Tag Archive for: Identity Theft Speaker

Online Privacy: 5 Good Habits

People will do something—including changing their behavior—only if it can be demonstrated that doing so is in their own best interests as defined by their own values.
—Marshall Goldsmith, What Got You Here Won’t Get You There

People don’t change bad habits until they have a compelling reason. Too often that compelling reason is the result of a habit’s negative outcome; but the promise of positive rewards resulting from the establishment of good habits can be a strong motivator. In the workplace, aligning responsible information stewardship with personal and professional gain can set the stage for good privacy habits.

Here are 5 steps you can take towards perfecting your own Privacy Habits:

  1. Tighten up online passwords. Use a password management software like 1Password, Dashlane, LastPass or Keeper to create, protect and share long, strong, alpha-numeric-symbol passwords.
  2. Use Two-Step Logins. Watch this video about two-factor authentication for one of the best tools to protect your online accounts.
  3. Secure your Facebook. Tighten up the privacy settings and make your profile only available to your friends. We do a lot of posts on Facebook Privacy Settings because they have a tendency to change frequently. Watch the site and subscribe to our newsletter to stay current on how to protect yourself and your profile on Facebook.
  4. Opt-Out. Take the time to call 1-888-567-8688 or visit www.OptOutPreScreen.com
    to stop financial junk mail from ending up at your house and inevitably – your trash. Those mailers give thieves an easy way to set up credit card accounts in your name without your consent. They spend money on the card and default on the balance, leaving you with the mess of proving that you didn’t make the purchases.
  5. Order your free credit report. By law, you are entitled to one free report from each agency once a year. The easiest way to get a report is to visit www.annualcreditreport.com or call 1-877-322-8228. Make sure that you request your free annual credit report from one credit agency only, as you can order the other two reports throughout the remainder of the year. By spreading the reports out over time, you will be monitoring your files consistently and frequently.


How to Opt Out of Financial Junk Mail | Sileo


Your private data is bought and sold by junk-mailers without your knowledge, but you can easily opt out by calling 1-888-567-8688 or visiting www.OptOutPreScreen.com.

Find out how to opt out of junk mail today.

There are complete industries built around collecting, massaging and selling your data – your name, phone number, address, spending patterns, net worth, the age of your children, the magazines you buy, etc. Companies buy bits of your privacy so that they can knowledgeably market products to you that you are likely to purchase.

To minimize the amount of your personal information bought and sold on the data market, begin “opting out”.  Opting out is the process of notifying organizations that collect your personal information to stop sharing it with other organizations. “Pre-approved” credit card offers (i.e., financial junk mail) are a major source of identity theft. Those mailers give thieves an easy way to set up credit card accounts in your name without your consent. They spend money on the card and default on the balance, leaving you with the mess of proving that you didn’t make the purchases. The solution is to opt out of receiving pre-approved credit, home loan and insurance offers.

Pre-approved credit offers (also called pre-screened or pre-qualified credit offers) are possible because credit reporting bureaus (Experian, Equifax and Trans Union – companies that collect and sell financial data on nearly every American) make a great deal of money selling your identity (i.e., name, address, phone number, age, credit score) to credit card, loan and insurance companies.  But it is your right to stop the sale of your information. To opt out of pre-approved credit offers with the three main credit reporting bureaus, call 1-888-567-8688 or visit www.OptOutPreScreen.com. There is no cost to you for opting out, and it will save a forest of trees.

Once you’ve completed this step, begin opting out of ALL information sharing on every account you have (bank, brokerage, mortgage, utilities, phone, etc.) as well as with the Direct Marketing Association.

While this takes time, learning how to opt out of junk mail can save you time and energy in the long run.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=A0fcQyqBtfQ&rel=0]

Identity Theft of H&R Block Customers | Sileo Group

The number of identity theft victims rose 22% last year! Although it’s important to always protect your identity, tax season makes people more vulnerable to this crime and you should be especially cautious.

H&R Block identity Theft

A recent article in the New York Times uncovers an H&R Block office in the Bronx that was infiltrated by identity thieves (apparently it was not the only office affected).

