Posts

10 Times NOT To Use Your Debit Cards this Holiday Season!

do not use debit cardAs you head into the holiday season, one of the best steps you can take to protect your bank account is to eliminate the use of your debit card. While delivering a keynote speech in Washington DC last week, someone asked me if I could name ten times when you should NOT use a debit card.  I replied, “It’s a trick question because the answer is NEVER!” I seriously do feel that way, but I know there are people who either need to or prefer to use a debit card rather than a credit card or cash, so I want you to be informed about how to use it wisely.

First, make sure you understand the difference between a credit and debit card.  While they appear identical and can often be used interchangeably, remember that a debit card is a direct line to your bank account.  If a thief gets ahold of your debit card information, they essentially have access to your account.  One of the biggest differences comes to light when fraud occurs.  Credit card users can simply decline the charges and not pay the bill.  Debit card fraud comes straight out of your bank account and is much harder to fight or reclaim the money that as been debited. In the meantime, while you prove it was fraud, you’re out the cash.

Here is a Top Ten List of times to choose credit over debit.

10. Booking future travel

If you book your travel with a debit card, they debit your account immediately,. So if you’re buying travel or making a reservation that you won’t use for several months, you’ll be out the money immediately.  Also consider that many large hotels have suffered data breaches.

9. Hotels

Many hotels follow the practice of using your debit card to place a hold on your money (sometimes hundreds of dollars) to make sure you don’t run up a long distance bill, empty the mini bar or trash the room. The practice is almost unnoticeable if you’re using credit, but can be problematic if you’re using a debit card and have just enough in the account to cover what you need.  Be sure to ask about their “holding” policy if you are using a debit card.

8. Expensive purchases

This one is simple.  If something goes wrong with the merchandise or the purchase, a credit card offers rights to dispute and stop payments much easier than a debit card. You have a much shorter window for reporting and resolving an issue and may even be responsible for all charges if you wait too long.

7. Rental or security deposits.

Say you want to rent a car or borrow a Bobcat from your local home improvement store.  Remember that when you use a debit card to put down a deposit, that money is temporarily unavailable to you.  Of course, you’ll get the money back when you return the car or equipment, so this is no big deal if you have the money to spare until that time. But with a credit card, the money is just “frozen” and not actually charged so you won’t ever notice it’s gone.

6. Regular/recurring payments

You’ve heard about someone who quit a gym or discontinued a magazine subscription only to find that they kept getting billed. If you used a debit card for those payments, they’ll just keep coming right out of your bank account.  (Using a credit card is also a good way to ensure you don’t forget to make that monthly debit in your check register!)

5. Wi-Fi hot spots

Never use your debit card for an online purchase while at a coffee shop or other business that offers free wi-fi access.  Many of those businesses have unsecured wireless connections, so it’s much easier for hackers and scammers to log on and steal your data.

4. Restaurants

Anytime the card leaves your sight, you should NOT use your debit card. The waiter coming to your table has alone time with your card, giving them the opportunity to copy your card information.

This also applies to ordering food for delivery.  Restaurants that deliver tend to keep customer payment information on file in order to make future orders more convenient.

Another problem with using a debit card at restaurants is that some establishments will approve the card for more than your purchase amount because, presumably, you intend to leave a tip. So the amount of money frozen for the transaction could be quite a bit more than the amount of your tab. And it could be a few days before you get the cash back in your account.

3. Outdoor ATMs

Outdoor ATM machines provide the perfect opportunity for thieves to skim users’ debit cards.  Skimming is the practice of capturing a bank customer’s card information by running it through a machine that reads the card’s magnetic strip. Criminals place these machines over the real card slots at ATMs and other card terminals.  If the public has access to it, so do data criminals.  Use the ATM just inside the bank where it is under constant surveillance. And no matter what, look for devices or cameras on the ATM machine that aren’t normally there.

2. Gas stations

Every gas pump asks, “Credit or Debit?” these days.  Don’t choose the debit option!  Go inside and pay cash if you choose not to use your credit card!  There are three reasons.  One, it’s fairly easy for a thief to insert a skimmer and then sit nearby with a laptop accessing your information.  Even if the thief doesn’t manage to get your debit card personal identification number, or PIN, from such a device, he still may be able to duplicate the card’s magnetic strip and use it for “sign and swipe” Visa or MasterCard transactions.

Thieves can also sit nearby using small cameras to capture footage of debit card users entering their PINs. Finally, similar to the hotel example above, your debit card may be used to place a hold for an amount larger than your actual purchase.   So, even though you only bought $10 in gas, you could have a temporary bank hold for $50 to $100, says Susan Tiffany, director of consumer periodicals for the Credit Union National Association.

