucky.

    “It’s not a simple case of being ‘reimbursed’ for credit file misuse under the Credit Provider’s insurance. It is a slow and difficult process to try and recover a good name which has been tarnished,” he says.

    Mr Doessel says preventative measures centre around the safeguarding of personal information.

    “Get up to speed on the ways that fraudsters could misuse your personal information or your credit rating. Put as many preventative measures in place as possible, so that you have the least possible chance of becoming a victim.”

    “Also, check for credit file discrepancies. We recommend people regularly obtain a copy of their credit report to ensure that everything on their file is as it should be. That way if there are any problems, they can be rectified while there is no urgency,” he says.

    Under current legislation a credit file report can be obtained for free every 12 months from the major credit reporting agencies Veda Advantage, Dun and Bradstreet and TASCOL (if in Tasmania) and is sent to the owner of the credit file within 10 working days, or for a fee it can be sent urgently.

    Mr Doessel adds, Australia needs to create a culture of transparency when it comes to combatting this crime.

    “Talk, talk, and talk some more, about what you know about identity theft.  If you’re a victim – tell others about your story. In particular, talk to young people who might not fully understand the consequences of giving away their personal information and also talk to older people – who may be less tech-savvy and more vulnerable to predators,” he advises.

    You can find more information on identity theft on the Attorney General’s Website http://www.ag.gov.au/identitysecurity.

    /ENDS.

    Please contact:

    Graham Doessel – CEO Ph 3124 7133

    Lisa Brewster – Media Relations media@mycra.com.au

    Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog

    MyCRA Credit Repair 246 Stafford Rd, STAFFORD Qld

    MyCRA is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files.

    (1) http://www.ag.gov.au/RightsAndProtections/IdentitySecurity/Documents/Identity%20Theft%20Data%20Survey%20Report%202012%20[PDF%205.3MB].pdf
    Unsubscribe me from this list

    Image: Victor Habbick/ www.FreeDigitalPhotos.net[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

  • Identity fraud survey: Find out if you are protected

    Identity FraudIt’s Identity Fraud Awareness Week 2013 this week running October 13 to October 19. Identity fraud can leave your credit file in ruins, and in some cases can mean a five year battle to recover your good name. Find out how protected you are from identity fraud by taking the Australian Federal Police’s (AFP) online identity fraud survey. Read more about how identity crime can impact your credit file. Know the basic things to keep you and your credit file safe. And this week, take steps to safeguard yourself in the future, and pass on the message of safety to the people around you.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

    Identity theft victims who have had credit taken out in their name can often struggle to recover from having their identity stolen long after the initial fraud has occurred.

    People can have mobile phones and credit cards taken out in their name as a minimum. Some can even have mortgages and cars purchased in their name.

    The real pain comes when a victim discovers defaults on their credit file – which not only ruins their ability to obtain credit at the time, but those listings remain on their credit file for usually five years from the initial fraud.

    What is not often realised is how difficult getting default listings removed from the credit file can be. Even for a victim of identity theft, there is no guarantee the defaults can be removed from their credit file. The victim often has to try to prove they didn’t instigate the credit in the first place. This can be difficult if victims are not aware of how or even when the identity theft occurred.

    The Australian Crime Commission now sites high-tech organised crime as costing Australians $15billion a year, and is reported to be the fastest growing crime in the country. And the Australian public is starting to become concerned.

    Results from the Office of the Australian Information Commissioner’s (OAIC) 2013 Community Attitudes to Privacy survey were released last week. The survey reports that 48% of Australians believe that online services, including social media, now pose the greatest privacy risk. Only 9% of survey respondents considered social media websites to be trustworthy in protecting privacy.

    To know if you may be vulnerable to identity fraud – take the AFP’s identity crime survey this week, and pass it on to people you know. Most involved in identity crime prevention agree that Australians need to increase their knowledge of identity theft, and how to protect themselves – particularly with the volume of computer use in this country. Here are some ways the AFP suggest we can all protect ourselves form identity theft:

    How can I protect myself from becoming a victim of identity theft?