Last year, Kevin Johns, a construction worker in the Bronx, did his taxes at the H&R Block store on Riverdale Avenue that he had used for the past 20 years or so. The next day, though, he got a call from the tax preparer: his return was rejected because he had already filed. Or at least, someone had filed in his name. That someone helped himself or herself to a $8,499 refund.

Sharon Hawa, a disaster-relief coordinator with the Red Cross and another longtime customer at the same office, had a similar experience. Ms. Hawa said she went to have her taxes done, only to be told that someone had already e-filed her taxes and collected $6,145.

Both Ms. Hawa and Mr. Johns said they were told by police detectives investigating their cases that at least 20 customers of the branch and possibly many more had been robbed by identity thieves who were very likely H&R Block employees. Both said the fraudulent filers used their previous year’s adjusted gross incomes as proof of identity.

Top Tips for Tax Time Identity Theft Protection Safe Preparation

Your greatest risk of identity theft during tax season comes from your tax preparer. In this case it was because they are dishonest, but sometimes it is because they are careless with your sensitive documents. Just ask yourself how easy it would be for your tax preparer or anyone in their office to walk off with a few client folders containing mounds of profitable identity. Here are a few effective solutions:

Choose your preparer wisely

How well do you know the person and company preparing your taxes? Did they come personally recommended, or could they be earning cash on the side by selling your personal information. Do they have an established record and are they recommended by the Better Business Bureau? Don’t be afraid to ask for references.

Interview your preparer before you turn over sensitive information. Ask them exactly how they protect your privacy (do they have a strong privacy policy?). Are they meeting with you in a room full of client files, or do they take you to a neutral, data-free, conference room or office? Do they leave files out on their desk for the cleaning service to access at night, or do they lock your documents in a filing cabinet or behind a secure office door? Do they protect their computers with everything listed in the next section?

Asking professional tax preparers these questions sends them a message that you are watching. Identity thieves tend to stay away from people they know are actively monitoring for fraud. Remember, losing your identity inside of their accounting or bookkeeping business poses a tremendous legal liability to their livelihood. When it comes to the case with H&R Block it causes a huge loss of clients due to a damaged reputation.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=A0fcQyqBtfQ&rel=0]

Top 5 Reasons Corporations Educate Employees on Identity Theft

Why do corporations care (and spend money) to educate employees about protecting personal identity?

After all,  most businesses are profit-driven and only have time and resources to concentrate on initiatives that affect their bottom line. In effect, that is the answer to the question…

Businesses educate their employees and even their end customers on identity theft because it positively affects the corporation’s bottom line (by lowering the costs of data theft). Here’s how organizations benefit:

  1. Minimizing employee downtime. Serious individual cases of identity theft can take up to 600 hours in recovery time. Because banks and creditors are generally open when employees are at work, the employees are forced to recover on company time. Even if they only spend 40 hours during work recovering, this is a huge cost to the company. Roughly 10% of households will have to recover from identity theft at least once this year.
  2. Personal privacy leads to professional privacy. How can corporations expect employees to care about the sensitive information they handle every day (customer data, employee records, intellectual capital) if the employees don’t first respect their own private data? As employees discover how much their identity is worth, they are far more likely to protect the data they handle at work as if it were their own. After all, they begin to understand that next time it might be their identity that is stolen from a corporation.
  3. Corporate data breaches are expensive. Smart corporations understand that safe data is profitable data. Just ask TJX, a company that lost somewhere in the neighborhood of 94 million customer identities (far above what they initially reported) and could spend up to $1 billion recovering from the data breach. Not only are they being sued by customers, but by credit card companies and banks whose customer data has been compromised. Add to this the costs of providing a year’s worth of credit monitoring for every affected individual (a maximum of 94 million X $10 per month X 12 months), the damage it has done to their brand (almost everyone has seen this on the news), the hit taken by their stock and the thousands of hours spent in damage control, and you can see why investing in prevention is wildly inexpensive compared to recovering from a corporate data breach. And corporate prevention begins at the personal, employee level.
  4. Safe and happy employees are good employees. I have found that many corporations out there truly care about the quality of their employees’ lives. In addition, many of them hire me simply because they understand that safe and happy employees are more loyal to the corporation, speak well of the company, remain longer in the organization and drive more business. These companies consider their employees’ financial health to be as vital as their physical health, and it pays off over the long run. Identity theft poses the highest risk to their workers’ financial health.
  5. Educated customers cost less. I often speak to the end customers of corporations (e.g., the clients of a bank, the customers of a financial planner) who improve their security dramatically even when the just follow the basic recommendations in my ID Theft Tool Box. When a bank customer knows how to prevent identity theft, they are far less likely to become a victim and therefore less likely to lose money for which the bank is ultimately responsible. When someone steals your identity and drains your bank account, the bank generally covers the cost. If your identity is never stolen in the first place, neither your nor the bank has the expense.

