The holidays are just around the corner. It is that time of year when gift buying is in vogue and that means one has to be cognizant of potential identity theft problems.

Having your identity stolen is just brutal. The theft happens electronically most of the time, which means there is a lag time till you realize what is going on. Sooner or later, however, you’ll get a call or some letter that is simply baffling. In it, you’ll see that you supposedly owe some huge debt and are delinquent in making payment. At that point, you begin a Battan death march through red tape land as you try to save your credit and good name.

The best way to deal with identity theft is to simply avoid it. This means taking some basic steps. Most of us have been trained to buy things with plastic. If you can, go with cash instead. Most of us can’t, so at least try to use only credit cards. Debit cards have much less protection, so avoid using them with retailers and online like the plague. You are just asking for problems.

The next step is to pay attention to your credit card bills. If you do not recognize a charge, call the creditor and find out what it is. If it is something fishy, immediately call your credit card company and tell them as much. They’ll put a stop on the charges and often issue you a new card. You’ll also want to check your credit report to watch for any unauthorized charges.

Receipts can be a real issue during the holidays. Receipts can be gold mines for identity thieves. Ideally, you should shred them. That is pretty difficult during the holidays, however. What if one of the people you give a gift to wants to return it or get a different size? They are going to need receipts! Still, you can usually destroy them a few months down the line.

You could still become a victim of identity theft even if you follow these guidelines. How so? The theft in these cases often happens at the retailer level such as when TJ Maxx and other businesses under the TJX brand suffered a massive hack into their financial system. In such cases, there isn’t really much you can do, so just keep an eye on those credit card statements.

Originally posted by Thomas Ajava at Ezinearticles.com.

A clotheshorse racked up thousands of dollars in mystery charges on a friend’s credit card. Phantoms emptied your uncle’s bank account. Someone took out a car loan in your colleague’s name and stuck her with the bill.

Identity fraud has been on the rise, as criminal cunning may be mixing with desperation during the downturn. Schemes seem to multiply daily, as scammers often half a world away dream up new ways to steal data to enrich themselves. According to Javelin Strategy and Research, 9.9 million Americans were victims of identity theft in 2008, up from 8.1 million in 2007.

With all kinds of private information residing in all kinds of places, vigilance can be difficult. Using caution when surfing the Internet and keeping antivirus software up to date are vital steps, experts say, but they are not enough. And most tools for fighting identity fraud — credit-monitoring services, fraud alerts and credit freezes — are reactive, not proactive, and they primarily address abuse of financial accounts, not other types of identity fraud.

But a new breed of products is tackling the trickier matter of preventing identity theft. New approaches include scouring the Internet in search of signs that criminals have your information, so you can move to block them. Others focus on keeping your data away from criminals in the first place, locking it down while you bank, shop or do other personal tasks online. Here are some ways to keep your information yours.

ASSESSING RISK The Internet is awash in personal data, which means yours may never be found. Several services look for signs of sticky fingers, to know when data reaches the hands of criminals so people can act quickly.

Perhaps the most interesting new arrival in this space is StolenIDsearch.com, which uses a database created by Colin Holder, a 30-year veteran of Scotland Yard, that contains stolen records gathered from longtime, trusted informants.

The database holds about 138 million records tied to an estimated 54 million people, about 98 percent of whom live in the United States, and searching it is free. “It shows you who the bad guys are looking for: the rich Americans,” said Scott Mitic, TrustedID’s chief.

If any personal information — e-mail address and password, credit card number, Social Security number, bank account login details — is there, the site will describe, generically, what it has. It costs $15 to see the records, which Mr. Holder says covers administrative costs and helps ensure that only people entitled to the information receive it. (He also provides the data to banks and law enforcement agencies.)

SIDESTEPPING MALWARE Other products focus on outmaneuvering malicious programs that infiltrate PCs. Such malware has mushroomed recently, and antivirus companies have struggled to catch every new attack. SafeCentral ($40 for up to three computers; Windows only), a product from the security software company Authentium, protects users even if there’s malware on the computer. It includes a stripped-down and secure browser to use when banking, trading stocks, viewing health information or shopping online.

When a user visits such a site, SafeCentral asks if the user wants to proceed securely. If the answer is yes, a background resembling armor plating appears. In this safe room of sorts, certain Windows features regularly abused by attackers have been disabled.

Computer programming interfaces known as A.P.I.’s, which game makers can use to turn keyboards into controllers, for example, are turned off because “keylogger” programs use them to capture information. SafeCentral also turns screenshots of Web pages blank to defeat these programs. Also off are A.P.I.’s that programmers use for browser plug-ins. This stops malicious plug-ins that monitor encrypted Web sessions — the ones where the URL changes from “http” to “https” — in case credit card numbers are transmitted.

And because so-called phishing scams use fake Web sites to collect username and password information, SafeCentral takes an extra step to verify the authenticity of the sites it visits.

GIVE OUT NOTHING Another alternative is to avoid sharing information online in the first place. Kemesa, a software company, has created a shopping-safety product called Shop Shield that starts with a familiar browser-based tool for managing passwords and auto-filling Web forms — which helps defend against keyloggers (which can record every keystroke made on a keyboard). In addition, Shop Shield users can give online merchants anonymous personal data, like single-use credit card numbers and specialized e-mail addresses.

Of course, you have to trust Kemesa with your personal information. “They become a target. They’re very tempting now,” Mr. Vamosi of Javelin said.

Kemesa says it has created a “digital fortress.” To start, the product (which uses an add-on for the Internet Explorer and Firefox browsers and a Web site), puts an encrypted token on the computer, which makes it extremely difficult for a remote attacker to gain access to personal records. This also means the user must authorize each computer to run the program.

At Kemesa, customer information is not just encrypted, it’s broken up into tiny pieces that are then stored in different databases on different networks, making reassembly by an attacker grueling. It also monitors for intrusions, regularly tests its defenses, keeps its physical location in lockdown and otherwise sticks to Defense Department security standards.

Shop Shield offers three pricing plans: a scaled-back service that’s free if payments to merchants are tied to a checking account; one that charges $2 each time you use a credit card and small fees for other features; and an unlimited, full-service plan for $10 a month or $99 a year. Kemesa also profits from interchange fees that credit card companies collect on purchases.

Shop Shield is “a phenomenal concept,” said Jay Foley, co-founder of the Identity Theft Resource Center, a nonprofit consumer advocacy group. He brought up the case of theft involving a DSW Shoe Warehouse database in 2005, in which hackers obtained 1.4 million credit card numbers and the names on those accounts. “Imagine if with DSW, all the data that they had was from Shop Shield: one-time-use credit card numbers, no home addresses, no phone numbers.”

The chief executive of Kemesa, Steve Bachenheimer, would agree. “Thieves can’t steal what isn’t there,” he said.

Source: The New York Times – Riva Richmond