    You can take some simple steps to reduce the risks of having your personal information stolen or misused:

    • secure your mail box with a lock and make sure mail is cleared regularly

    • shred or destroy your personal and financial papers before you throw them away, or keep them in a secure place if you wish to retain them

    • always cover the keypad at ATMs or on EFTPOS terminals when entering your PIN, and be aware of your surroundings— is anyone trying to observe or watch you, are there any strange or loose fixtures attached to the machine or terminal?

    • ensure that the virus and security software on your computers and mobile devices is up-to-date and current

    • don’t use public computers (for instance, at an internet café), or unsecured wireless ‘hotspots’, to do your internet banking or payments

    • be cautious of who you provide your personal and financial information to—ensure that there is a legitimate reason to supply your details. Don’t be reluctant to ask who will have access to your information and which third parties it may be supplied or sold to. Ask to see a copy of the Privacy Policy of the business before you supply your details

    • only use trusted online payment websites for items won at online auctions or purchased online. Never make payments outside of trusted systems—particularly for goods which you have not yet received

    • regularly review your bank statements and obtain a copy of your credit history report. Report any unauthorised transactions or entries ASAP

    • ask your bank or financial institution for a credit or debit card with an embedded ‘micro-chip’—they are more secure than cards with only magnetic stripes

    • do not respond to scam emails or letters promising huge rewards if bank account details are supplied, or in return for the payment of ‘release fees’ or ‘legal fees’

    • if responding to an online employment or rental advertisement, be wary of transmitting personal information and copies of documents via email or electronically. If asked to attend an interview, do some prior research to confirm the legitimacy of the company or employment agency

    • in relation to social networking sites, always use the most secure settings. Take extreme care if placing personal details such as date of birth, address, phone contacts or educational details on your profile, and do not accept unsolicited ‘friend’ requests

    • for other useful tips, refer to the “Protecting Your Identity booklet – What Everyone Needs to Know (PDF, 700KB)“, published by the Attorney-General’s Department.

    • take our online identity crime survey to see how secure your identity is.

    I believe it is also really important to be aware of what your credit file says, and to know if there have been any changes you haven’t initiated.

    In my experience often credit file discrepancies can be the first sign we have been victims of identity theft. It is a good idea to regularly obtain a copy of your credit report to ensure that everything on your credit file is as it should be. Strange credit enquiries, changes of contact details, and of course default listings you are unaware of can mean someone has been using your identity.

    A credit file report can be obtained for free every 12 months from the major credit reporting agencies Veda Advantage, Dun and Bradstreet and Tasmanian Collection Service and is sent to the owner of the credit file within 10 working days. Or you can pay to have it sent urgently.

    If you are vulnerable to identity theft, you may also be able to purchase an alert service with credit reporting agencies – to be kept updated on any changes to your credit file which can indicate identity theft attempts.

    This Identity Fraud Awareness Week, the take home message from MyCRA would be:

    • stay vigilant (you never know when identity theft could strike)
    • stay informed (fraudsters are always thinking of new ways to trick people so try to stay one step ahead – it might help to sign up for alert services from Stay Smart Online, and check the ACCC’s Scamwatch website regularly)
    • and talk to others (you don’t want family and friends to become the next victim).

    Image: Victor Habbick/ www.FreeDigitalPhotos.net

  • Two Australians arrested for ID Theft

    Police StationAustralian Federal Police announced late last week they had arrested two men producing fake identity material and committing credit card fraud. We look at the details of this arrest (which was a joint operation by the Identity Security Strike Team), and the recommendations Police make to ensure YOU lessen your chances of falling victim to identity theft and having your ability to obtain credit impacted by defaults.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

    Police report the operation began in January when intelligence gathered in previous operations identified a 52-year-old Beverly Hills man suspected of manufacturing fake identification and credit cards. Here is an excerpt from their media statement last week:

    Following investigative activities over the past eight months, search warrants were executed at a number of locations on Tuesday, including a Riverwood premises where police will allege that the 52-year-old man manufactured false documents, including driver licences, Medicare cards and credit cards. A 47-year-old Burwood man was identified as sourcing the identification information and supplying the completed false identification documents to others.