If you feel that your organization would benefit from increased awareness about personal and workplace privacy, learn more about bringing in an Identity Theft and Social Networking Expert. You can also order you employees the Identity Theft Prevention and Recovery Workbook – All Privacy is Personal – Help them protect your company and your bottom line today!


John Sileo became one of America’s leading Social Networking Speakers & sought after Identity Theft Experts after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Protect Yourself Against Mail Fraud

The reality is that unsecured, curbside mailboxes are prime targets for people who are intent on committing the crime of identity theft. Although I would suggest to stop using the mail to send and receive identity documents, this is not always possible. Therefore, here are alternative suggestions:

Lock Box. Install a locking mailbox that can be accessed only by you. These generally have a mail slot that allows the postal service to put mail into the box. Many newer neighborhoods already have some form of locking mailboxes.
P.O. Box. If a locking mailbox is not possible, get a P.O. box at your local post office and have sensitive documents sent there. It is a little bit more work, but gives you much more privacy.
In Person. When mailing sensitive documents, walk them into the post office and hand them to a postal worker. If it is after hours, drop the mail through an internal slot in the building. If there is no internal mailing slot, mail it the following day. This cuts out the most vulnerable stages of mailing.
UPS/FedEx. Have identity documents sent by UPS or FedEx and make sure that you require a signature for delivery. This makes the information harder to steal and you can track its location at anytime, which will alert you if the document isn’t delivered in a timely manner or is diverted somewhere else.
Send Checks to the Bank. Have sensitive documents (like new checks or credit cards) sent to your bank rather than to your home address. Pick them up there.
Watch for Cards. When new credit cards are coming through the mail, watch for them and call the credit card company if they don’t arrive in 7 to 10 days.
Quick Retrieval. If you are unable to install a locking mailbox and don’t have access to P.O. boxes, retrieve any mail within an hour or two of delivery. This lowers the exposure time of your mail.

According to the Identity Fraud Survey Report by Javelin Strategy & Research, 8% of all known identity theft is committed by mail fraud and the misuse can last for up to 175 days. But mail fraud is very difficult to catch, which means that the numbers are probably significantly higher. Just by protecting your mail against Identity Theft you can reduce your chances of becoming a victim by at least 8%.

John Sileo became America’s leading Identity Theft Speaker & Expert after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC.  To learn more about having him speak at your next meeting or conference, contact him by [intlink id=”15″ type=”page” anchor=”Contact John Sileo”]email[/intlink] or on 800.258.8076.

Employee Background Checks

CSIdentity SAFE

Great employees are hard to find, but without the right employee background screening process, deceitful candidates are even harder to spot. Hiring dishonest employees puts your sensitive and confidential business information at risk and could cost you millions if stolen or damaged.

According to The Ponemon Institute, an independent research foundation, the average cost of data breach to a victim corporation is $6.75 million. In 2008, the lowest reported cost of data breach was $613,000, while the highest was just under $32 million. Given that the average cost per stolen record is $202, one missing laptop with 2,500 customer or employee records on it would come with a data breach recovery bill for a half a million dollars. And that doesn’t factor in loss of stock value, brand damage or customer defection that results from having your breach in the news.

Insider theft, where one of your employees facilitates the breach, is a common source of this crime. And your risk doesn’t go away when your employees do. Over 60% of  employees keep sensitive data after they have been terminated and nearly 80% of them stated that they knew it was against company policy. This includes everything from email lists and customer information to financial business information.

