MyCRA Specialist Credit Repair Lawyers

Tag: Identity Theft

Children targeted for clean credit history

An interesting story just out of the United States on ID theft attempts on the credit files of children. Whilst Australia has vastly different laws when it comes to children and credit history, we want to share this story with you, to show that children are targets for fraudsters – and to explain what the dangers may be for our Australian children when it comes to fraudsters and their credit file.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

An alarming report by ABC 2 WBay last week ‘ID Thieves Targeting Children’s Clean Credit History’, revealed that children and adolescents have become the fastest growing sector of identity theft victims in the United States. In the U.S., children are allocated a Social Security number from birth, and it is this number that fraudsters are using to steal the identities of their young victims, and take credit out in their name. Here is an excerpt from that story:

Experts warn from the time your child gets a Social Security number, their personal information needs to be protected.

“Be aware of how your children’s personal information is used just like your own information–Social Security number, and date of birth–be aware of how it is being used,” says Jim Walsh, U.S. Postal Inspector.

In a recent case, more than 500 elementary school kids in Los Angeles had their information compromised. A suspect with access to school files sold the kids’ personal information to another suspect.

“There were hundreds of accounts opened and most of the accounts were used to get money,” said Walsh.

The suspects withdrew cash advances, or they would sell the names to make fake IDs.

Postal inspectors say children have clean credit histories, which makes them appealing to criminals.

“If they apply for a loan or try to get credit, they could find out their credit is basically ruined and wouldn’t know it the whole time they are growing up,” said Walsh.

That’s why it’s important to periodically check your child’s credit.

Unlike the U.S. system, Australian children don’t have a social security number, so they are protected from any immediate identity theft. But what Australian Police have been concerned about in the past is that children are still targets for fraudsters due to their clean credit history, but instead of using personal information straight away as in cases in the U.S. it may be being stored or ‘warehoused’ until the child turns 18.

The main area Police have been concerned about is Facebook – which remains incredibly popular with children, and gives them the option to openly share their personal information on the internet.

The Australian Federal Police’s national co-ordinator of identity security strike team, Ben McQuillan spoke about the dangers of identity crime as far back as 2011 at a forum in Sydney on money laundering and terrorism.

He warned listeners about what was then a new trend of ‘warehousing’ which involves storing data for a time, making it harder for a victim or bank to trace where and when the data was stolen.

”If people know your full name, your date of birth, where you went to school and other lifestyle issues, and they were to warehouse that data, there is a prospect that could then be used to take out loans or credit cards or to create a bank account that could then be used to launder money,” Mr McQuillan told the Sydney Morning Herald.

This warning was echoed by Queensland Fraud Squad’s Superintendant Brian Hay, who warned that criminals were targeting the personal information of our young Facebook users.

Supt Hay said criminals had been known to be storing the personal information of children around the world in databases to be used when they turn 18 and are able to take out credit.

“We know that the crooks have been data warehousing identity information, we know that they’ve been building search engines to profile and build identities,” he told Channel 7’s Sunrise program in October 2011.

“We need to tell our children if you surrender your soul, if you surrender your identity to the internet it could come back to bite you in a very savage way years down the track,” he said.

This data warehousing could leave the newly credit active young person blacklisted from credit well into their 20’s. For 5 years they are locked out of credit, refused cards, loans, even mobile phones. It need not be major fraud to be a massive blow to the identity theft victim. Unpaid accounts for as little as $100 can have the same negative impact on someone’s ability to obtain credit as a missed mortgage payment. So any misuse of someone’s credit file can be extremely significant.

Proving the case of identity theft when attempting to recover a clear credit rating is already difficult for the individual to undertake, as the onus is on the victim to prove to creditors they didn’t initiate the credit. Adding to that the fact that the perpetrator would be long gone with the actual act of identity theft happening years earlier – and those young people will have a very difficult task of recovery indeed.

So how can we protect our children? In the same way we may protect our own identity and credit file.

It begins with taking an active role in children’s computer use, and realising that their personal information is just as coveted as our own. Perhaps even more so – as the likelihood the child will have a clean credit history to begin with is even higher.

Image: imagerymajestic/ www.FreeDigitalPhotos.net

27/08/2013
Google Chrome doesn’t secure stored passwords

Stay Smart Online (SSO) has issued an urgent warning to Google Chrome users who save their passwords to their browser. Passwords are not secured properly – allowing other users to be able to view all saved passwords! We look at the vulnerabilities for this method on any browser, and look at what other methods of password retrieval computer users can to adopt to protect their important personal information and ultimately – their credit file.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Here is an excerpt from the SSO warning – issued on Friday:

Chrome will typically prompt you to save your password for a site that you visit, and remember this for future logins. While other browsers offer the option of a “master password” that can be activated to protect your passwords, Chrome does not.

On any Google Chrome browser, you can type chrome://settings/passwords into the URL bar. This will display a page listing all of the passwords held by that browser—for all users of that computer.

This is particularly concerning for shared computers. You should never save your passwords when using shared computers, such as public computers at a library or airport.

Do not rely on your browser to safely store passwords for you if someone else has physical access to that machine.

Only allow people you trust to access to your computer, especially if that computer contains confidential information.

Online expert Daniel Smith says saving passwords on your browser is something you should never do.

“It may be a convenient way to store the many passwords you might have for different accounts, but if it’s convenient for you, it can be convenient for anyone looking to steal them as well,” he says.

Daniel recommends people wanting to remember difficult passwords should use a secure and trusted third-party tool to protect and manage their passwords rather than save them to their browser.

“Sites such as Passpack.com or Lastpass could be good secure options for password management. One thing to note is that passpack has never been hacked. Another thing to note is that all browsers not just chrome do this,” Daniel says.

Daniel’s Key Tips To Protect Your Password

1. Use secure passwords. Come up with a unique password scheme – for example every 3rd vowel is a number or symbol. Or you could use two unrelated words which are memorable to you, and use tools like the Shift key to create a password that can’t be easily deciphered.

2. Use a different password for each account. It may be harder to remember, but it may just take a little bit of work to make your passwords unique and also easy to remember.

3. Use a unique username – not the default setting. Don’t use ‘admin’ as a username. You should use a username with at least 8 characters and include characters you have to press Shift for.

4. Minimise password login attempts. For sites you have control over access to – restrict the number of attempts allowed to access the site, before the user is ‘locked out’, which prevents multiple attempts to crack the password.

5. Include a 2-step verification plug-in. You can download a plug-in which requires 2-step authentification similar to bank requirements when logging in to the site. These are harder to infiltrate by hackers, but Daniel says many don’t use them because they are inconvenient.

6. Never store passwords in your browser. Take time to make passwords unique yet easy to remember or use a secure third-party password manager if necessary.

Personal Information Security and Your Credit File

Stealing passwords or personal information through these channels can lead to identity theft and potentially fraud. Hackers can on-sell your personal information to fraudsters who have identity theft as part of their repertoire.

Information like passwords, dates of birth, account numbers, full names etc can be warehoused and used to steal your identity and take credit out in your name. Fraudsters have been known to go so far as to take out personal loans, credit cards and even mortgage homes in their victim’s name.

Fraudsters are never so kind as to pay this credit back – which leads to defaults on your credit rating. Most victims are unaware of this until they apply for credit in their own right and are flat out refused.

For between 5 and 7 years you can be locked out of credit while your credit rating shows up someone else’s defaults.

Unfortunately in the past it has not been easy for identity theft victims to prove they did not initiate the credit, particularly if they have no idea how they were duped in the first place. Often this sophisticated type of fraud is instigated by overseas crime syndicates who don’t leave much of a trail, or even if they do, can’t be prosecuted easily.

Prevention really is key to protecting your credit file from this fraud – so spend some time and make sure your passwords are as secure as possible as a first line of defence against identity theft.

Image: foto76/ www.FreeDigitalPhotos.net

20/08/2013
Cyber-safety and financial identity: 5 reasons why parents need to be cyber-savvy.

Media Release

Cyber-safety and financial identity: 5 reasons why parents need to be cyber-savvy.

8 August 2013

A credit expert is urging parents to focus on maintaining a dialogue with their children and get themselves up to speed with technology, in order to best prevent families from falling prey to the internet’s financial predators.

CEO of MyCRA Credit Rating Repair, Graham Doessel says no parent should be complacent when it comes to their child’s internet use, particularly when they’re engaging in social networking.

“At any age, we can be at risk of sharing too much information, adding suspect friends, downloading malware and falling for scams – all of which can threaten the integrity of not only our finances as parents – but for children, potentially their financial future as well,” he says.

