Security breach at Epsilon and tips to avoid identity theft.

Print Friendly

identitytheft2Unless you have been camping out in the boonies for the past few days, you have probably heard that there was a security breach at Epsilon, a major supplier of marketing services and database information to huge corporate clients.  Let’s call it like it is.  This security breach was a hack attack and the bad guys got away with a hoard of email addresses, although Epsilon has not come out and told us how many.

According to Epsilon, the affected clients are approximately 2 percent of their total client base.  That doesn’t sound bad, until you realize that those clients include JPMorgan Chase, US Bank, TiVo, Capital One Financial, Kroger, Walgreens, Disney, Best Buy, and and more.  Yuk.

The first indication I had that something was amiss was an email I received on Saturday from US Bank.  I thought it was a fake – you know, a phishing scheme.  Being the smarty pants that I am, I deleted the email right away and jumped over to the US Bank website where I learned that this indeed was a real security breach and not a scam.

That got me thinking, however.  What if it had been a fake?  And what if some unsuspecting computer user clicked on one of the links in the email, signed on the the site,identitytheft1 and gave away the store so to speak?  Now don’t say that does not happen because I know it does and it happens quite innocently just like drive-by malware attacks happen.  (Poor Survival Husband had a drive-by attack last week and you-know-who had to fix it.)

So today I am offering some helpful tips to aid against identity theft and fraud both on the internet and in daily life.

1.  Be extremely cautious when providing personal information such as your Social Security number and account or credit card information over the telephone, in person or on the Internet. Do not give out personal information over the phone, on the Internet, or through the mail unless you have initiated the contact or know exactly who you are dealing with.

For example, if some one calls you and asks for verification information, get their name and phone number and check them out. Do not simply call them back since for all you know, they could be sitting in a sweatshop somewhere waiting for your callback.

2.  Shred all financial information before throwing it away: this includes charge receipts, credit applications and other statements. Also shred any pre-approved credit offers to which you do not respond.  Thieves are known to go dumpster diving and can use these offers to assume your identity.

3.  Go paperless if you can and scan copies of account statements and receipts in a PDF on your hard drive that is secured by a strong password that includes a combination of upper and lowercase letters, some numbers, and a special character or two.

4.   If you can not go paperless (although I can not image why since scanners are so cheap these days), store cancelled checks, blank  checks and account statements in a safe place.

5.  Keep mail secure. Consider installing a U.S. Postal service approved secure mailbox or better yet, get a PO box.   Don’t mail bills or sensitive information from your home or unsecured mailboxes.  Deposit outgoing mail in postal collection boxes or at the post office. If you can’t pick up your mail, contact the post office and have your mail held until you can pick it up. Remember, the crooks can and will use the personal information contained in your mail to steal your identity.

6.  Protect your Social Security number and ATM pin numbers by not carrying them in your wallet.  Memorize them.  And come on guys, this is just plain common sense!

7.  Report lost or stolen checks, credit or debit cards immediately. Keep a list of all those numbers shown on the back of your credit cards someplace safe so that if you lose your wallet or it is stolen, you have a list ready to go.

8.  Do not click on links in email from unknown senders – if it is spam, it is a scam. Also, identity thieves use all types of phishing techniques.  They pretend to be an authoritative organization, such as your credit card or Ebay or Facebook, asking you to verify your information. Never use these scam links; instead, log directly into the company’s website, and chances are you will see that the email was a scam.

9.  Never put identifying information on discussion forums or websites such as MySpace or Facebook.

10.  Install a good anti-spyware program and anti-virus scan on your computer.  Microsoft Security Essentials is free but I also get added protection from Malwarebytes (also free).

11.  Do not use obvious passwords or PINs.  These include your birth date, mother’s maiden name or consecutive numbers.  Try using phrases that mix letters and numbers, like “BackdoorSurvivalisagr8blog” rather than words you would find in the dictionary.

And store your passwords under lock and key so a thief won’t find them if searching your house.  Better yet, use a password manager to encrypt and store your passwords.  I have used RoboForm for years.  The latest version, called RoboForm Everywhere, automatically syncs your passwords as well as “safe notes” and bookmarks across all of your devices.  So cool.

12.  Make sure Internet sites you use are secure and have a privacy policy. Secure Internet sites start with “https” and should have a padlock icon (which shows up in different locations depending upon your browser).

13.  Review your credit report at least once every year. Make sure all information is up-to-date and accurate. Order a free copy of your credit report from  Make sure it includes only those activities that you’ve authorized.

14.  Review your monthly account statements thoroughly. Investigate suspicious items immediately to head off any possible fraud before it occurs. If your bills do not arrive on time, contact your creditors. Missing bills could be a sign of mail theft.  Better yet, sign on for paperless online statements and eliminate the possibility of mail theft entirely.

15.  Never respond to unsolicited prizes such as lottery announcements. Crooks use these methods to lure unsuspecting members into cashing checks through their personal account in order to pay the “advanced fee” on a lottery they want you to believe you have won. They may also ask for your personal account information directly. Remember, these are scams and if it is too good to be true, it probably is.

16.  Be careful at the gym, the spa, or even while hiking the great outdoors. Bad guys will use these opportunities to break into your vehicle or locker in order to “skim” or duplicate your debit or credit cards.  This information is then transferred to a counterfeit card and used to make withdrawals from your accounts.  Lock up your valuables safely or better yet, leave them at home.

17.  If you are at a location where you need to lock up your valuables, use a lock and key rather than a combination lock.  It is more difficult for a criminal to break into your locker if you use a lock and key.

18.  A lot of people will disagree with me, but I never ever answer the phone if the caller ID says “restricted” or “unknown”.  I automatically assume that the caller is hiding something.  If the call is legit, the other party will leave a voicemail.  90% of the time they don’t.  What does that tell you?

19.  Clean out credit and debit cards: Cancel all old credit cards that you do not use because open credit is a prime target for identity theft. When you are going to receive a new card in the mail, be aware of when it should arrive. Call to check on the card if you have not received it by a certain date.

20.  Be wary at ATMs.  The crooks sometimes install skimmers that look quite real and legitimate in front of the little slot that swallows your ATM card.  The same thing applies to the self-serve pay station at gas stations.  Have you wits about you when using these devices.

21.  Check with your homeowners policy to see if they offer identity theft coverage.  An ounce of prevention goes a long way but if you are caught in the identity theft web,  having some help will be priceless especially when you think of the countless hours that you will need to spend attempting to recover your stolen identity. Identity theft coverage will save you time, money, and substantial frustration if you do get targeted.  For about $20 a year, adding this coverage to your homeowners policy will give you the resources to hire an attorney or other expert to assist you in reclaiming your life.

I started out thinking I would offer up a quick and dirty list of tips to prevent identity theft and online fraud.  What we have, however, is more that just quick and dirty.  This is a list of practical rules to live by.  Much as we hate to admit it, the bad guys are out there.  Best to be prepared.

Finally, please do your not-so-savvy friends and relatives a favor and pass this information on.

Enjoy your next adventure, wherever it takes you!




Security breach at Epsilon and tips to avoid identity theft. — 1 Comment

  1. It is quite alarming that even big companies get affected by an identity theft scam. If their data can be breached by identity thieves, what more does it do to small time businesses or household computers. In that case, it would be best to know ways to protect our personal accounts against the threat of being an identity theft victim.

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail. You can also subscribe without commenting.