New Jersey Bankruptcy Article
What it is and what you can do about it
by Steven R. Neuner, Esq.
According to a recent survey by the Center for Social and Legal Research, seven million persons were victims of identity theft in one recent year. The personal and financial cost is large, and growing. It amounts to millions of dollars in lost money and time with the average victim losing $800 and spending two years clearing his or her name and credit record.
Identity theft occurs when someone fraudulently uses your name, identifying data and credit to borrow money, buy merchandise or services in your name. If the perpetrator has obtained a new credit card or otherwise borrowed money in your name, odds are you won’t learn about it until the bad guys have run up a large balance under your name, because the criminal will have made sure that the statements go to another address than yours.
The key to this crime is your personal private information, especially your Social Security number, birthdate, existing credit card or bank account information, driver’s license numbers, mother’s maiden name, to cite the most common examples. See the FTC Website on Identity Theft.
Sometimes, this information comes from the identity thief stealing it from financial institutions, merchants, credit bureaus, or government. Just as often it comes because you, the victim, are careless or duped by elaborate schemes into letting your information go. Through a scheme called “phishing”, you receive a very official looking email warning you that your bank or other account has been compromised, or needs to be verified. You are asked to click on a link, supposedly to go to the supposed sender, to reply. In fact, that link does something quite different, and may result in you unknowingly downloading a malicious computer program (called a Trojan Horse) that tracks and sends out a record of what you are typing (called “keyboard logging”) or finds and sends out confidential information off your computer, without your knowledge. See Privacy Rights Clearinghouse website,http://www.ftc.gov/bcp/edu/microsites/idtheft
There are lots of ways this happens, and plenty you can do to reduce your chances of being a victim. In this article, we’ll highlight some of the most important ways to protect yourself, and point you to the resources available to you to help.
Steps to take to reduce your risk of being a victim
- Maintain physical security of your important information.
This seems obvious, but you should safeguard your driver’s license and other government ID at all times. Lock desks, cabinets, and safes containing such information in your office and home. Memorize your Social Security number and do not carry your Social Security number with you in your wallet, or keep a copy of it in your wallet or purse.
- Don’t give away information.
Never disclose your Social Security number, account number or credit card PIN numbers, birth date, driver’s license number or mother’s maiden name unless you initiated the transaction. On paper documents, don’t include such data unless required to do so on an official application for employment, financing, or insurance. (Ask employers, schools, and financial institutions to offer alternatives.).
No legitimate bank or lender will ever call you unbidden to ask for such information over the phone, or via email.
IF YOU DIDN’T MAKE THE CALL OR ONLINE PURCHASE, OR ISSUE THE EMAIL, DON’T GIVE OUT THE INFORMATION.
- See the FTC web site, http://onguardonline.gov. This very valuable site contains tips on ways to safeguard yourself when you are online. OnguardOnline is a partnership between the FTC, other federal agencies, and the technology industry. The site offers advice on identity theft, phishing, spyware, spam, online shopping, and other pertinent computer topics.
- Install firewalls, internet privacy and virus-detection software on your home computers to discourage hackers. If you use a wireless network at home, make sure it is secure and shut it off when not in use. Be especially careful when using wireless connections in public places or public computers. Avoid using either for financial transactions, and if you do, be sure to log off when done.
- Deal only with reputable Web sites. Check privacy and security policies of Web sites before making purchases, trading stocks, or banking online. A professional-looking Web site is no guarantee of security. Don’t respond to unsolicited e-mail requests for personal information.
- Use good passwords. Password-protect your bank and brokerage accounts. Create passwords at least eight characters long that use combinations of letters, punctuation and numbers. Hints: To make them hard to crack but easy to remember, develop an acronym from a phrase you will remember, substituting 1 for “a”, 2 for “to”, 4 for “for”etc. (eg. “to make them hard to crack!” becomes “2mth2c!”). Or intentionally misspell words, use capital and lower case letters in unusual ways.
Report any suspicious activity right away. Always look at your bank statements or credit card statements right away, and always question anything that does not look right. Keep your charge receipts until the credit card bill comes in. That way, if the charge is more than what you authorized, you can prove it.
In one recent instance, a woman’s car was broken into, but her wallet, with all the cash still in it, was left on the ground outside. Since nothing was stolen, she did not report the incident. However, the thieves has copied down her credit card numbers and other important information. Soon afterwards, they began a spending spree and she spent months trying to straighten things out.”
- Shred or destroy all unused credit cards, all credit card offers or “convenience checks”, and anything else with confidential information on it. A “pre-approved” credit card application form with your name on it could be just the ticket for a thief to steal your identity. Likewise, your credit card company may send you “balance transfer” or “cash advance” checks attached to your statement. Always shred these. The best choice is a “crosscut” shredder. For large volumes of paper, you should check your yellow pages for a commercial company. In some areas, local governments sponsor annual “free shredder” days as a public service. Before throwing out files containing Social Security numbers, account numbers, and birth dates, shred them with a cross-cut shredder. Destroy CDs or floppy disks containing sensitive data by shredding, cutting, or breaking them. Use hard-drive shredding software or remove and destroy your hard drive before discarding a computer. Just deleting files isn’t enough.