Mr Doessel says his company helps Australians clear adverse listings from their credit file which they believe should not be there. He says no one is immune to financial predators – and when a client experiences identity theft which leads to credit being taken out in their name, they are left financially crippled.

“Basically the victim ends up with defaults on their credit file which unfortunately means they are black listed from credit for 5 years. These victims can’t borrow for anything – they can’t even take out a mobile phone plan,” he says.

His warning comes following the release of the Australian Communications and Media Authority’s (ACMA) special report last Friday, on the way young Australians use the internet and social media.

The report ‘Like, post, share’ explored emerging trends such as the rise of mobile access to the internet.

“Whether it’s for study, playing games or connecting to friends and family, young Australians are placing more and more importance on the online aspects of their lives,” said ACMA Deputy Chairman Richard Bean.

Mr Doessel says there are many reasons for parents to understand their child’s vulnerability to fraud from internet use – but he has identified 5 key reasons:

1. Our kids are actually targets for fraudsters.

Just because children are not 18, doesn’t mean they are not financially at risk. There have been warnings from Police about crooks scrolling through thousands of social networking pages purposely looking for young people, because they usually have the most open privacy settings.
”
That information is not used right away, but is stored or ‘warehoused’ until the young people turn 18. They can then go on a ‘spending spree’ with the young person’s fake identity and credit.

Mr Doessel says kids can also put their parents’ credit file at risk.

“Downloading viruses can also mean the family computer is put at risk – which can threaten the financial identity of anyone using that computer for banking or other sensitive activities, and sharing too much information about parents can also be dangerous,” Mr Doessel says.

2. Kids are on the net at increasing rates.

According to the ACMA’s report, the percentage of Australian eight to nine year olds who rate the internet as ‘very important’ in their lives has doubled since 2009.

Up to 35 per cent of eight to 11-year-olds have their own mobile phone, rising to 94 per cent of 16 to 17-year-olds.

As children and young people get older their understanding of the internet and their use of it increases.

“Older children and young people come to view the internet as a primary activity in and of itself and a source of entertainment, information and education,” the report says.

One emergent area of avid use has been identified as social networking services, with the ACMA stating that it has become a “primary means of building, negotiating and presenting their social identities.”

3. Social networking is incredibly risky.

Mr Doessel says social networking offers fraudsters a whole host of personal information which can be misused.

“Personal information can be extracted from social network sites, and fraudsters can build a profile on the victim – which can lead to identity theft and subsequent fraud,” he says.

Social networking risks can include predatory friend requests, extraction of ‘public’ information for fraudulent use, viruses which include malware to extract passwords and other personal information from computers, and scam emails.

Despite the risks, the ACMA report shows privacy is not always practiced by children.

“Compared to their theoretical knowledge, perception and awareness of risks, their actual behaviour demonstrates that this knowledge is often not put into practice,” the report states.

4. Pre-teens are vulnerable.

The ACMA reports that parents need to think about starting conversations about cyber-safety with their kids earlier, with fewer eight to 11 year olds reporting having discussed issues of cyber-safety with their parents than 12 to 17 year olds.

Younger teens are also slightly less likely to have private profiles or take other steps to manage their privacy.

“From the research it seems that there is an age threshold of around 14 onwards where the relevance of a [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][digital] footprint can be grasped,” the report states.

5. Our kids think they know more than us (and often they’re right!).

Parents are the main source of advice and support for young people who are experiencing difficulties online, and ideally should be perceived as the authority on technology matters.

“If parents don’t know their way around the web, they owe it to themselves and their family to get to know,” Mr Doessel says.

“Whilst we can offer more freedom as they age, children still require our parenting in the virtual world as they would in the real one,” he says.

The ACMA report shows when messages were delivered by individuals who children and young people perceive as being authorities in the area as well as having active knowledge of the activities they pursue, then such messages of cyber-safety can really get through.

For more advice on protecting your financial identity, or for recovering from identity theft, people can go to MyCRA’s website http://www.mycra.com.au/identity-theft/.

/ENDS.

MEDIA ENQUIRIES

For Interviews – Graham Doessel – Founder and CEO MyCRA Ph 3124 7133

For all media enquiries – Lisa Brewster – Media Relations media@mycra.com.au

media@mycra.com.au http://www.mycra.com.au/ www.mycra.com.au.blog

246 Stafford Road, STAFFORD QLD. Ph: 07 3124 7133

MyCRA Credit Rating Repair is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files.

http://www.acma.gov.au/theacma/newsroom/newsroom/media-releases/we-like-we-post-we-share-the-online-lives-of-young-australians
http://www.smh.com.au/technology/technology-news/police-warn-of-sophisticated-plan-to-steal-identities-20111108-1n5l8.html#ixzz1dB4ctHcT

Image: stockimages/ www.FreeDigitalPhotos.net[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

08/08/2013
Technology makes Australians more vulnerable to organised crime

Interested in the changing face of cyber-crime? The International Serious and Organised Crime Conference was held in Brisbane on Tuesday, and shed some light on where we’re heading. The Conference has heard that technology changes has made organised crime more complex and more open to new crime markets – including intellectual property crime, and cyber-crime. The conference heard that Australian law enforcement was no longer working in relative isolation, and that it has been necessary over the last 10 years to expand partnerships, both nationally and internationally. We examine the relevant subjects in this important Conference, and look at what this means for your financial identity and your credit file in the future.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Minister for Home Affairs and Minister for Justice, Jason Clare released Organised Crime in Australia 2013 on Tuesday – the Australian Crime Commission’s report on serious and organised crime in Australia. This year marks the 10th anniversary of the Australian Crime Commission.

The report concludes that organised crime is more pervasive, more powerful and more complex than ever before.

“Organised crime worldwide makes more than $870 billion every year. That’s bigger than the GDP of Indonesia. If organised crime was a country it would be in the G20.” Mr Clare said.

The Australian Crime Commission estimates that organised crime costs the Australian economy alone $15 billion each year.

Australian Crime Commission CEO, John Lawler revealed at his keynote address to the conference that 67 per cent of our nationally significant serious and organised crime targets are linked to at least one international jurisdiction, with most focused in South-East Asia. These targets have a detrimental impact on Australia, and are sourcing illicit commodities from overseas including from Asia, Africa, Europe and South America.

“Once, encounters with organised crime were largely restricted to those who sought out illicit commodities or illegal activities. Today, any Australian on any day can be impacted.

What used to take a number of people and considerable time to commit a crime against 10 others, can now be committed by one individual against many more from behind a computer screen,” he told the Conference.

He also identified an increasing incidence of Australian investors falling victim to investment scams as well as credit card or identity fraud.

“Organised crime is no longer its own institution; it has now moved into every estate, it has pervaded each level of global society…And in Australia, we are seeing organised crime increasingly hiding clandestine activities through legitimate business enterprises,” Mr Lawler said.

“Today, more than ever, the affect of organised crime on Australians is unparalleled. It’s pervasive, powerful and complex.”

He says the only way to break the business of organised crime is through rich, contemporaneous, and comprehensive criminal intelligence. The ACC says it’s focused on data sharing with national and international agencies and businesses. ‘Big data sharing’ will be the way of the future.

“Data, on its own, is of little use to law enforcement. It’s only when we pull the data together, analyse it and make links, that the real discovery and prevention can happen,” Lawler said.

He says in the modern era, this also means partnering with law enforcement and Government, as well as private industry.

As a result of recent legislative changes to the Australian Crime Commission Act, the ACC now discloses information to private industry.

“We want to work with industry to use the Commission to build a strong understanding of risk and threat; to strengthen practices and ultimately make it difficult for organised crime to operate in Australia.

This is also about a whole-of-community approach. The public are now key players in the fight,” Mr Lawler said.

Task-Force Galilee: Investment Fraud

During his speech, Mr Lawler describes the work the ACC did in dealing with a rampant investment fraud impacting Australians. Here is an excerpt from his speech, detailing the nature of the fraud, and the process the ACC went through to identify the groups involved:

We had intelligence of 2600 Australians with losses in excess of $113 million. This crime was being committed off-shore. Traditional law enforcement efforts were being frustrated. These organised crime groups have established a sophisticated business model. They rely on global inconsistency around legislation and jurisdiction and target developing countries from which to perpetrate their crimes.

Most callously, they target the elderly at a time when they should be enjoying their retirement.

In response, Task Force Galilee brought together approximately 20 agencies to put together a multi-layered response.

An important component was a public awareness campaign which included holding industry briefings, lauching a public report with the AIC to provide a picture of the threat.
And, for the first time in law enforcement history, we partnered with Australia Post and sent a letter to every household in Australia warning them about this criminal activity and providing information on how to avoid becoming a victim.