The incidents of insider theft can be easily reduced by applying proper employee background check techniques. My business is a great example of how effective background checks can be. I hired a business partner without performing even the simplest of verifications. That partner proceeded to use my identity to steal $300,000 from our customers. I would have seen his criminal tendencies had I just invested a few dollars in screening him properly.

Each year nearly 2 million applicants use false or stolen credentials and get hired.  The Background Screening tool that I use to screen employees for my business is CSIdentity SAFE . Here’s what it does:

  • It validates the applicant’s true identity so that you know the background check record belongs to the person sitting in front of you.
  • It detects if the name or other personal data has been falsified
  • It determines whether the applicant has a criminal history under any assumed names or aliases
  • It conducts in-depth screening searches including criminal, driving, employment, licensing and education verification & more
  • It allows you to order, track and receive drug screening results online in 15 minutes
  • It lowers your data liability by making background checks available only to certain employees
  • It provides continuous monitoring of your employees record in case they commit a crime while on staff

In other words, SAFE gives you the tools to re-take control of the screening process so that you are notified of negative employee data even if they choose to hide it from you. Even after the employee has been hired CSIdentity SAFE continues to monitor their criminal record and will send you updates of any changes.

An employee background check is a step that most employers skip, but if done right it could save your company millions on potential data breach. Looking back on my personal situation, it was an expensive and painful mistake that could have been quickly and easily prevented.

John Sileo provides identity theft training to human resource departments and organizations around the country. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by [intlink id=”15″ type=”page” anchor=”Contact John Sileo”]email[/intlink] or on 800.258.8076.


Traveling Safety: Identity Theft Takes a Trip

Identity Theft Speaker John Sileo on Traveling Safety.

Traveling Safety has become a study of its own ever since the advent of identity theft. Your biggest concern may no longer be physical in nature (pickpockets, hotel theft, muggings); the value of the personal identity you carry as you travel is worth far more than the cash in your wallet.

We all love to plan the vacation of our dreams. I can almost taste the pasta Bolognese as I read about that out-of-the way trattoria half way down the ancient narrow vicolo (blind alley) in Tuscany. But there’s one area we often overlook that can turn that long-anticipated dinner into a nightmare – the theft of our most-valuable asset, our identity. Let’s fast forward – we’ve savored the last bite of pasta and drained our pitcher of the vino rosso locale before presenting our credit card.   Our friendly waiter looks concerned as he walks back to our table to tell us that our credit card has been declined. It doesn’t take us long to discover a thief has maxed out our credit and there is nothing left to pay for our dream. If we’re lucky, we’ll have a backup plan and pay by cash or another credit card. If we are less lucky, the thief has cashed out our bank account as well, has stolen our passport numbers to set up new accounts, or has gained access to a laptop computer full of sensitive personal and workplace data. What were we thinking (or not thinking) by neglecting traveling safety?

Traveling safely and preventing identity theft go hand in hand. Because we carry so much identity with us when we travel, because we are much less organized when on the road, and because thieves target travelers, the likelihood of identity theft while on vacation or business travel increases.

Traveling Safety 101

Traveling Safety – Before You Leave Home

  1. Travel light! Simplify and minimize what to bring with you. Take as little identity with you as necessary. If possible, leave the following items at home when you travel:

