During this year we’ve seen many phishing scams that were pretty simple. In essence, twitter users were asked to go to a certain url (usually to watch some funny video or download digital “gift”), and on that page they saw something similar to twitter login screen. So they assumed they have to login to “twitter” in order to watch this video.

Of course, this “twitter login page” was nothing more than just a page mirroring actual twitter login page, and its whole purpose was to gather the usernames/passwords provided by unsuspicious twitter users…
Then perpetrators used those accounts to twit the same url (and other malicious links containing trojans and viruses) to other twitters.

Watch this video to better understand the mechanics of this twitter phishing scheme:
Now hackers changed their tactics. Sure, “twitter mirror” is very “productive”, so it’s not going anywhere, hackers will continue to use it. But instead of sending twits from the compromised accounts, they now send direct messages.

If you think about it, it’s much more effective for hackers, and much more dangerous for average twitter users.

If twitter user will see a few messages posted on her/his account, s/he will quickly realize that account is compromised, and will change the password. Then the game is over.

With direct messages, on the other hand, it’s quite another story. How many people actually check their outgoing DMs within twitter account? Exactly. Only a few. People look at the incoming DMs, because that’s the messages from their friends. But they probably haven’t look at their outgoing DMs even once since they set up automatic welcome message.

So the chances of average twitter users to notice abnormal DM activity in their accounts are minimal…
If you’re reading this post, and you’re avid twitter user, please go and check your DMs right now. And if you see suspicious activity, change your twitter user/password asap.

First of all, let’s be clear here. Right now I’m NOT talking about the ways to protect your computer from virtual theft. Virtual theft, which could happen through hacking into one’s computer or website over the Internet, is a far more advanced topic then the one that will be discussed today.

I have an entire course dedicated to the computer protection. If you’re interested to learn what you should do to protect your data from hackers, you might want to take a look at this course: Online Business Protection.

But today let’s talk about something that can be easily prevented, yet as of today the negligence in this area of data security causes huge headaches to many businessmen.

First let’s look at some facts.

• Fact Number 1 2,000 laptops and 5,000 smartphones are stolen every day.
• Fact Number 2 97% of stolen laptops are never recovered.
• Fact Number 3 Computers and smart phones are the #1 source of identity and business theft .

It also helpful to remember that 60% of businesses that were unfortunate enough to go through data loss, completely go out of business within 6 months. You business could be next if you don’t take proper precautions.

Now that I have your undivided attention, let’s see how we can avoid this unfortunate scenario. It’s time to talk about physical data protection.

The majority of people have hundreds if not thousands of usernames and passwords stored on their computers and smartphones in unencrypted format. If laptop or phone is stolen, perpetrators get easy access to email contacts, financial information, bank accounts, proprietary business plans, etc.

This obviously can lead to both identity theft and serious financial losses. Unfortunately, the majority of people don’t do anything to prevent the flow of events that would bring them in such a precarious position.

What makes the matters even worse, when laptop or a smart phone is lost or stolen, the likelihood of its data to be restored is slim to none. Unless there is a data backup stored somewhere in a secure environment. If there is a backup available, then data of course can be restored yet the probability to find the stolen item still remains miniscule. Let alone the chance to punish the thief.

Today I’ll share with you a great resource. It will help you not only to create automatic backups (just set up the system once, and it will automatically backup your data in two different datacenters). It also will allow you to recover your stolen item. You can also lock down your device before it’s retrieved. This way it will be much more difficult to steal your data. Or you can wipe out the data remotely from the device if you choose to do so.

It’s very inexpensive, plus they offer 1 Gb of backup for free. So go get your Smartphone and Laptop Protection now.

According to the 2007 study conducted by Javelin Strategy & Research, the average loss of a victim of identity theft through spyware installs, viruses, different hacks, etc increased from $5,981 last year to $7,561 this year.

So we’d better learn all possible ways to protect our bank accounts…

In the previous article about anti-identity theft measures I mentioned that you can employ the credit card monitoring services that will alert you when fraudster will try to steal money from your credit card.

Today let’s explore 2 more methods that can help you to protect your money from identity thieves.

Those measures are specific for the USA, but I’m sure there are similar services in other
countries too.

Method 1: Opt-Out from Pre-Approved Credit Card Offers

Ok, so what can you do to sleep better at night? Well, you can get rid of all those
pre-approved credit card offers that pile up in your mailbox. If you need new credit card,
it’s better to apply to a specific credit card, and not the random one you found in your
mailbox. Keep in mind that the credit cards that are sent to you have the advertisement and mailing cost included in the rate they are offering, so you might be better of making your own research first, and to apply to a card with good APR (don’t pay too much attention to initial offer, look at the real rate. When initial offer is over, you’ll still have to live with that credit card.)

If you want a new credit card with low rates, etc, here is a good place to start your credit card research:
http://www.1ezhost.biz/creditcards.html

If you doesn’t plan to apply for a new credit card in the nearest future then the mounts of pre-approved offers in your mailbox are not only unnecessary, they could be quite
dangerous. Substantial percentage of identity theft frauds is possible because of the
stolen paper mail.

You can stop vendors from sending you all those offers by calling
888-5OPTOUT (in the USA). I’m sure there are similar services in other countries too, just look on the Internet for the “opt-out option for pre-approved credit cards” (or similar) and add the name of your country to a search string.

Method 2: Freeze Your Credit

When identity theft became a massive phenomenon, banks and government tried to work out the solution that would help people whose identity was already stolen.

One of the worst things with identity theft is not when somebody got access to victim’s credit card number and made several purchases through this card. After all, credit card
balances are usually rather limited.

The worst thing is when fraudsters gather enough information about the victim to be able to apply for new credit cards on this person’s name, and provide different mailing address. So it could be a long period until the victim realizes that he has many more open credit cards that he actually applied for. Quite often it’s happens when person tries to apply for a loan, and bank declines his request, states that victim’s credit score is way below the acceptable minimum and shows him and outstanding balances for all the credit cards he “used”.

To help victims, credit agencies suggested to implement credit freez. Basically, this means that no one with the credentials of identity theft victim would be able to apply for any credit card or loan until credit freeze is raised.

Of course, the worst case scenario wouldn’t happen if a person use credit monitoring
services I mentioned earlier, many people still don’t use it.

Credit freeze is convenient, it could be raised for a small fee for a limited time, and
then applied again. The only problem is, in most states it was unavailable to a general
public, this law was only applied to identity theft victims.

Kudos to California. It was the first state that implemented credit freeze (in 2003).And
double Kudos to California for allowing general public also use this law to their advantage.

Other states agreed to apply this law for identity theft victims, but were not so quick to
apply it to the rest of consumers. Many states implemented this law in 2007.

At the beginning of 2008, several more states (Arkansas, Massachusetts, Maryland,
Tennessee and Utah) will join the group. The latest will be Washington, it will allow
credit freeze at September 1, 2008. Overall, by 2008 credit freeze will be implemented in
40 states.

Here is the how you can find information whether credit freeze is available in your state
or not, and if it’s available, how to apply.

Go to http://consumersunion.org/securityfreeze.htm

I’m not sure whether credit freeze is available in other countries or not. If it’s not
available, then contact your politicians. It’s one of the most efficient measures to
prevent identity theft. Hackers will always be several steps ahead of any online security
system that could be invented. So it’s better to pay a few bucks to lift a credit freeze
when you actually need a credit card or loan, and then apply it again than leave your
credit unprotected.