Market research undertaken following this campaign indicated increased public awareness and preventative behaviour from the public and high-risk groups when approached or targeted by investment fraudsters.

Task Force Galilee has also had some successful operational outcomes, a huge feat when working across international borders.

The most recent outcome occurred in April, when following a referral from the ACC, Thai authorities raided a suspect business premises in the central business district of Bangkok.

During the raid, Thai authorities located nine foreigners as well as a number of Thai nationals. A range of incriminating evidence including telephones, call scripts, client lists and computer equipment were also located and seized.

The criminal syndicate responsible had engaged a plethora of professional advisers located around the globe to assist their fraudulent behaviour ranging from corporate consulting firms to company incorporation and taxation advisers.

Using a sophisticated website, supported by fraudulent prospectuses and the illegal use of company brands, the syndicate was able to sell non-existent shares in more than 20 companies.

The complexity of the syndicate’s operations allowed it to successfully target victims in 19 countries across the world.

The Australian Crime Commission estimates that the operation had generated at least A$45 million from Australian-based victims alone.

The ACC and other international agencies have focused a significant amount of their efforts in unravelling the ‘dark market’ out there. To see the connections which exist between the internet and organised crime. To identify the fraudulent opportunities that can be thought up, bought, and perpetrated on a global scale. The ease with which international access can mean the big players can dodge detection and dissipate their possible negative impact. So the web is pretty tangled and requires lots of effort to find out what forces are at play. When you look at a scam email which has made its way to your email address – it might be pertinent to question, who is it really from? And who will benefit if you fall for it?

The impact of cyber-crime on you can be far reaching. Falling for scams, whether large scale like the investment scam or even disclosing your personal information to the wrong person can put you at risk of identity theft. You may never have your bank accounts touched, but someone may gain access to your personal information, generally through obtaining it via virus software known as ‘malware’ or by phishing scams which can then be used to generate fake identification. Fraudsters may then create a fake identity in your name and even take out credit.

If the theft goes undetected, the fraudster can be racking up thousands of dollars in debt in your name. When this happens, it is not only your bank accounts that can be affected, but your financial identity – your good name which is destroyed.

In Australia, if a credit file holder fails to make repayments on credit past 60 days, then a default can be placed on their credit file by the creditor. This default remains on the credit file for 5 years, and can severely hinder their chances of getting credit once it is placed. For the identity theft victim, this can leave them severely disadvantaged for 5 years, and unable to take out legitimate credit. The only way they may be able to restore their good name is through lots of hard work proving to creditors they did not initiate the credit.

So prevention is key. Made possible through education, through strong protection from Police and Government agencies, and through appropriate legislation to prevent ‘loopholes’ which make Australians targets for cybercriminals.

Image: Victor Habbick/ www.FreeDigitalPhotos.net

01/08/2013
Card skimmers in Brisbane pose identity theft risk.

Media Release

Card skimmers in Brisbane pose identity theft risk.

Stafford (BRISBANE), 1 August 2013.

As police announce ATM card skimming devices have been found once again in the Brisbane area, a credit expert is warning the public about the lesser known but more dangerous effects of card skimming – identity theft.

Graham Doessel who is CEO of MyCRA Credit Rating Repair, a national firm based in Brisbane’s Stafford, says many people are aware that banks will reimburse monies lost due to card skimming and other related fraud, but when it comes to fraudsters assuming the victim’s identity and taking out credit in their name, they have no idea how difficult a task recovery is.

“You can’t be ‘reimbursed’ for identity theft – it is a difficult process to try and recover a good name which has been tarnished, because the victim must prove they didn’t initiate the credit and show cause as to why the credit listing is unlawful,” Mr Doessel says.

He goes on to say, that with fraudsters often preferring a more ‘instant’ gratification, identity theft from card skimming is probably not widespread – but is a risk nonetheless.

“A patient fraudster has a lot to lose, but a lot more to gain from attempting this form of fraud, so it could potentially mean the card holder is not a victim of any un-authorised transactions right after the skimming, but their details are misused in the future for credit applications,” he says.

“With no easy way to trace the source of the identity theft, unfortunately the victim’s life can be made a living nightmare – with a mountain of debt and locked out of credit for 5 years unless they can prove their case of identity theft to Credit Providers,” he says.

He says the best way of preventing this type of fraud is for consumers to be aware of what ATM card skimming devices look like – and take a moment to check the machine before they use it.

Queensland Police state on their news website that the device found on an Ascot ATM in late July had a cover plate placed over the original card entry and a small camera – no more than a tiny dot at the bottom left side of the device which records the victim’s PIN number.

“It is believed that all information data obtained by the skimming devices has been retrieved by police and security of the credit card details has not been compromised,” Police assure.

When card skimming devices were found at two separate locations in Brisbane’s Queen Street Mall last November, the Queensland Fraud Squad’s Detective Superintendent Brian Hay explained how to check whether ATM card slots had been tampered with.

“When you go to an ATM look for a skimmer. Look at the entry point, make sure it’s a nice integrated, sealed or one piece unit,” he told Brisbane Times.

“Make sure it doesn’t look like there’s an attachment to the facial plate. Grab that card entry point, give it a bit of a wiggle and make sure there’s no flexion … It can pop off in your hand.”

Superintendent Hay also warned consumers to be wary of identity theft.

“Understand, that if you’ve been compromised it’s not just your money that’s been lost, but the crooks now have your identity,” he said.

Mr Doessel says consumers need to stay up to date with the latest scams and ways their personal and financial details can be at risk.

“At the very least, log on to sites like the ACCC’s SCAMwatch regularly, and get to know what new threats are out there that could put you and your credit file at risk,” he says.

The SCAMwatch website warns about the risks of card skimming and identity theft.

“Card skimming is also a way for scammers to steal your identity (your personal details) and use it to commit identity fraud. By stealing your personal details and account numbers the scammer may be able to borrow money or take out loans in your name,” the website states.

Police say if anyone believes that they have located a skimming device on an ATM they should contact their local police station or Crime Stoppers on 1800 333 000.

/ENDS.

MEDIA ENQUIRIES

Please Contact:

Graham Doessel – Founder and CEO MyCRA Ph 3124 7133

Lisa Brewster – Media Relations MyCRA media@mycra.com.au

Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog

246 Stafford Rd, STAFFORD Qld

MyCRA Credit Rating Repair is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files.

Queensland Police say a skimming device like the one pictured, was fitted to an ATM in the Ascot area. http://mypolice.qld.gov.au/wp-content/uploads/2013/07/ATM-skimming.jpg

http://mypolice.qld.gov.au/blog/2013/07/18/atm-skimming-devices-brisbane/

http://www.brisbanetimes.com.au/queensland/bank-customers-under-threat-from-card-skimmers-20121122-29roj.html#ixzz2a0wDyBIv

http://www.scamwatch.gov.au/content/index.phtml/tag/CardSkimming

Image: naypong/ www.FreeDigitalPhotos.net

01/08/2013
Help to reduce your risk of identity theft
“Identity is one of our most valuable assets – if it is stolen, the stress and financial costs can last for years,” says Attorney-General Mark Dreyfus QC. According to the Attorney-General, identity theft is currently at 7% and rising (up from 5 per cent in the previous year)* – and so a new booklet has been formulated to give Australians practical advice on guarding their identity and what to do if they think it’s been stolen. We offer a link to this booklet and encourage all of our readers to download it, and even print it out and give it to someone you know who you think may be at risk. It just may save your bank accounts, your identity and your credit file from misuse.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair, and www.fixmybadcredit.com.au.

The booklet ‘Protecting Your Identity’ was launched by the Attorney-General last week. For anyone who is not so familiar with the workings of identity theft, it is a comprehensive document on the how’s and whys of identity theft. We found this page to be particularly relevant:

Why Should I Be Concerned About Identity Theft?

Once your identity has been stolen it can be almost impossible to recover. You may have problems for years to come. Some of the things that criminals may be able to do with your identity include:

• tricking your bank or financial institution into giving them access to your money and other accounts

• opening new accounts and accumulating large debts in your name which will ruin your credit rating and good name

• taking control of your accounts including by changing the address on your credit card or other accounts so you don’t receive statements and don’t realise there is a problem

• opening a phone, internet or other service account in your name

• claiming government benefits in your name

• lodging fraudulent claims for tax refunds in your name and preventing you from being able to lodge your legitimate return

• using your name to plan or commit criminal activity, and

• pretending to be you to embarrass or misrepresent you, such as through social media.