Checks and Checkbooks. Resist the temptation to carry checks or take only one or two for an emergency, carrying them with your cash in your money belt. Checking account takeover is one of the simplest crimes to commit and one of the most devastating types of financial fraud from which to recover. The easy alternative? Use a credit card or cash.
Debit Cards. You can reduce your vulnerability to having your checking account emptied while on vacation by leaving all debit cards (check cards) at home. Don’t be lulled into thinking that Debit/ATM cards are safe just because they have a PIN or password. In fact, the only time a PIN is needed to use the card is when it is being used at an ATM. No PIN is required when it is used at a store as a debit or credit card. Be aware, too, that debit cards don’t have the same financial fraud protections as most credit cards. The Solution? Ask your bank for an ATM-Only debit card (it won’t work in stores, only at an ATM) and make sure your password isn’t overseen when you are at the ATM. Better yet, use a credit card or cash.  The exception to this is when you are traveling in a foreign country and your debit card is the most economical method of obtaining cash from an ATM.
Extra Credit Cards. Every piece of identity you take with you creates more sources of potential fraud to which you are exposed. I recommend that if you are traveling with another adult, you each take one credit card (and if possible, take cards from two separate credit card companies. That way, you each carry only one card that can be lost or stolen, but you have a backup card if the other person’s card is lost, stolen or shut down because of fraud).  Make sure that your credit card company knows the dates and places you are traveling so that they don’t shut it down when charges are made out of town. Also, make sure you have a large enough credit line to cover your purchases while traveling.
Social Security Cards. You do not need your Social Security Card while traveling (or at any time other than your first day of work with a new employer), so leave it locked up at home.
Bills. Don’t try to take bills to pay while traveling.
Identity Documents. Leave birth certificates, passports (unless travelling internationally), library cards, receipts, etc. at home while you travel. Anything you don’t absolutely need should be left at home locked in a fire safe. If you can travel with only a credit card, driver’s license and health insurance card (as long as it doesn’t have your SSN on it), you will be much safer.

  • Photocopy the contents of your wallet/documents.Or make a list of all the contents and all your travel documents to carry with you in a secure place as you travel. It’s also a good idea to leave a copy at home with a trusted person whom you can contact. It will save you hours of frustration if anything is lost or stolen.
  • Hold the Mail. Your mailbox is an identity bonanza. Before you leave, place a “postal hold” on your mail so that your mailbox isn’t vulnerable while you are gone. Arrange with your post office that you (or your spouse) are the only people allowed to pick up your mail. Don’t have it “mass-delivered” the day after you return, as this puts everything at risk all at once. Instead, pick it up at the post office once you return.
  • Social Networking Sites.Don’t put an “Away on Vacation” note on your social networking sites just as you wouldn’t tack one to your front door. Broadcasting this information opens the door to criminals using that information while you are away.Think twice about any information you share on social networking sites.


Traveling Safety – During Travel

  1. Lock it Up. I can’t stress enough the importance of using the in-room safes that are now a part of almost every hotel room. They are simple to use and drastically increase traveling safety (decreasing theft by cleaning staff and other travelers). Lock up the following items: 

    Laptop Computers. Only carry your laptop with you when absolutely necessary. The rest of the time, place your laptop (or just the hard drive if your laptop is too big) in the safe while you aren’t using it.  While using your laptop to access online banking or other password-protected services from Wi-Fi networks, be sure the Wi-Fi hotspots are secure.
    Public Access Internet Facilities. If you’re using a public computer in hotel business centers or cyber-cafes, never access any sensitive information.  Keyloggers (software that can track your keystrokes) may be tracking you.
    Cell Phones/PDAs. While you go down to the pool or off shopping and don’t need your cell phone or other electronic device, store it in the safe along with jewelry, extra cash, your iPod, thumb drive or other valuables.
    Passports. Unless you are traveling in a country where you are required to keep your passport with you at all times, lock it up in the safe the entire time you are staying at the hotel.
    Other Identity Documents. Store your plane tickets, receipts, and any other identity documents (birth certificates, extra credit cards, visa, etc.) in the safe when not in use.

  2. Carry it Safely. I recommend carrying all of your identity documents (passport, credit card, driver’s license, tickets, etc.) in a travel pouch that fits around your neck or your waste (and inside of your clothing). It is a minor inconvenience, but it lowers instances of pick pocketing and unintentional misplacement. Thieves have unbelievably nimble fingers that can slip into your pocket or purse undetected so here’s an essential habit to cultivate: just before you leave your hotel room (especially in cities), verify that your money pouch is securely fastened around your waist or neck, under your clothes. 

    Use a Backpack. When possible, carry laptops and other large identity-storing items in a backpack that stays zipped and on your back at all times. It is easy to set down a purse, book bag or piece of luggage while at a ticket counter or retail store. Backpacks, on the other hand, are easy to keep on our person at all times, and are harder to break into without alerting the wearer.
    Watch Your Cards. When paying with a credit card in a restaurant, try to keep your eye on the card. If the server removes it from sight, they may be able to create a “clone” by using a portable card skimmer that will copy the information from the card’s magnetic strip. Many restaurants are now able to process the card at your table or you can take it to the register and observe the transaction.