1. Online

Using you debit card online is like asking for your bank account to be emptied. There is just way too much potential for hacking at many different points in a transaction.  It could occur due to malware on the computer, someone could be “eavesdropping” via a wireless network, or it could happen once in the hands of the merchant due to a data breach.  If you have a problem with the purchase or your debit card number is stolen, it’s a huge hassle to get the money restored to your account and make your card number safe and secure again.

Keep it simple and just always use a credit card. I realize that it is easier to spend more money when it’s not coming directly out of your account, but it’s better to resist the temptation to spend for the added security provided. 

John Sileo is an author and highly engaging keynote speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Welcome to the Surveillance Economy!

traffic camera3It seems I’ve spent a lot of time lately writing about the Surveillance Economy.  This may be a strange expression to some, so I’ll define it as the use and exploitation of our location information derived from traffic surveillance cameras, new technologies like Google Glass and cell phone GPS tracking, among others.  Recent topics we’ve covered include the NSA PRISM scandal, hacking Google Glass, Homeland Security’s seizures of electronic devices when crossing borders, and even drone use.  Some of those may seem to be out there in a world that doesn’t affect us directly, but here’s one that hits very close to home for anyone who owns a vehicle.

The American Civil Liberties Union released a report in July of 2013 entitled You Are Being Tracked that outlines the use of automatic license plate readers.  These devices, which can be mounted on police cars or on objects like road signs or overpasses, use small, high-speed cameras to photograph thousands of plates per minute.  They effectively collect and store information about not only vehicles of potential or known criminals, but everybody who drives a car!

The study shows that the number of license tag captures has reached the millions and that police departments can keep the records for several years or even indefinitely.  Unlike using GPS to track a car (for which a judge’s approval is needed according to a 2012 Supreme Court ruling), there are very few regulations in place governing license plate readers.  In fact, only five states have such laws.  Click here to see a map that lets you see how police in your state use license plate readers to track people’s movements.

Proponents assert that gathering such information aids in criminal investigations and is crucial sometimes in going back to solve a crime because the data can be used to place criminals at the scene.   It is also extremely efficient because officers can “maintain a normal patrol stance” while capturing up to 7,000 license plate images in a single eight-hour shift.  Harvey Eisenberg, assistant U.S. attorney in Maryland, said, “At a time of fiscal and budget constraints, we need better assistance for law enforcement.”

The program in Maryland read approximately 29 million plates in a five month period last year  and 1 in 500 of those were suspicious. Many of these were wanted for petty crimes such as having a suspended or revoked registration, or for violating the state’s emissions inspection program, but advocates stress the information could be used for aiding drug busts, finding abducted children and more.  It would even enable the IRS to verify tax deductible mileage claims against license plate scans.

The ACLU, however, argues that this “collect it all” approach that law enforcement seems to have has made it easier to create a “single, high-resolution image of our lives, whether we are guilty or not.  When you combine license surveillance with phone records, Google searches, drone images, street cameras, etc., is there really any way we can protect our privacy as innocent citizens?

The ACLU is calling for adoption of legislation and law enforcement policies that adheres to these principles:

  • License plate readers may be used by law enforcement agencies only to investigate hits and in other circumstances in which law enforcement agents reasonably believe that the plate data are relevant to an ongoing criminal investigation.
  • The government must not store data about innocent people for any lengthy period. Unless plate data has been flagged, retention periods should be measured in days or weeks, not months and certainly not years.
  • People should be able to find out if plate data of vehicles registered to them are contained in a law enforcement agency’s database.
  • Law enforcement agencies should not share license plate reader data with third parties that do not follow proper retention and access principles. They should also be transparent regarding with whom they share license plate reader data.
  • Any entity that uses license plate readers should be required to report its usage publicly on at least an annual basis.

History shows us that the mass collection of detailed citizen information (even if the purpose isn’t known at the time of the collection) generally ends up being used unethically by those in power. I was reminded of that recently when I visited the Dachau Concentration Camp. Those in power at the time surveillance begins aren’t necessarily those who will abuse it in the future. Consider yourself, as a voter, forewarned and forearmed. I’d let your Congressperson know your thoughts.

John Sileo is a keynote speaker and CEO of The Sileo Group, a privacy think tank that trains organizations to harness the power of their digital footprint. Sileo’s clients include the Pentagon, Visa, Homeland Security and businesses looking to protect the information that makes them profitable. 

How Do I Stop Obamacare Identity Theft? [Burning Questions Ep. 3]

Today marks the start of the Affordable Care Act (aka Obamacare). As with any new, massive, government-sponsored program, scammers and identity thieves will try to take advantage of the public’s confusion and unfamiliarity with the new Health Exchanges (which we’re calling Obamacare Identity Theft).