Identity theft is the curse of the 21st Century and that is becoming more evident in our industry of credit rating repair. There are more and more people needing help with repairing their credit file due to having their identity misrepresented in some way.

Often the first time we are aware of identity theft is when we apply for credit and are flatly refused due to defaults on our credit file that are not ours.

Credit file defaults are difficult for the individual to remove and generally people are told by creditors they remain on our file for 5 years, regardless of how they got there.

Although it seemed so easy for the fraudster to use your good name in the first place, you are now faced with proving the case of identity theft with copious amounts of documentary evidence.

If you have neither the time nor the knowledge of our credit reporting system that you may need to fight your case yourself, you can seek the help of a credit repairer. A credit repairer can help you to clear your credit rating and restore the financial freedom you rightly deserve.

The reason a credit repairer is usually so successful in removing your credit file defaults, is their relationships with creditors, and their knowledge of current legislation.

If you have just found out you are a victim, we recommend you also contact the Police. Don’t be embarrassed – it is only through identity theft being reported that data gets collected and appropriate preventative measures eventually get put in place.

Top Tips for Preventing Identity Theft

In a statement to the media last week, Mr Dreyfus also outlined some simple steps Australians can take to reduce their risk of becoming a victim of identity theft:
- Secure your mailbox with a lock and, when you move, redirect your mail.
- Be cautious about using social media, and limit the amount of personal information you publish online.
- Secure your computer and mobile phone with security software and strong passwords, and avoid using public computers for sensitive activities.
- Secure your personal documents at home and when travelling.
- Learn how to avoid common scams at www.scamwatch.gov.au.
- Be cautious about requests for your personal information over the internet or phone and in person in case it is a scam.
- Investigate the arrival of new credit cards you haven’t requested or bills for goods and services you have not purchased.
- Be alert for any unusual bank transactions or missing mail.
- If you are a victim of identity theft, report it to the police and any relevant organisations.
- Order a free copy of your credit report from a credit reporting agency on a regular basis, particularly if your identity has been stolen.
* Last year a survey commissioned by the Attorney‑General’s Department found 7 per cent of respondents had been victims of identity crime in the previous six months – up from 5 per cent the previous year.

Image: Victor Habbick/ www.FreeDigitalPhotos.net
27/06/2013
Watchdog criticised over lack of prosecutions for fraudsters and identity thieves

People are starting to get angry over scams and identity theft. As anyone with a computer, a telephone or who banks would know – the attempts to steal our financial information, or to scam us online are getting more and more frequent, but it seems the prosecutions are not increasing. We examine Michael Pasoce’s controversial opinion piece from todays The Age. The piece refers to criticism that the Australian Competition and Consumer Commission and Police are ignoring 99.9 per cent of scamsters.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Michael Pasoce’s article Watchdog lacking any bite as scammers fleece us is pretty damning of the ACCC and the Australian Police, and their lack of ‘bite’ in matters of prosecution of fraudsters. Here is an excerpt from Pascoe’s article today:

“The ACCC doesn’t even try to lumber fraudsters and scam artists – it just hopes to “disrupt” them with a little education of us mugs. Education is indeed a good thing and that deserves a tick, but locking up the very nasty little perpetrators wouldn’t be a bad idea either. They’re not even trying.

Responsibility for that of course should be shared with the various police fraud squads – but they are rather hopelessly under-manned, under-skilled and really only interested in the big stuff, preferably if it’s rather simple, old-fashioned fraud.

Many of the online and telephone con artists are based overseas, but there are plenty of low-life locals as well. Successful fraudsters keep their jobs relatively small and remain mobile. That way the police and ACCC won’t bother taking an interest, even when a case is handed to them on a platter.

At last month’s Retail World conference (disclosure: I was paid to chair it), online retailers told how completely frustrated they were in trying to get any authority to take action over fraud.

For example, a fridge is purchased online by someone using a credit card. Fridge is delivered. The owner of the credit card phones his or her bank claiming they did not authorise the purchase – perhaps claiming a child used the card without permission. The bank refunds the money to their customer and hits the retailer with a charge-back. In the words of the Queensland Police website, the retailer then becomes the complainant – nearly all the time, police don’t want to know about it.

What’s more, from the same website: “If the cardholder is reimbursed for the loss, financial institutions have agreed that they do not require the cardholder to report the matter to police for investigation.”

The banks are treating this sort of fraud as merely a cost of business. The retailers are getting nothing in return for their merchant fees.

A major online white goods retailer told me one of the fraudsters tried to hit them a second time. The retailer attempted to interest the local gendarmes in catching the thief in the act – but they weren’t interested.”

Pascoe argues that the supposed authorities have been overwhelmed by this class of crime.

“The law is too complicated in dealing with it, the manpower to tackle it is not forthcoming, there is yet again no sign of anyone having fire in the belly, a desire to kick heads. The scumbags who prey upon the gullible effectively have a free hand to go forth and defraud while police will visit a pop star’s hotel room to inspect a half a joint,” he says.

So if it all too complicated – is the argument still there for reporting scams and other forms of identity theft to Police or other authorities even if no monies are lost?

Absolutely. Without reporting, authorities won’t have any idea of the scale of the problem, and that is the first step towards fixing it. I have long been of the belief that not requiring the reporting of fraud which has been reimbursed by banks is exacerbating the problems in this area. The thing is, all of these small instances may just be a drop in the ocean, but they could all be drops from the same source.

Was Pascoe right to call to task the authorities over a lack of prosecutions in this area?

Absolutely. It is important that we apply pressure to government and to Police, to find a way to locate and prosecute fraudsters, or to justify why they can’t.

In reality, prosecutions can be difficult simply because of the global nature of this crime. Small time fraudsters may be doing all of the leg work here – and on selling the information to global syndicates. Or fraudsters may be able to buy personal information obtained by international fraudsters and use it to obtain credit in Australia. It is a tangled web – but it’s one we should be throwing time, money and resources into now and in the future.

Identity theft and your credit file

Cyber-crime can be perpetrated by stealing the personal information of individuals, generally through obtaining it via virus software known as ‘malware’ or by phishing scams which appear to be genuine companies asking for personal details which can then be used to generate fake identification. Then the fraudster will go about taking out credit in the victim’s name. If the theft goes undetected, the fraudster can be racking up thousands of dollars in debt in the person’s name. This is when identity fraud affects the victim’s credit file. When this happens, it is not only the victim’s bank accounts that can be affected, but more importantly their ability to obtain credit in the future.

In Australia, if a credit file holder fails to make repayments on credit past 60 days, then a default can be placed on their credit file by the creditor. This default remains on the credit file for 5 years, and can severely hinder their chances of getting credit once it is placed. For the identity theft victim, this can leave them severely disadvantaged for 5 years, and unable to take out legitimate credit. The only way they may be able to restore their good name is through lots of hard work proving to creditors they did not initiate the credit.

For information on preventing identity theft, and help with repairing a credit rating following fraud, contact MyCRA Credit Repair, or call tollfree 1300 667 218.

Image: Victor Habbick/ www.FreeDigitalPhotos.net

18/06/2013
Update on mandatory data breach notification laws

The long-awaited amendments to the Privacy Act 1988 making reporting of serious data breaches mandatory, has been passed in the House of Representatives and had its second reading in the Senate yesterday. We cover what this Bill will mean if it is passed, and what it means for your credit file.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

If passed by both houses, the Privacy Amendment (Privacy Alerts) Bill 2013 will be implemented as part of amendments to the Privacy Act in March next year, alongside other amendments.

The amendments will force businesses and government agencies covered by the Privacy Act 1988, to notify people when a serious data breach affecting their privacy occurs.

The notification requirements do not apply to all data breaches, only breaches that give rise to a risk of serious harm. Serious harm could include physical and psychological harm, as well as injury to feelings, humiliation, harm to reputation and financial or economic harm.

The Commissioner will be able to seek civil penalties if there is serious or repeated non-compliance with the notification requirements and the Information Commissioner will be able to direct agencies and business to notify individuals of data breaches.

The legislation has been introduced following criticism of the current voluntary reporting system. It seems when faced with a choice, many entities think of the bottom line or other publicity concerns rather than the security of people’s personal or financial information.

A bit about how data breaches can threaten your credit file

Personal information in the wrong hands can lead not only to identity fraud, but the misuse of the victim’s credit file, which can have significant long term consequences.

A lot of identity fraud is committed by piecing together enough personal information from different sources in order for criminals to take out credit in the victim’s name. Often victims don’t know about it right away – and that’s where their credit file can be compromised.