- Watch your credit. You are now entitled to one free credit report from each of the threee major credit reporting agencies. You can order this from all three on line at www.annualcreditreport.com. The three major credit reporting agencies are: Equifax, 800-997-2493, Disclosure Dept., P.O. Box 740241, Atlanta, GA 30374; TransUnion, 800-888-4213, P.O. Box 1000, Chester, PA 19022; and Experian, 888-397-3742, P.O. Box 2104, Allen, TX 75013.
- Report errors promptly and in writing.
- Protect your mail. Information can be stolen from your mail. Consider using a locked mailbox or slot, a postal mailbox, or mailing directly at the post office. Consider paying bills online as a way to avoid using the mail at all.
- Guard your cards. Try not to let waiters, sales clerks, or gas-station attendants disappear from view with your credit or debit card, to avoid “skimming.” Crooks can use a handheld card reader to copy the information from your card’s magnetic strip.
- Beware strange ATMs. Avoid using private or strange-looking automated teller machines, because they may be rigged to skim data off your card’s magnetic strip. Six- or seven-character PINs (personal identification numbers) are harder to crack than shorter ones, but you may not be able to use them at machines abroad. See above about good passwords.
- Watch out for “prying eyes” when using pay phones or public Internet access; use your free hand to shield the keypad from people trying to see your PIN or password as you enter it in. Don’t use cordless phones to conduct sensitive financial or medical business, because eavesdroppers on other phones and those using eavesdropping equipment may be able to overhear your conversations.
And if you are a victim
Although prevention is the best cure, if you are a victim, there is a lot you can and must do to protect yourself and undo the damage. See “Take Charge:Fighting Back against Identity Theft”, FTC Website, www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm and the New Jersey Identity Theft webpage, www.state.nj.us/identitytheft.
Among the things you should do is immediately file a police report, and contact all your credit card companies, banks etc. If your driver’s license was stolen or the number obtained illegally, report this to the state motor vehicle agency in question. For bank or credit accounts, ask for new PIN numbers, and replacement accounts with new numbers. If you do this by phone, take careful note of the date, time and person you spoke to. Ask for an incident number and ask for an address, fax number and email address where you can confirm your report. Then confirm each report. Be sure to put everything in writing and keep careful records of all letters or emails and any other dealings you have, especially those where the bank or lender agrees to credit your account.
Of course, you will want to immediately report the incidents to each of the credit reporting agents. See the websites listed above. In New Jersey, you should consider making a written request to each of the three credit reporting agencies for a “credit freeze” under the New Jersey Identity Theft Protection Act. See below.
Know your rights under the New Jersey Identity Theft Protection Act, effective January 1, 2006. N.J.S.A. 56:11-44 et seq. This Act:
- Requires that a local police department take a police report of identity theft and provide a copy of the report to the victim.
- Requires that on request of the person whose credit is affected, each of the consumer credit reporting agencies must place a “security freeze” on that person’s credit reporting account within five business days after the request. N.J.S.A. 56:11-46. The request must be in writing by certified mail or overnight mail (eg FedEx, Airborne, UPS etc), or by email if made through a secured email connection. This “security freeze” prevents anyone gaining access to your credit report unless you give written permission in advance. This is intended to stop any approval of credit, loans or other services without your knowledge and consent. It also prevents the credit reporting agency from changing your name, address, date of birth, or Social Security number on your reporting account without giving you at least 30 days written confirmation. N.J.S.A. 56:11-47. The security freeze remains in effect until you end it by a written request..
- Requires that anyone doing business in New Jersey, or any public agency promptly report any breaches of security involving a New Jersey resident’s Social Security number, driver’s license number, private bank account, loan account, or credit card account numbers. These reports need to be made to you, to the New Jersey State Police, and to each of the credit reporting agencies.
- With certain limited exceptions, bars anyone from intentionally making publicly available or displaying your Social Security number, or even any four or more consecutive numbers from it.
- Bars the printing of your Social Security number on any card required for you to access products or services.
DISCLAIMER. This article is intended for educational and informational purposes only, and does not create any attorney client relationship with the reader. Always consult competent legal counsel for individualized advice. Summaries of the law in this article are intended to be accurate, but necessarily do not contain all provisions, and how the law affects you may depend on the facts of your situation. Other rights, remedies or exceptions may apply to you. Reference to websites are provided for your convenience. The publishers of those websites are solely responsible for their content.
Copyright Steven R. Neuner, 2005.