  3. ATM Machines. Use your “ATM Only” card (one that requires a PIN and does not contain a Visa or MasterCard logo) at ATM machines found at banks or credit unions that are in well-lit areas. Be sure to examine the ATM machine carefully for signs of tampering. Be on the lookout for anything that looks suspicious. Save all transaction receipts in a specific envelope to make it easy to reconcile your bank statement when you arrive home.

Traveling Safety – Upon Your Return Home

  1. Monitor Your Accounts. Shortly after you return from your travels, pay special attention to your account statements to make sure that nothing out of the ordinary appears. If a credit card number or bank account number was stolen during your trip, this is how you will catch it early and keep it from becoming a major nightmare. Contact your provider and alert them to the breach immediately.
  2. Rotate Your Account Numbers . If you feel like your identity might have been compromised (e.g., your credit card number stolen), call your financial institution and have them issue a new card. This makes the old number obsolete, should anyone try to use it in the future.
  3. Pick Up the Mail! Don’t leave it in anyone else’s hands any longer than necessary. Make sure you shred any mail that you no longer need.

Think about Traveling Safety before you leave so that you can fully enjoy your trip instead of being preoccupied with identity theft. Safe travels!

Identity Theft Speaker John Sileo is America’s top identity theft expert. His clients include the Department of Defense, FDIC, Federal Reserve Bank, Pfizer and organizations around the world.

The 7 Deadly Sins of Privacy Leadership: How CEOs Enable Data Breach

Technology is not the root cause of identity theft, data breach or cyber crime.

We are.

Too often, technology is our scapegoat, providing a convenient excuse to sit apathetically in our corner offices, unwilling to put our money where our profits are. Unwilling, in this case, to even gaze over at the enormous profit-sucking sound that is mass data theft. The deeper cause of this crisis festers in the boardrooms of corporate America. Like an overflowing river, poor privacy leadership flows inexorably downhill from the CEO, until at last, it undermines the very banks that contain it.

The identity theft and data breach bottom line?

Corporate boardrooms across America care about the loss of people’s personal data about as much as Ford cared about recalling the Pinto when they began exploding on rear impact. Hey, it was cheaper to fight the lawsuits from the surviving relatives than re-engineer the gas tank. And it’s cheaper to take a tax write-off on fraud-loss line items than to dig this weed up by the roots. We fail to see the connection between privacy breaches and larger profit hits — liability lawsuits, brand damage, customer flight, stock depreciation, loss of trust in the company, bad press, etc. Just ask TJX, who has spent well over $500 million recovering from their data breach – a breach that could have been prevented with only tens of thousands of dollars.

In clearer terms, poor leadership (not technology) is the primary factor leading to data breach. And we stand by, you and me both, mostly silent and submissive, as corporation after corporation loses our private data. We suffer the consequences. It is our credit that is destroyed; our time wasted dealing with law enforcement, credit bureaus, collection agencies, bankruptcy courts, criminal charges and the deep and personal violation of being the victim of a crime that no one really cares about. It makes a great news story, but only because we can deny that it will ever reach us.

Millions of years ago we evolved from the primordial slime with a backbone built for standing up to our challenges. Why, all of a sudden, has our backbone disappeared? We’ve built the Great Wall of China, landed on the moon, eradicated polio and elected the first African American, Barack Obama, to be President of the United States. But we can’t protect the customer data, employee records and intellectual capital that gives our corporations their value? That underlies our capitalist economy? Information is our most valuable asset, but god forbid we invest in a privacy strategy to protect that asset.