Once the victim’s credit rating is damaged due to defaults from this ‘stolen’ credit, they are facing some difficult times repairing their credit rating in order to get their life back on track.

These victims often can’t even get a mobile phone in their name. It need not be large-scale fraud to be a massive blow to their financial future – defaults for as little as $100 will stop someone from getting a home loan.

Once an unpaid account goes to default stage, the account may be listed by the creditor as a default on a person’s credit file. Under current legislation, defaults remain on the credit file for a 5 year period.

What is not widely known is how difficult credit repair following can be – even if the individual has been the victim of identity theft, there is no guarantee the defaults can be removed from their credit file. The onus is on them to prove their case and provide copious amounts of documentary evidence.

Unfortunately data breaches are difficult for individuals to have any control over, and the only way people can ensure their details are safe are to demand that the companies they deal with have strong IT systems before disclosing that information. People should adopt the philosophy of a need-to-know basis for disclosing their personal information. They should always question the need for it to be handed over. If it is not essential, they shouldn’t do it.

Image: Stuart Miles/ www.FreeDigitalPhotos.net

18/06/2013
Gamers: cheating could cost you your credit rating

If you or someone in your family is a gamer, then you would be familiar with hacks. Hacks and cheats are designed to give a gamer help with a game by allowing them to download useable software for assistance. But security company, AVG says downloading hacks could open up a can of worms not only for the gamer, but for anyone else that uses the computer, because you have probably also just downloaded Malware. We look at how this occurs, what Malware does and what the risks are for your personal information and your credit file.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au

Antivirus vendor AVG has issued a warning to gamers following research which suggests that more than 90 per cent of ‘hacks’ available online contain some form of malware or malicious code.

Hacks and cheats are commonly incorporated into games; however, the sheer popularity of online multiplayer games has made gamers prime targets for cybercriminals.

“The research suggests more than 90 per cent of hacks, cracks, patches, cheats, key generators, trainers and other downloadable game tools contain malware or executable code.

These hacks are commonly delivered via unregulated torrents and file sharing sites, an easy vector for malware.

Malware inadvertently downloaded with hacks can give attackers easy access to your online gaming account as well as other sensitive information such as online banking details, personal data and passwords for other online services,” Stay Smart Online recently advised.

They advise gamers to only download patches from the game’s official site, and to avoid any unofficial software. They also recommend:

Always be suspicious of any files downloaded from torrents and file sharing websites.

Ensure you always have up-to-date security software installed on your computer.

Use unique account logon and password information for each of your online gaming accounts (and every other online service you use).

What is ‘malware’?

Malware— is short for ‘malicious software’. It is a type of malicious code or program that is used for monitoring and collecting your personal information (spyware) or disrupting or damaging your computer (viruses and worms). Stay Smart Online explains in more detail:

Spyware

The term spyware is typically used to refer to programs that collect various types of personal information or that interfere with control of your computer in other ways, such as installing additional software or redirecting web browser activity.

Examples of spyware include:

Keyloggers

A keylogger is a program that logs every keystroke you make and then sends that information, including things like passwords, bank account numbers, and credit card numbers, to whomever is spying on you.

Trojans

A Trojan may damage your system and it may also install a ‘backdoor’ through which to send your personal information to another computer.

Viruses and worms

Viruses and worms typically self-replicate and can hijack your system. These types of malware can then be used to send out spam or perform other malicious activities and you may not even know it. Both can use up essential system resources, which may lead to your computer freezing or crashing. Viruses and worms often use shared files and email address books to spread to other computers.

Malware and your credit file

If fraudsters can get their hands on your personal information they can steal passwords to not only the gaming site, but also to the bank or credit accounts of anyone who uses that computer.

They can also create a patchwork quilt of information that can allow them to eventually have enough on you to request duplicate identity documents (identity theft), and apply for credit in your name (identity fraud).

Running up credit all over town, perhaps buying and selling goods in your name, or in some cases mortgaging properties –you may have a stack of credit defaults against your name by the end of their ordeal – and sometimes no proof it wasn’t you that didn’t initiate the credit in the first place.

Recovery can be slow, and in some cases you may have no way to prove you weren’t responsible for the debt – with fraudsters leaving no trail and the actual identity theft happening long before the fraud took place.

Who might be most at risk?

Gamers often aren’t worried about risks to their personal information as they are often young people who consider they don’t have much to lose, when in fact they do. Firstly, if Malware is downloaded – it puts the entire family at risk. But secondly, a young person is just as vulnerable as anyone to exploitation. There have been reports of crooks harvesting the personal information of young people and storing it until the victim turn 18. Australian Police have issued warnings on the issue of data warehousing in relation to Facebook in the past, but fraudsters won’t be fussy about where they get it from. It all has a lucrative price on the ‘black market’ of personal information.

For more help with teaching kids and young people about online risks, go to the Stay Smart Online website http://www.staysmartonline.gov.au/kids_and_teens.

Visit our main website www.mycra.com.au for more information on identity theft and your credit file.

Image 1: Arvind Balaraman/ www.FreeDigitalPhotos.net

Image 2: Salvatore Vuono/ www.FreeDigitalPhotos.net

06/06/2013
Westpac customers warned: don’t be fooled by scam emails

BE CAUTIOUS WITH EMAILS FROM BANKS –EVEN YOURS. You may have received a “Security Upgrade” email from Westpac recently. If you are a Westpac customer, you may have read this email. You may have even taken it seriously… We want to warn you, this email is a scam! We describe what this email looks like, what it’s designed to do, and what you need to do if you come across it. If you are not a Westpac customer, this may still be extremely important for you, as these types of emails are targeting you in different forms every day and can impact not only your bank accounts, but also your personal and financial identity.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

On Tuesday the Government’s ‘Stay Smart Online’ website sent out an alert about a very fishy phishing email targeting Westpac Bank customers. The SSO alert is below:

Westpac customers targeted again by phishing emails

28 May 2013

Email warns of security upgrade, but links to fake banking site

On 23 May 2013, antivirus vendor AVG issued a warning about the circulation of fake security notification emails pretending to originate from Westpac.

Like similar fake emails that have targeted Westpac, this example claims to be addressing security concerns over a “recent spate of fraud and identity theft”. It advises that a security upgrade is being undertaken and will be effective once customers login to their account.

The email includes a number of tell-tale errors that suggest it is a fake. In the image below, AVG has provided an overview of the errors which can help to identify it as a scam.

Image credit: AVG

The fake banking website linked from this email looks similar to Westpac’s current online banking logon page.

Don’t be fooled. This page is set up explicitly to capture your banking details.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][Image: SSO]

Avoid phishing emails

Always be suspicious of unsolicited emails.

Do not click links or open attachments. The best advice is to simply delete the email.

If you are uncertain about an email you can always cross check the information by going independently to the company’s website or by calling the company directly.

Westpac hosts a list of examples of ghost sites/fake sites that mimic its online banking page.

Many reputable websites will specify how they will communicate with you on their website. Anything outside of this is suspicious. Westpac provides useful information about security on its website.

The ins and outs of phishing scams

Phishing scams are generally emails or text messages like the Westpac email, which impersonate genuine companies in the hope of tricking victims into giving out their personal and financial information.

The aim of phishing is to steal information like bank and credit account numbers, passwords, and other crucial data.

The ACCC’s Scamwatch website warns about phishing emails also. It warns they are not easily distinguishable from genuine corporate communication:

“Phishing emails often look genuine and use what look to be genuine internet addresses—in fact, they often copy an institution’s logo and message format, which is very easy to do. It is also common for phishing messages to contain links to websites that are convincing fakes of real companies’ home pages.

The website that the scammer’s email links to will have an address (URL) that is similar to but not the same as a real bank’s or financial institution’s site. For example, if the genuine site is at ‘www.realbank.com.au’, the scammer may use an address like ‘www.realbank.com.au.log107.biz’ or ‘www.phoneybank.com/realbank.com.au/login’.”

The ramifications of falling for a phishing scam

Clicking on links in phishing scams can mean your banking details are captured by fraudsters and can be accessed in order to drain your bank accounts. But in addition to this, just the simple act of clicking on the link can put you in danger. Many phishing emails are also designed to infect computers through virus-containing links in the emails.

This could mean that you could download a Trojan or similar virus designed to steal your financial information – and you may have no idea its happening.

This could be dangerous for your credit file. Because while you are carrying out your normal online transactions, the Malware that you have installed could be tracking passwords, financial details and personal details about you. This could be used by a clever and determined cyber-crook in order to build a fake identity in your name.