Read more

Can Medical Identity Theft Really Kill You? [Burning Questions Ep. 2]

There has been a great deal in the news about medical identity theft leading to death. Is it possible? Yes. Is it likely? Less likely than dying of a heart attack because you eat too much bacon. But let’s explore the possibility of death by medical identity theft (below, in this article), and why the threat gets sensationalized (in the video).

Read more

Internet Privacy & Kids: Social Network Monitoring in Schools

librarians-watching computer useSocial network monitoring becomes big business. Fresh off the heels of learning that the NSA has been gleaning data about us using information found on social networking sites comes the news that a school district in California is paying a monitoring service to watch and report on what students are posting on sites like Twitter, Facebook and Instagram.

Glendale Unified School District is paying $40,000 over the next year to a company called Geo Listening to monitor its students’ social media activity.  This program was introduced after one of their students, 15-year-old Drew Ferraro, committed suicide by jumping from the roof of Crescenta Valley High School.  It started as a pilot project in three schools last year and is now being rolled out to all middle and high schools across the district.

Glendale is not the first school system to use monitoring services.  They are used fairly commonly at the college level.  Louisville and Kentucky use a social media monitoring system with their athletes that flags words for coaches that relate to drugs, sex or alcohol and they also have access to all of the athletes’ photos and videos.  (LSU, Florida, Texas A&M, Texas, Missouri, Ole Miss, South Carolina, Auburn, Baylor and New Mexico are among the other schools that use similar monitoring methods).

 

Mount Wachusett Community College was one of the first schools to monitor social media on a dedicated level and was recognized for being proactive by the National Council for Marketing and Public Relations.  Robin Duncan, vice president for marketing and communication at MWCC says simply, “If you don’t have someone paying attention to your new media … you’re being negligent.”

In Indiana, a high school senior, Austin Carroll, was expelled from Garrett High School and forced to enroll at an alternate school to get his diploma for a profanity-laden tweet that was flagged by his school’s social media monitoring system.  Many schools that don’t pay for a monitoring service still task their administrators with doing it.

So, while it’s nothing new for schools to monitor their students’ communications (I recall having a few notes intercepted and read by my teachers), it begs some questions:

  • Who should be in charge of monitoring our kids?
  • How much privacy should kids be allowed?
  • To what extent should schools be involved?

The answers are not straight-forward.  When daily reports of government surveillance cause a public outcry over privacy issues, we want to extend those same privileges to our kids.  Yet, there are cases like the Ohio school shooter, T.J. Lane, who killed three classmates and wounded others.  Lane had posted chilling comments on Facebook a few months before and tweeted the morning of the shooting that he was bringing a gun to school.  It was right there, publicly posted, yet no one knew to stop him.

It’s easy to blame the schools, to blame the district, to blame someone else, but as parents, WE should be the ones to monitor our kids’ posts…

  • WE need to remind them that all posts are permanent, public and exploitable – forever.
  • WE need to look for warning signs of violent intentions toward self or others, substance abuse, bullying…
  • WE need to get off our own Facebook pages and check in on our kids.
  • We need to have engaging, heart-to-heart conversations with our kids so that they feel we are the ones to reach out to when the dark days come.

The truth, however, is that some (okay-most) parents don’t do it.  As with countless other issues that we have come to expect our schools to teach (sex education, drug resistance, anti-bullying), keeping up with social media is something most parents aren’t comfortable with, don’t understand completely, or just don’t want to deal with. And that unwillingness has disastrous consequences for kids who are troubled, in trouble, or the victim of another troubled child.

Ralph Hicks, superintendent of Ashburnham-Westminster Regional School District in Massachusetts, explains that the legal doctrine “in loco parentis,” which is Latin for “in place of a parent” allows school officials to interfere in the lives of students only in issues involving the school.  More and more, that definition involves anything said about the school (or students and staff) whether the communication occurs on campus or not.

Parents (and students) who think that this monitoring is a violation of their kid’s privacy should remember that EVERYTHING BEING MONITORED IS ALREADY PUBLICSchools aren’t breaking into your child’s Facebook account, they are simply monitoring what everyone else on the Internet can see. And if it saves a life, thwarts a bully, or rescues a child in need, it’s worth it. 

John Sileo is a keynote speaker on Internet Privacy and CEO of  The Sileo Group, a think tank that trains organizations to harness the power of their digital footprint. Sileo’s clients include the Pentagon, Visa, Homeland Security and businesses looking to protect the information that makes them profitable.