    A substantial amount of cash was also seized during Tuesday’s search warrants. The alleged criminal activity used high-end printing and manufacturing equipment to produce cards that were strong versions of officially-issued items.

    NSW Police Force Serious Crime Director Peter Cotter commended investigators for their efforts dismantling the group.

    “They had a well-resourced set-up and were capable of quickly reproducing a range of fraudulent identification documents which appeared to be the genuine article, making them particularly difficult to detect in our community,” Detective Chief Superintendent Cotter said.

    “This is a great example of how powerful law enforcement is when we work collaboratively to combat crime. The arrests serve as a warning for others who choose to engage in this type of criminal behavior.”

    NSW Roads and Maritime Services Director of Customer and Compliance Peter Wells said improved links with other identity issuing agencies was continuing to ensure identity thieves were apprehended.

    Identity theft is the curse of the 21st Century and that is becoming more evident in our industry of credit rating repair. There are more and more people needing help with repairing their credit file due to having their identity misrepresented in some way.

    Often the first time we are aware of identity theft is when we apply for credit and are flatly refused due to defaults on our credit file that are not ours.

    Credit file defaults are difficult for the individual to remove and generally people are told by creditors they remain on our file for 5 years, regardless of how they got there.

    Although it seemed so easy for the fraudster to use your good name in the first place, you are now faced with proving the case of identity theft with copious amounts of documentary evidence.

    If you have neither the time nor the knowledge of our credit reporting system that you may need to fight your case yourself, you can seek the help of a credit repairer. A credit repairer can help you to clear your credit file and restore the financial freedom you rightly deserve.

    The reason a credit repairer is usually so successful in removing your credit file defaults, is their relationships with creditors, and their knowledge of current legislation.

    If you have just found out you are a victim, we recommend you also contact the Police. Don’t be embarrassed – it is only through identity theft being reported that data gets collected and appropriate preventative measures eventually get put in place.

    Police offer some “red flags” which may show your identity security has been compromised. Top of their list, was your credit report. Checking your credit report regularly is essential to ensure your information is accurate. Your personal details on your credit report should also be checked to ensure they have not been altered by identity thieves. You can check your credit report free once per year. Click here to find out more

    POLICE TIPS FOR PROTECTING YOUR IDENTITY:

    •Check your credit report every year. If you find that you have been marked as having unpaid accounts, for example, that you have never heard of, you might have become the victim of an identity theft.

    •If you are on the phone, confirm that the persons you are making contact with are who you think they are.

    •Lock postal mailboxes to deter theft of mail.

    •Always store any personal or financial documents in a safe place.

    •Do not provide your tax file numbers or other identifying information to people who don’t have a requirement to know.

    •Destroy old documents and cards before disposing of them, otherwise your rubbish could become someone else’s means to stealing your identity.

    •Keep your credit and debit cards secure and never let them leave your sight when paying for something, for example the bill at a restaurant.

    •Report missing or stolen passports to the Department of Foreign Affairs and Trade.

    •Report missing or stolen driver licenses to your state/territory roads and traffic authority.

    •Report missing or stolen credit/debit cards to your bank or other financial institution.

    •Report missing or stolen mobile phones to your telecommunication provider.

    •Ensure that your personal computer has up to date software and antivirus software installed.

    •Be aware of phishing emails through which criminals will try to elicit your personal information (including credit card numbers).

    If you would like to know more about identity theft and your credit file, visit this link http://www.mycra.com.au/identity-theft/.

