Security

If our increased need to secure our information seems too much, you are right. It is too much. But that is the world we live in. Since we play for the same team, it works for me that you protect yourself.

Electronic and telephone scams generally divide up into a few easily-recognized patterns:

  • the IRS or some other government agency demanding money,
  • someone we have never heard of threatening a lawsuit if we don’t send money,
  • a foreign bureaucrat or deposed prince who needs a substantial deposit to get mythical money out of an obscure country, from which we will get to keep a small fortune which doesn’t exist,
  • a once-in-a-lifetime investment opportunity,
  • an inheritance for which we can pose as an heir,
  • a forged cashier’s check from which we are to pay a portion to a third party and keep the change,
  • a hyperlink in an email from an address similar to the email address of someone we know or masked as someone’s actual address which will plant a virus or a tracking cookie on our computers, and
  • a telephone call in which we are guided into saying the word, “yes” or “OK,” things many of us say as figures of speech, even if we are not agreeing to anything.

The scams are constantly evolving. For example, one of my clients reported last week that she received an email which appeared to be from her credit card company, stating that her online payment of the card balance had failed. It came two days after her online payment, so it was timed perfectly to stimulate a response. It looked completely legitimate and showed a “from” address that matched the card company, but when she hovered the pointer over the contact button, it showed hyperlink address outside the credit card’s domain. There are three hidden lessons here. First, we should never try to contact anyone we do business with via a hyperlink in an email, and if your mouse or touch pad settings allow you to access a hyperlink by hovering over it, that setting should be disabled. Otherwise, at the moment you are figuring out that it is a scam, you have already been had. The third lesson is not so obvious. If you get one of these, you should forward it to the company. Most have a reporting address, like abuse@chase.com, reportphish@wellsfargo.com or emailwatch@discover.com.

It is impossible to track all the scams. They change too fast. We should all have up-to-date anti-virus software that patrols both email and the websites we visit, and we need to use the smell test. If it doesn’t seem quite right, it is probably not right. If you feel FOMO – fear of missing out – kicking in, you are being scammed.

That does not mean that low-tech scams are gone. There are at least three garbage scams that can trip us up if we don’t protect ourselves. They are called garbage scams because they are frequently done by sorting through garbage bags or recycling bins. Peter Sellars and Ringo Starr made a movie several years ago about what people will do for money. Mucking through garbage is nowhere near the most repulsive.

To renew a driver’s license in Illinois, we do whatever, pay however much and get a temporary paper license at the driver services station. They punch a hole through one of the three electronic information strips on the back of the old license and give it back to us. A week later, my plastic license comes in the mail. Now, I have a new license, the only one I need, plus an old license and a temporary license. The old license and the temporary have lots of information. Aside from my name and date of birth actually printed, they are also embedded in my license number, and all my information is embedded in the electronic strips on the back, so even after expiration, each can be used as identification in an automated system like those used to process e-checks. If I have a shredder that can handle plastic, both the old and the temporary need to go through it immediately. If shredding is not available, one cut is not enough. For security, this takes one cut through each of the code strips on the back, one cut through the birth date and name, and two cuts through the license number, one near the front, and one before the last two digits. Sprinkle the pieces in different trash receptacles as you go from place to place, or if you are home-bound, throw away one piece in each trash pick-up until they are gone.

Credit and insurance cards replaced at expiration or when chips or magnetic strips stop working are similar. Credit card issuers are identified in the first few digits and we are identified in the last few digits. Also, there is a security code on the back which should change with a new card, but often doesn’t. Insurance cards carry the same information year to year if you don’t change insurers. Shredding is best, but if that is not possible, one cut will not do the trick. The account number, both front and back, should be cut into three pieces. The three-digit security code should be cut in half through the center digit. Again, the pieces should be sprinkled in different trash receptacles or spread among different pick-up days.

If you are reading this, you can get your bank statements on-line. Getting statements in the mail leaves you with the problem of disposing of them. Again, shredding is best. If shredding is not available, tear them through the account number and through the name and address, and if check copies are included, the name, address and account number on each check copy should be cut through. Again, each piece should be disposed in different places or at different times.

No definite list is possible as scammers are always coming up with new ways to rob and cheat us, and nobody likes to be reminded, but it is a truth as old as humans that it is extremely difficult to cheat an honest person. When we think we can get an edge, cut a corner or do something really crafty, it is a good idea to remember that it is difficult to step on someone else’s toes at an elephant dance. I can help put things back together after the damage is done, but it is easier to avoid getting stepped on than it is to put our lives back together after a stomping.

Finally, for a clergyman, doctor, lawyer, banker or anyone else who routinely holds other people’s confidential information, both up-to-date security software and strict security procedures are absolutely necessary to protect other people’s information. It is one thing to get taken down. It is quite another to take someone who trusts us down with us.