Wednesday 26 October 2011

How to avoid identity fraud

Research published to coincide with the launch of National Identity Fraud Prevention Week (NIFPW) found that while 95% of the public are aware of the threat posed by ID theft, cases continue to rise because people are still being careless with their personal information.

Identity theft
Around 7% of the UK population – over four million people – have fallen victim to identity fraud to date, losing between £1,190 and £9,000 each. Over 80,000 cases of ID theft were reported in the UK in the first nine months of this year alone, according to a study commissioned for the launch of the 2011 NIFPW campaign.
If your identity is stolen by a fraudster, it can take months to get your credit report back in order and deal with the repercussions of the crime. Although any monetary loss will usually be repaid to you, damage to your credit score as a result of ID theft can result in credit rejections, and could even bring debt collectors to your door.
Although there is little you can do about criminals accessing your personal information from the servers of large companies as happened in a number of cases earlier this year, the most high-profile of which being the Sony PlayStation debacle, there are a number of steps you can take to protect your identity from fraudsters both off and online.
Speaking at the launch of this year’s NIFPW campaign, Andrea Davis, a spokesperson from campaign partner Fellowes, said, “No-one can afford to be complacent about ID fraud, everyone is at risk, whether young or old. It is important to ensure that you are not delivering your information straight into the hands of fraudsters.
“The risk is very real – both off and online – and we should all be taking steps to protect our identities. It is worrying that one in four people may be literally throwing their identities away and a huge number of people are sharing sensitive information on line.”

So what can you do to protect your identity?

1. Buy a shredder or burn your mail

One of most popular and low-tech ways for fraudsters to get hold of your personal information is by going through your rubbish. Throwing out letters and bank statements that contain sensitive information can provide criminals with all they need to apply for financial products, identification documents and state benefits in your name. Fraudsters can even use the information they find to take control of your accounts and have your correspondence redirected.

2. Verify the identity of anybody asking for your personal information

If you receive an unsolicited phone call from a bank or utilities firm asking you to confirm personal details, call the company back on an officially-published phone number. You should also never give out personal information to cold callers on the doorstep. Again, contact the business any caller claims to represent on a published number.

3. Inform companies when you move

Receiving your unopened mail will feel like Christmas for a fraudster who’s moved into your old home. Ask Royal Mail to forward any post for at least six months after you move to make sure you don’t miss anything.

4. Protect and alternate your PINs and passwords

Avoid using birthdates and relatives’ names and never write anything down. Try to use different passwords for different accounts and change them regularly.

5. Make sure your anti-virus software is up-to-date and your firewall is turned on

Keep viruses at bay by keeping your anti-virus software up to date and turning on your firewall whenever you use the internet. This will protect your computer from malware that logs your personal information and sends it back to fraudsters.

6. Be wary of phishing scams

Look out for emails that purport to be from companies asking you to click-through to update your details or rectify a problem with your account. If you’re unsure about the authenticity of an email, don’t open it and contact the company it claims to be from.

7. Don’t post detailed personal information on social media profiles

Always make sure your privacy settings are set to protect your personal details and avoid adding information like your date of birth and address. These could be used to apply for credit in your name.

8. Keep an eye on your bank statements

Be vigilant for any transactions you don’t recognise. Contact your bank or credit card provider to query a transaction if it looks unfamiliar. You should also contact your bank or credit card provider if your statements fail to arrive. They may have been redirected by a fraudster.

9. Check your credit file regularly

Contact the three major credit bureaus (Callcredit, Equifax and Experian) to request a copy of your report at least twice a year. Look for any financial products or accounts you have not applied for. If there are any entries you don’t recognise, contact the credit agency concerned immediately.

10.  Avoid carrying letters or other documentation with your bank cards

If these are stolen, a fraudster will have all that’s needed to apply for credit or identity documents in your name. You should also make sure your smartphone, tablet computer, and laptop are password-protected in the event of loss or theft.
If you think you’ve been the victim of identity theft, the Association of Chief Police Officers and the Home Office recommend that you contact all of your creditors (banks, credit and store card providers, and phone and utility companies…) to ask them to monitor your accounts, even if they have not been affected by the fraud. You should then contact your local police station and the credit bureaus.
You can ask CIFAS, the national fraud prevention organisation, to place a “Protective registration” on your credit file if you suspect your identity has been stolen. This will alert all lenders to carry out further checks if they receive an application for a financial product in your name.

Tuesday 25 October 2011

Credit Suisse in £6m advice fine

The UK Credit Suisse has been fined £5.95m due to failings over advice to customers when selling complex financial products.

The City watchdog said not enough care was taken over clients' attitude to risk in January 2007 to December 2009.

The bank said it deeply regretted the faults, which had now been corrected.

Risk test

Scarps are supposed to produce an income which is mainly dependant on the performance of the FTSE 100, and other share indexes, as well as baskets of shares. However, they expose investors to the risk that they could lose all or part of the sum invested.

Credit Suisse customers invested more than £1bn in these products over the three years in question, but there were losses estimated at £192m during this period.

The bank, which operates a private bank for wealthy investors, advised 623 customers to invest in Scarps over the period.

The FSA said that not enough attention was paid by the bank to assessing customers' attitudes to risk. It said the fine was reduced from £8.5m owing to a settlement at an early stage in its investigations.