  • ‘TAX REFUND NOTIFICATION’ Don’t get caught out with this scam at tax time.

    tax refund notificationA high priority alert has just been issued from Stay Smart Online in regards to malware-carrying emails supposedly from the Australian Taxation Office, which could send your credit file into the doghouse. Most people who regularly read this blog will probably be well aware of the high prevalence of scam emails designed to capture your financial details either directly or through malware. They would also be well aware of the dangers that can pose for your ability to obtain credit in your own right if fraudsters steal your identity and pose as you to take out credit in your name. But we feel it is important to remain vigilant in warning the community when such emails are on the increase. They could just catch out someone you know. So we look at the details on this email and its variants, and what dangers it poses for the financial information of ordinary Australians.

     

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

    Today Stay Smart Online (the government’s online safety website) issued a warning about cyber criminals taking advantage of the upcoming tax deadline for filing tax returns by launching thousands of scam emails. The emails are purporting to be from the ATO, but contain malware which can steal your personal information.

    Security firm Bitdefender reported the detection of three email spam campaigns in late July and early August that saw up to 10,000 spam emails sent on 6 August. This surpassed the 3,000 messages sent on 23 July and the 5,000 messages sent on 15 July.

    “This sort of malicious outbreak is expected to continue heavier and more targeted as the tax time approaches its deadline in October,” a Bitdefender advisory warned. “Attackers hope their targets are too concerned with their financial duties to double check the sender’s address and discover the con.”

    If your system is infected by the malware in these messages, private data such as passwords and logins for financial institutions can be stolen and distributed to cyber criminals who will exploit it for financial gain.

    If your computer becomes infected, not only can personal information be stolen, but malware may force the computer to join a global ‘botnet’ that uses thousands of slave computers to distribute further malware-laden emails—or it might take part in distributed denial of service (DDoS) attacks. Among other things, this can seriously reduce the effective speed of a home Internet connection.

    What the emails look like…

    Most common spam emails

    ‘Australian Taxation Office – Refund Notification’, with body text including ‘TAX REFUND NOTIFICATION’. It instructs you to open an attachment called ‘ATO_TAX_pokeefe.zip’ or similar. The attachment is typically malware.

    ‘New information regarding lodgement’ and suggests that the ATO has been attempting to refund a payment to “the credit card we have on file.” Recipients are advised to log into an ‘e-portal’ to receive the refund manually, and that “during the payment process you will be given the opportunity to update the credit card that is on record.”

    Important Information…

    The ATO will never ask for such information via email. Any email that requests additional information before a refund can be released is a hoax.

    If you receive a message like this, do not under any circumstances open the attachment. Delete the message immediately. Never open attachments that arrive with these sorts of messages.

     

    Identity theft and your credit file

    Identity theft can lead to fraud, and can affect your credit file. It often goes undetected until the victim applies for credit and is refused.

    Any kind of credit account (from mortgages and credit cards through to mobile phone accounts) which remains unpaid past 60 days can be listed as a default by creditors on the victim’s credit rating, and those defaults remain there for 5 years.

    The consequence of people having a black mark on their credit rating is generally an inability to obtain credit.  Most of the major banks refuse credit to people who have defaults, or even too many credit enquiries, so it is really essential to keep a clean credit record.

    If you think your identity has been stolen, or that your personal information has been compromised there are three things you should do to protect your credit file:

    1. Contact Police immediately

    2. Contact the credit reporting agencies which hold your credit file.

    3. Contact your Credit Providers – especially financial institutions.

    If you think your tax file number has been stolen, you can visit the ATO’s Client Identity Support Centre for more help. They also give comprehensive advice on what to do in different situations of theft of your personal information.

    By law in Australia, if a listing contains inconsistencies the credit file holder has the right to negotiate their amendment or removal.

    But to clear their good name, the identity theft victim needs to prove to creditors they did not initiate the credit – which can be difficult. Not only are victims generally required to produce police reports, but large amounts of documentary evidence to substantiate to creditors the case of identity theft.

    Contact www.mycra.com.au for more details on credit repair following identity theft.

    Image: Stuart Miles/ www.FreeDigitalPhotos.net