Suddenly credit could be accessed in your name, and you probably won’t know about it until you apply for credit yourself and are refused. This presents real problems for fixing your credit rating, because what we know about removing unfair or inaccurate listings from your credit file is that you must provide evidence and proof that you didn’t initiate the credit. This can be difficult to do when you have no idea how the theft of your information occurred. It can be a nightmare for victims.

So don’t get hooked by a phishing scam. If you receive an email that looks legitimate – go independently to the Bank or other company’s website to verify it. Or use the official Bank phone number (not the phone number presented on the email) to call the bank directly to verify the email is legitimate.

Top image: David Castillo Dominici/ www.FreeDigitalPhotos.net

[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

30/05/2013
Cyber-security to protect your financial identity.
How can what you do online impact your ability to obtain credit? Understand the risks and protect your credit rating.

MyCRA is a partner for Cyber Security Awareness Week 2013, running this week until 24 May. The aim of Awareness Week is to help Australians using the internet – whether at home, the workplace or school – understand the simple steps they can take to protect their personal and financial information online.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Cyber Security Awareness Week 2013 is an Australian Government initiative, held annually in partnership with industry, community and consumer groups and state and territory governments.

One of the big risks for Australians is that their internet use will lead to fraudsters stealing their personal information for purposes of identity theft (now the fastest growing crime in Australia) and potentially fraud. The good credit rating of the victim could then be damaged.

It is reported that 1 in 6 people in Australia is a victim or knows someone who has been a victim of identity theft or fraud in the past 6 months.

Victims are not always ‘gullible’ as may be the impression in the wider community. Many experts say it is not a matter of if you experience an identity theft attempt, but when.

Increasingly it comes from professional fraudsters whose main occupation is to steal personal information and financial details in order to commit fraud.

The internet is a big source of personal information and its ever increasing use makes you more vulnerable to identity crime than ever. This means identity crime can have very long arms – often it originates from overseas crime syndicates. Social networking, online banking, company databases can also be sources.

The unlucky identity theft victim is unaware of the fraud until their identity is misused, and their credit rating with it. When identity theft damages your credit rating – it is because the fraudster has been able to overtake credit accounts, or has gained access to enough personally identifiable information about you to forge new identity documents.

If credit accounts are not repaid – after 60 days you may be issued with written notification of non-payment and the intention for the creditor to list a default on your credit file. It is at this moment that some people who were previously unaware of any problems find out they have been victims of this more sophisticated type of identity theft.

Protecting Your Financial Identity Online

You can provide a safety buffer for yourslef and your family around one of the main channels for fraudsters to enter our lives – the internet.

Remember the top tips

Stay Smart Online encourages all Australians to remember these ten simple tips to improve their online security:
1. Install and update your security software and set it to scan regularly
2. Turn on automatic updates on all your software, particularly your operating system and applications
3. Use strong passwords and different passwords for different uses
4. Stop and think before you click on links and attachments
5. Take care when buying online – research the supplier and use a safe payment method
6. Only download “apps” from reputable publishers and read all permission requests
7. Regularly check your privacy settings on social networking sites
8. Stop and think before you post any photos or financial information online
9. Talk with your child about staying safe online, including on their smart phone or mobile device
10. Report or talk to someone if you feel uncomfortable or threatened online – download the Government’s Cybersafety Help Button
For specific help with safe banking, we refer to the Australian Bankers’ Association’s recommendations:

Protect your passwords – ensure you keep confidential your PIN and Internet banking logons and passwords. Avoid using the same logon/passwords for multiple websites, especially when it enables access to websites that include sensitive personal information. Set a pass code for your device and a PIN for your SIM. If your banking app allows logon with a PIN, make sure it is different to the one used to unlock your mobile device. Make sure your password or code is something that’s hard for others to guess but easy for you to remember. A bank will never ask you to provide passwords or PINs by e-mail or over the telephone.

Lock – set your smartphone and tablet to automatically lock. The password will protect your device so that no-one else can use or view your information. Also store your device in a secure location.

Contact your bank if you lose your smartphone or tablet – call your bank immediately to tell staff about the loss and provide your new phone number, especially if your bank uses an SMS message to authenticate transactions.

Clear your mobile devices of text messages from banks especially before sharing, discarding or selling your device.

Be careful what you send via text – never use text messages to disclose any personal information, such as account numbers, passwords or other personal information that could be used to steal your identity.

Use only official apps – make sure to only use apps supplied by your financial institution and only download them from official app stores.

Delete spam and scam e-mail – if the offer sounds too good to be true – it probably is.

Guard identity information carefully and only provide it to trusted people and entities. This includes date of birth, current address, driver’s licence and passport details.

Anyone interested in online safety should subscribe to the email notifications from Stay Smart Online Alert Service. The Stay Smart Online Alert Service is a free subscription based service that provides home users and small to medium enterprises with information on the latest computer network threats and vulnerabilities in simple, non-technical, easy to understand language. It also provides solutions to help manage these risks.

Also, you can look at securing different sections of your internet use in more depth with the help of Stay Smart Online’s key factsheets for online security.

Check your credit file regularly, and act quickly on any discrepancies there – which can often be the first sign of identity theft. Copies of credit files can be ordered from one or more of Australia’s credit reporting agencies, and are free for the credit file holder once per year.

Image 1: courtesy of Stay Smart Online

Image 2: Ambro/ www.FreeDigitalPhotos.net
23/05/2013
Fraudsters cashing in on public fear over password security

Australians are warned to be aware of a scam which is targeting public uncertainty following publicised hacking events or data breaches. People are being sent links to fake sites which ‘test’ your logon details for popular sites such as Twitter, LinkedIn, Facebook, Hotmail and Gmail. But be warned, many of these are fake password checking sites, or similar and are phishing for your user name, password and other personal information. We look at this scam in more detail, and how it could impact you and your credit file.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Giving away your details to these sites could put you at risk of identity theft and credit fraud– so the message from Australia’s ‘Stay Smart Online’ is – always be suspicious of sites asking for your user name, password or personal information. If you’re not sure – don’t take the chance.

“Links to password checking sites often circulate on social media and email after publicised hacking events or breaches – such as the hacking of the Associated Press’s Twitter account – a time when checking the strength or security of your own account might seem appealing,” Stay Smart Online warned in an alert yesterday.

SSO advises never to enter your username and password anywhere except on the site it is intended for:

Don’t use links in emails or social media messages that take you to a log in page. Navigate there yourself independently to make sure you are on the legitimate site’s logon page.

Make sure the addresses of the websites you use are correct.

When logging on to a website, check for HTTPS (or a padlock) in the address bar. This is the secure form of HTTP. Websites that don’t offer HTTPS at logon are unsecured.

Always be suspicious of unsolicited emails, especially those seeking personal or financial information.

SSO says there are some legitimate password-checking sites out there, and some of the legitimate sites have been copied.

Legitimate sites can use minimal information supplied by you, such as your email address (not your password!) to check your address against lists of stolen information found in data dumps on hacker sites. Other legitimate sites may offer to simply test the strength of your password. But trying to distinguish the real from the fake may not be worth the risk.

SSO warns fake sites may be very difficult to distinguish from legitimate ones, and will simply collect your details.

“…someone then has everything they need to access to your account,” SSO states.

The danger in clicking on any link from an unknown source is not only that the personal information that you give out could be directly warehoused for future purposes of identity theft for fraud, but you could also end up downloading malware or a virus which takes that information from your computer.

Recently MSN Money commented on this latest scam in its story Avoid Password-Checking Sites:

Given that most people still use simplistic passwords and use them across multiple sites — as has been shown in a variety of data breaches and surveys — there’s a lot at stake when you give yours away. Imagine losing control of not only your social networks, but also access to your email, online banking and other personal and financial information.

Even if you catch the breach quickly, it will still be a colossal pain to get everything back to normal.

What can fraudsters do if they can get their hands on your personal information?

They can steal passwords to your bank or credit accounts and they can also create a patchwork quilt of information that can allow them to eventually have enough on you to request duplicate identity documents, and apply for credit in your name.

Running up credit all over town, perhaps buying and selling goods in your name, or in some cases mortgaging properties – the victim can have a stack of credit defaults against their name by the end of their ordeal – and sometimes no proof it wasn’t them that didn’t initiate the credit in the first place.

Recovery can be slow, and in some cases victims have had no way to prove they weren’t responsible for the debt – with fraudsters leaving no trail and the actual identity crime happening long before the fraud took place.

New laws coming through in March 2014 are aimed at protecting your credit file following an incidence of identity theft. If you know you have been scammed, you will be able to put a ‘ban’ on your credit file – so no one will be able to access your credit information – therefore protecting your credit information from misuse.