"We have seen all too frequently the consequences of financial services firms failing to implement proper systems and controls to ensure their customers invest in suitable products," said Tracey McDermott, acting director of enforcement and financial crime at the FSA.

"A proper assessment of customers' individual needs and circumstances is even more critical where firms are selling complex products like Scarps."

Issues at Credit Suisse included:

Failing to properly assess customers' attitudes to risk

Not taking reasonable care to check whether Scarps were suitable for individual investors

Failing to monitor staff to ensure they took reasonable care when giving advice

In a statement, Credit Suisse said it "deeply regretted" the failings of systems and controls.

"We have made significant improvements to our processes and controls since 2009 and we are confident that we currently comply with our regulatory obligations," it said.

"We fully co-operated with the FSA and are pleased to put this matter behind us."

Credit Suisse was fined £5.6m in 2008 for failing to conduct business with due skill, care and diligence.

Source BBC

Friday 21 October 2011

Sister Blogs

Hello All and happy Friday.

I have created two sister sites
http://fightbankfraud.blogspot.com/ to promote awareness of fighting and preventing bank fraud
http://fightcardfraud.blogspot.com/ to promote awareness of fighting and preventing card fraud

I hope you will find the blogs useful and feel free to send me questions or suggestions.

Kind Regards,
Tero Pollanen

Identity theft accounts for nearly half of all bank account frauds


There were 153,100 cases of bank-account fraud in the first eight months of 2011 – and 47% of them were due to identity fraud.

Bank-account fraud is up by 1.5 per cent on the same period last year, according to figures from CIFAS , the UK’s fraud prevention service. And the breakdown for January to August shows that ID fraud is still criminals’ favoured method: Identity Fraud: 72,204 cases. Includes cases of false identity and identity theft.

Misuse of Facility: 36,327 cases. Where an account, policy or other facility is used fraudulently – such as paying in false or altered cheques.

Application Fraud: 30,240 cases. This relates to applications with material falsehood (lies) or false supporting documentation – but where the name used is the fraudster’s own.

Facility Takeover Fraud: 14,393 cases. This occurs where a person unlawfully obtains access to an existing account holder’s or policy holder’s details, and fraudulently operates the account or policy for his own (or someone else’s) benefit.

Thursday 20 October 2011

Online UK banking fraud on the down turn

January to June 2011, £16.9m was lost in online banking fraud for UK-issued cards, down from £24.9m in the same period last year, the payments industry trade body said in a statement on Wednesday (PDF). These figures compare favourably to £39m lost between January and June 2009.

Increased computer security awareness from customers, plus banks' use of fraud detection software, have led to this fall, said the UK Cards Association (UKCA). Many banks use behavioural anomaly software that charts suspicious activity on a card.

While losses have fallen, the number of phishing websites targeting UK users has sharply increased. From January to June 2007, UKCA logged 7,224 such websites. Phishing websites frequently get taken down, yet in the same period in 2011 the number had increased to 37,198.

Low-tech card crime such as cheque fraud has grown. Nevertheless, in general, losses from high-tech fraud have been falling, said UKCA. In the half year from the beginning of 2011, internet, phone and card-not present fraud was £109.2m, down year-on-year from £118.2m. In 2008, from January to June, loss from this type of fraud was £163.9m.

The number of cases of card fraud has also been falling since 2008, according to the latest UKCA figures. While no half yearly incident figures were available for 2011, a UKCA spokesman told ZDNet UK on Thursday, yearly figures are falling. In 2010, there were 0.96 million card fraud incidents, compared with 1.13 million cases in 2009 and 1.4 million in 2008.

Wednesday 19 October 2011

Citigroup settles charges of misleading investors (fraud)


Citigroup is paying $285m (£180m) to settle civil fraud charges from the SEC.

Credit Suisse was also involved in the the transaction and has paid $2.5m to settle the case, also without admitting or denying the charges.

The SEC said that Citigroup built a collateralised debt obligation, or CDO, made up of about $1bn of home loans in 2007.

The CDO defaulted within months, leaving the approximately 15 investors facing losses while Citigroup made $160m in fees and trading profits.

Russian hacker sells home and cars to pay RBS


A Russian hacker who breached the security of' WorldPay services and stole $9m (£6m) has had his property sold to compensate the bank.

Kaspersky Labs security expert Alex Gostev said that the actual hacking was not the most complicated task the criminals had to deal with.

"The most interesting part was the final stage of the attack - the organisation of mass withdrawals all over the world," he said.

"They had to find more than 150 people in [numerous] cities, give each one of them the instructions and the fake cards, organise synchronised withdrawal - all of this shows that it was a group of highly skilled professionals".

Once arrested, Mr Pleshchuk pleaded guilty.

Was time to make a Blog


Hello,

My name is Tero Pollanen and I am an online Anti Fraud and Financial Crime expert.
I have worked in the cybercrime and fraud space for over 6 years and have also spoken at events such as the RSA eFraud Network and eBay events.

I will be using this blog to comment about trends in the industry and also to talk about possible solutions for how organisations or people can protect themselves against cybercrime and Fraud.

Stay tunned for interesting articles

Tero Pollanen

Some articles about me