The 7 Deadly Sins of Prviacy Leadership: How CEOs (and other Executives) Enable Data Breach

As an identity theft speaker who travels the country speaking on this topic, I’ve noticed that a majority of corporations experiencing data breach and workplace identity theft share similar weaknesses in their overall privacy fabric. You have an opportunity to learn from their mistakes before they become yours. Begin by asking yourself whether you (as a leader) or your organization suffers from any of the 7 Deadly Sins:

  1. Apathy – a disturbing lack of care for and attention to a crime you incorrectly believe will never seriously impact your bottom line. If you have never had a corporate-wide privacy education initiative, you are a prime candidate for this weakness.
  2. Ignorance – many leaders refuse to admit that they don’t know what they don’t know. For example, do you know the value, location and confidentiality of your sensitive data?  Do you know how it is protected, how long it is maintained and why you keep it in the first place?
  3. Arrogance – some executives see themselves as champions of data privacy because they have a strong IT department, but fail to see that privacy doesn’t exist in a silo. Does your organization tend to believe that data privacy is the realm of the I.T. Department? If so, you are overlooking other critical functions (human resources, sales, intellectual property, legal compliance) that are touched by privacy concerns on a daily basis.
  4. Greed – many CEOs are the first to violate the very privacy policies that they champion. Have you ever surfed unprotected at the airport? Do you shred every piece of sensitive data that goes in your trash? What passwords are stored in your BlackBerry?
  5. Hypocrisy – many CEOs are the first to violate the very privacy policies that they champion. Have you ever surfed unprotected at the airport? Do you shred every piece of sensitive data that goes in your trash? What passwords are stored in your BlackBerry?
  6. Paralysis – some companies and executives have difficulty breaking old habits and, by default, choose to perpetuate high-risk data practices. Do you collect certain private information simply because you always have? Have you ever re-evaluated your hiring policies to take corporate espionage, workplace identity theft and insider fraud into account?
  7. Procrastination – Even executives who care about, educate themselves on, admit to, have the budget to invest in and personally practice data safety… never get around to doing something about it at the corporate level. When you are finished with this article, how will your behavior change? Will you get to it later?

This is not an easy topic, but running an organization isn’t an easy task. Leaders that guide their corporations to develop a privacy strategy that avoids these security sins will achieve a long-term competitive advantage in the marketplace. And in the marketplace of ideas, in the oft-proclaimed information economy, what better asset to protect than our private information?

John Sileo is a victim of The 7 Deadly Sins of Data Privacy. After losing his business to data breach and his reputation to identity theft, John became America’s leading identity theft speaker. He uses his gripping story, first-hand experiences and humorous interaction to inspire audiences around the world to protect corporate data as if it were their own. His clients include the Department of Defense, FDIC, AARP and Pfizer. Learn more at www.ThinkLikeASpy.com.

Hotel Key Cards & Identity Theft

I just checked out of my hotel room in NYC after delivering an identity theft speech to the most wonderful New Yorkers at the Federal Reserve Bank of NY, and it reminded me of a question I hear constantly as I travel:

Can my identity be stolen off of the room key cards that hotels use?

In my experience, the answer is “no”. I have never found anything other than my name, room number and occasionally a customer number encoded on the magnetic strip on the back of the card.

Here’s how key cards work. Hotels store your personal information (credit card number, address, etc.) on their computer system rather than on the card. When they issue you your key card, they encode your name and the room number onto the card. When you use your key card at the hotel gift store or at the bar, it simply records that charge to your room or customer number. When you check out, the charge is billed directly to your credit card.

To verify the accuracy of my experiences, I researched hotel key cards on Snopes.com. Snopes is an excellent way to verify the truth of possible scams, frauds and urban myths. Snopes supports my findings, however…

Why take the chance? I’ve never been to a hotel that actually charges you if you don’t return the cards. So, the responsible privacy reflex here is to minimize your chances by destroying the card, even if it doesn’t pose much of a risk. Just like you should shred mail that only has your name and address on it (the first pieces of information an identity thief needs to uncover more identity on the Internet), so should you eliminate the chances that something on the hotel key card will ever be used to steal your identity. It costs you nothing and takes less than 30 seconds to CHOP. And in the meantime, this will get you in the habit of destroying identity exposure so that when it does count, you’re prepared.

Identity theft prevention isn’t about being paranoid, it’s about establishing good habits of privacy and being prepared.

John Sileo
Financial Identity Theft Speeches