But if you don’t know you have been scammed until it’s too late, or if you can’t pinpoint what’s happened to you, it may be still be difficult to protect your credit rating. So you have to be sure you protect all of that, by staying ahead of scams such as this, and by keeping strong passwords.

MSN Money provides some tips from Microsoft about password security to consider when creating — or changing — a password:

• Make your password at least eight characters long

• Mix up the characters with capitals, lower case, numbers, symbols and punctuation marks

• Change your passwords regularly

• Use different passwords on different sites

If you think you might have entered details into a fake site…

* Change your password immediately. If you use the same logon information elsewhere you should also change these passwords, ensuring you create a unique password for each service.

* Contact the Police – as well as your bank – especially if you have given over personal information to fraudsters. Don’t be embarrassed – it is only through identity theft being reported that data gets collected and appropriate preventative measures eventually get put in place. You should also contact the credit reporting agencies that hold your credit file and inform them that you may be at risk of identity theft.

* Order a copy of your credit report. If there are any inconsistencies on your credit report – change of address, strange credit enquiries and credit you don’t believe you’ve accessed, then you may already be a victim – and should do all that’s possible to follow up on each account so as not to accrue defaults on your credit file that should not be there.

Credit file defaults are difficult for the individual to remove and generally people are told by creditors they remain on our file for 5 years, regardless of how they got there.

Although it seemed so easy for the fraudster to use your good name in the first place, you are now faced with proving the case of identity theft with copious amounts of documentary evidence.

If you have neither the time nor the knowledge of our credit reporting system that you may need to fight your case yourself, you can seek the help of a credit repairer. A credit repairer can help you to clear your credit file and restore the financial freedom you rightly deserve.

The reason a credit repairer is usually so successful in removing your credit file defaults, is their relationships with creditors, and their knowledge of current legislation.

Visit www.mycra.com.au for more information on identity theft or how to repair bad credit.

image: foto76/ www.FreeDigitalPhotos.net

14/05/2013
Australian credit habits under the microscope – are you ready?

Press Release

Australian credit habits under the microscope – are you ready?

10 May 2013

The credit habits of Australians will be scrutinised like never before when new credit reporting laws take effect in March next year, and a consumer advocate for accurate credit reporting warns, now is the time to make some big changes to protect your future.

CEO of MyCRA Credit Rating Repair, Graham Doessel says this is an important time to know about Australia’s credit laws, and to be careful with how you use and repay credit.

“Australian consumers are currently under the microscope with their repayments, and if they are more than five days late paying a loan or a credit card that will go on their credit file for two years and show up as of next year,” Mr Doessel advises.

“This information will be part of five new data sets to show up on your credit report – and Australians need to be credit savvy to make the changes work for them,” he says.

This new information for lenders is part of wide-sweeping amendments to Australia’s Privacy Act, which includes a new Credit Reporting Code of Conduct.

Mr Doessel outlines some things that every credit-active should know about our new laws:

What you need to know and do to be credit savvy

1. Pay on time, every time. Make repayments on accounts (such as credit cards and loans) on time to avoid having late payment notations recorded on your credit file. There is a five day grace period. It doesn’t have to be a big amount to impact you. Too many late payment notations may mean you’re refused credit, or offered a higher interest rate.

If you let your account go more than 60 days in arrears you will also be default listed. This listing will show on your credit file for five years, and applies to amounts over $150.

2. If you can’t pay, actively seek help. There will be new laws to help prevent you from being defaulted if you are under financial hardship. You need to make arrangements early with your lender, and this will be recorded on your credit file. If you make your repayments on time, you may be able to offset the variation. So there is a new incentive to get in and work it out with your lender prior to letting your accounts go into arrears and copping a default listing.

3. Take precautions when applying for credit. The volume of credit you apply for and the type of credit you apply for can hinder any future credit application you may make. Whilst it is a great idea to research credit before applying – you should only make a credit application you have full intention of pursuing. In addition, high interest’ or ‘bad credit’ loan applications may shave points off your rating.

4. Seek cautions credit limits. If you’re not using it, don’t have it is the general rule. If you take out a credit card or other line of credit, it’s probably not wise to opt for a lofty limit, but ask for an amount closer to what you intend to use. Any credit ‘rating’ may be reduced by credit limits which are too high.

5. Prevent identity theft. Understand how lucrative your personal information can be in the wrong hands, and take steps to keep abreast of how it can be at risk from identity theft, which can lead to the stealing of credit by fraudsters accessing your credit file. Victims can end up with defaults on their credit file and blacklisted from credit for 5 years.

New laws will allow you to place a ban period on your credit information if you believe you may be at risk of identity theft, which can prevent fraudsters from accessing credit in your name – so if you feel you may be at risk – acting quickly may prevent your credit file from being impacted.

6. Check your credit file regularly. With the new information, it will be more important than ever to check your credit file. Many people don’t know you can do this for free annually through the Australia’s credit reporting agencies and a copy is sent within 10 working days. There will be five new data sets of information available to Credit Providers who request a copy of your credit report. These will be:

1. repayment history information;

2. the date on which a credit account was opened;

3. the date on which a credit account was closed;

4. the type of credit account opened;

5. and the current limit of each open credit account.

It is up to you to ensure your credit file reads accurately.

7. Correct credit information which you believe is inaccurate, inconsistent or unfair. To offset the new information, new laws are currently being devised to make it fairer for those disadvantaged individuals to access and correct their credit report.

But beware, there will still be a requirement to work within and have knowledge of credit reporting law when disputing an inaccurate or unfair credit listing, and it is important to note, that Credit Providers and Ombudsman cannot advocate on your behalf. You can start by contacting your Credit Provider yourself to alter incorrect information, or you can seek help from a credit repairer or lawyer. You should take steps to rectify mistakes before the information has any bearing on a credit application you may make in the future.

After March 2014, if your Credit Provider disagrees with your request to correct your credit information, you can have your dispute noted on your credit file and this would be worthwhile requesting if you believe your listing shouldn’t be there.

/ENDS.

Please contact:

Graham Doessel – CEO Ph 3124 7133

Lisa Brewster – Media Relations media@mycra.com.au

Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog

MyCRA Credit Repair 246 Stafford Rd, STAFFORD Qld

MyCRA is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files. CEO of MyCRA Graham Doessel is a frequent consumer spokesperson for credit reporting issues and is a founding member of the Credit Repair Industry Association of Australasia.

Image: ddpavumba/ www.FreeDigitalPhotos.net

10/05/2013
Privacy Law Reform To-Do List: Privacy Awareness Week 2013

In our last post for Privacy Awareness Week 2013, we set out some actions you can take now for your family to get you up to speed and ready for important changes to the Privacy Act 1988 (Cth) which will impact you. We include the specific things you can to do to support your ability to obtain credit and have your credit file looking its best when changes come into effect on March 2014.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

What can you do to support your credit file and ensure you look your best to Credit Providers? It will be essential from now and going forward to be mindful of what may constitute bad credit. Although as a consumer you are not privy to your credit ‘rating’ score, a Credit Provider will be provided with a number based on your credit habits – and this will be used to help calculate your credit worthiness. Whilst it is not disclosed by credit reporting agencies the specific items which lower your score and how much by, traditionally there are some things you can do to which will help keep your credit-worthiness in check. We look at good credit habits, and what things you need to do when our Privacy Laws change in March 2014:

1. Pay on time, every time.

Your repayment history information is being collected now. It is imperative you make repayments on accounts by their due date to avoid having late payment notations recorded on your credit file and shown after the March 2014 implementation.

If you can’t pay on time, seek alternative arrangements with your lender – but be advised these new arrangements will be recorded on your credit file. This would always be preferable to a default listing though – especially if you can show good repayment history at those new terms – so there is a new incentive to get in and work it out with your lender prior to letting your accounts go into arrears and copping a default listing.

2. Check your credit file regularly.

Make a habit of checking your credit file regularly. You can do this for free annually through the Australia’s credit reporting agencies. There will be five new data sets of information available to Credit Providers who request a copy of your credit report. These will be:

– repayment history information;

– the date on which a credit account was opened;

– the date on which a credit account was closed;

– the type of credit account opened; – and the current limit of each open credit account.

It is essential that you take responsibility for the accuracy of your credit file information and even more so when the above new sets of information becomes available to Credit Providers.

3. Correct credit information which you believe is inaccurate, inconsistent or unfair.

If there is anything on your credit report which you believe rings untrue, or shouldn’t be there, you have the right to request this information be rectified. You will need to contact your Credit Provider to alter this information. You should do this before the information has any bearing on a credit application you may make in the future. You may contact a credit repair company to assist you with this if the change is a significant one, or if you expect resistance to the request. After March 2014, if your Credit Provider disagrees with your request to correct your credit information, you can have your dispute noted on your credit file and this would be worthwhile requesting if you believe your listing shouldn’t be there.

4. Take precautions when applying for credit.

You may not realise, but the volume of credit you apply for and the type of credit you apply for can hinder any future credit application you may make. Whilst it is a great idea to research credit before applying – you should only ever make a credit application you have full intention of pursuing. Too many credit applications will mean you are refused credit. And from March 2014 this will be clearly displayed on your credit report. Likewise, if you apply for too many ‘high interest’ or ‘bad credit’ loans – you could be penalised with a lender if you apply for a mortgage – especially with a credit ‘scoring’ method which may shave points off your score through this type of credit application.

5. Seek cautions credit limits.

You may have a credit limit of $10,000 – but only have used a quarter of that. This may not be to your advantage. If you’re not using it, don’t have it is the general adage. If you take out a credit card or other line of credit, it’s probably not wise to opt for a lofty limit. You could try to get it closer to what you intend to use. A Credit Provider will only see the credit limit and not the actual amount you have utilised on that limit. As with credit applications, any credit ‘score’ may be reduced by credit limits which are too high.

6. Make information security paramount.

Understand how lucrative your personal information can be in the wrong hands, and take steps to keep abreast of how it can be at risk from things like identity theft. Identity theft can lead to the stealing of credit through the fraudsters accessing your credit file. Victims can end up with defaults on their credit file and a ban on obtaining credit for 5 years. The Office of the Information Commissioner (OAIC)’s factsheet Ten Steps To Protect Your Personal Information gives you some guidance on how to do that. New laws will allow you to place a ban period on your credit information if you believe you may be at risk of identity theft, which can prevent fraudsters from accessing credit in your name – so if you do feel you may be at risk – acting quickly may save your credit file from misuse.

Image 1: Rawich/ www.FreeDigitalPhotos.net

Banner: Courtesy of OAIC

03/05/2013
Privacy Law reform – protecting your personal information and your credit file: Privacy Awareness Week 2013

Identity theft is an ever-growing threat to Australians and the commodity which is traded, sought after and misused for criminal or financial gain by fraudsters is your personal information. In amendments to the Privacy Act 1988 (Cth) which occurred late last year and which will be implemented in March 2014, there will be some improvements in Privacy Law to do with requirements on organisations to keep your personal information safe. As identity theft can also go so far as to impact on your credit file, there are also improvements suggested within the Draft Credit Reporting Code of Conduct, aimed at protecting you and your credit file against identity theft. We look at these changes and the impact they may have on you.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au

Personal Information in the Australian Privacy Principles

We look at the differences in the areas of requirements by organisations in regards to personal information collection and security of personal information, as provided by the OAIC, which are set out in new Australian Privacy Principles, set to replace the current National Privacy Principles.

Security of Personal Information

APP 11 requires an organisation to take reasonable steps to protect the personal information it holds from interference, in addition to misuse and loss, and unauthorised access, modification and disclosure (as required by NPP 4.1).

APP 11.1 imposes the same obligation as [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][current] NPP 4 in relation to the protection of the personal information that an organisation holds. However, APP 11.1 now also requires organisations to protect personal information from interference.

APP 11.2 introduces new exceptions to the requirement that an organisation take reasonable steps to destroy or de-identify personal information, once it is no longer needed for any purpose for which it may be used or disclosed in accordance with the APPs: – if it is not contained in a Commonwealth record (APP 11.2(c))[6], and – if the organisation is not required by or under an Australian law, or a court/tribunal order, to retain the information (APP 11.2(d)).[7]

Sensitive information

Summary of [current] NPP 10 An organisation must not collect an individual’s sensitive information unless a listed exception applies (NPP 10.1). Sensitive information is defined in s 6.

NPP 10.2 and 10.3 set out specific exceptions regarding the collection of health information.

Relevant APPs

APP 3 – collection of solicited personal information

Key differences

APP 3 clarifies that an organisation must only collect sensitive information about an individual if the individual consents to the collection and the information is reasonably necessary for the organisation’s functions or activities, or an exception applies (APP 3.3).

The definition of sensitive information in s 6 has been extended to include: -biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.[14]

Sensitive information may also be collected about an individual: -if required or authorised by or under an Australian law or a court/tribunal order (APP 3.4(a))[15] when a permitted general situation or permitted health situation applies (APP 3.4(b)-(c), s 16A).

Permitted general situations include the collection of sensitive information where: -the entity reasonably believes that the collection is necessary to lessen or prevent a serious threat to the life, health or safety of any individual or to public health or safety, and it is unreasonable or impracticable to obtain the individual’s consent to the collection (APP 3.4(b), permitted general situation 1 (s 16A item 1)).

This exception reflects the wording of NPP 10.1(c), but removes the requirement that the threat must be imminent. This exception also replaces the specific circumstances set out in NPP 10.1(c) in which an individual may be unable to consent, with the more general ‘unreasonable or impracticable’.

-the entity has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity’s functions or activities has been, is being or may be engaged in, and the entity reasonably believes that the collection is necessary for the entity to take appropriate action in relation to the matter (APP 3.4(b), permitted general situation 2 (s 16A item 2)).

This is a new exception in relation to the collection of sensitive information.

the entity reasonably believes that the collection is reasonably necessary to assist any APP entity, body or person to locate a person who has been reported as missing (APP 3.4(b), permitted general situation 3 (s 16A item 3)).

This is a new provision in relation to the collection of sensitive information.

The permitted health situations replicate the wording of NPP 10.2 and NPP 10.3, in relation to the collection of health information for the provision of a health service and for research.

APP 3.4(e) relates to non-profit organisations and replaces NPP 10.1(d). APP 3.4(e) permits the collection of an individual’s sensitive information by non-profit organisations where the information:

relates to the activities of the organisation, and relates solely to the members of the organisation, or to individuals who have regular contact with the organisation in connection with its activities.

The definition of ‘non-profit organisation’ is now included in s 6.[16] It states that a ‘non-profit organisation’ means an organisation that is a non-profit organisation, and engages in activities for cultural, recreational, political, religious, philosophical, professional, trade or trade union purposes. This definition replaces the terms ‘racial’ and ‘ethnic’ in the NPP 10.5 definition with the term ‘cultural’. In addition, it also includes in the definition organisations with a ‘recreational’ purpose.

Identity theft and credit file protection

The proposed new Credit Reporting Code of Conduct – currently in draft stage, has some significant new protections for victims of fraud.

The draft code sets out the opportunity for individuals who believe they may be likely to be or have been a victim of fraud, to request a ban be placed on the use or disclosure of their credit reporting information without the individual’s consent. This is intended to combat identity theft which involves the stealing of credit through impersonating the victim and taking credit out in their name.

Where a Credit Reporting Bureau (CRB) receives a request from a Credit Provider (CP) for credit reporting information about an individual in relation to whose credit reporting information a ban period is in effect, the CRB must inform the CP of the ban period and its effect.

The Code also intends to give a CRB powers in these cases to seek information relevant to the individual’s fraud allegations from a CP who may have also been affected by the alleged fraud in order to both determine whether the individual has been a victim of fraud, and to decide the length of the ban period.

Enhanced powers for the Privacy Commissioner

Whilst we are yet to have mandatory data breach notification laws, which would require individuals to be notified by an entity which holds their information of a data breach (currently it is just encouraged that this occurs), there are some areas where the Privacy Commissioner’s powers will be strengthened.

The Privacy Commissioner will have enhanced powers, in the areas of:

• Ability to accept enforceable undertakings

• Ability to seek civil penalties in the case of serious or repeated breaches of privacy

• Ability to conduct assessments of privacy performance for both Australian government agencies and businesses.

On 28 December 2012, section 4AA of the Crimes Act 1914 was amended to increase the amount of a penalty unit from $110 to $170.

This means that, under the reforms to the Privacy Act due to commence on 12 March 2014, the maximum penalty amount for a serious or repeated interference with the privacy of an individual will be $340,000 for individuals and $1.7 million for entities.

Identity theft test.

As part of Privacy Awareness Week, you can take an online identity theft test, via the OAIC website to see how vulnerable you may be to identity theft. It examines 11 ways you could become a victim of identity theft and offers advice on ways to reduce your risk.

Image: Salvatore Vuono/ www.FreeDigitalPhotos.net[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

02/05/2013