Credit Scams Invade AG’s Office: Is Anyone Safe?
Friday, May 27, 2011
The RI Attorney General’s office doesn’t have to look far in its search for people who are falling victim to credit card and identity theft – it’s happening in their own office.
Right after the AG’s Public Information Officer Amy Kempe issued a media release warning that the far-reaching corporate e-mail firm, Epsilon Data Management, had their security breached, she and a few others working for Attorney General Peter Kilmartin had problems of their own with credit card transactions ended up in a snarl due to the massive reach of e-mails and personal information attached to those purloined files. (For original GoLocalProv story, click here.)
Credit Cards Rejected and Reissued
Mikaela Galvin, an investigator in the Consumer Protection Unit, suddenly found her debit card being rejected at various outlets due to theft of her banking account number.
“My debit card i.d. was stolen, and I had no idea,” Galvin told GoLocalProv. “I was at CVS, and it was declined. It was embarrassing. I figured it could be either the bank or the computer. I checked my bank account and knew I had money, so I tried it the next day at Stop & Shop, and it was declined again. Then I tried an ATM, and I found out it had been deactivated.”
It turned out that someone had gotten hold of her debit card number and had tried using it for a small three dollar-plus purchase on an obscure Web site. That set off the internal alarms at her bank – Citizens. The bank declined the purchase, because of what banking industry professionals say are security systems geared to spot “anomalies” in people’s purchasing.
Galvin described it as “a weird web site; out of line with what I usually do.”
Bank Security Measures
“We regularly monitor our cardholder transactions for suspicious activity,” said Amie Kershaw, Director of Public Affairs for Rhode Island for Citizens. "Whenever a customer experiences a breach, we take steps to ensure that the customer is reimbursed for any fraudulent activity. We also encourage customers to routinely monitor their bank accounts and immediately report any suspicious transactions to the bank.”
GET THE LATEST BREAKING NEWS HERE -- SIGN UP FOR GOLOCAL FREE DAILY EBLASTBut bank security specialists are loathe to go into any great detail publicly, said Kershaw, believing it would just provide valuable information to the people they are trying to defeat at their game.
Stay in Touch With Your Money
Galvin’s problem left her baffled.
What had happened, though, was once the attempted illicit purchase was denied, the bank tried to contact her at a home phone number which she never used, to let her know her card was being cancelled, and a new one was to be reissued. She found that out later on her own by contacting the bank about her problem, but said it was a sharp reminder to make sure her financial contact numbers elsewhere were up-to-date.
Trying To Stay A Step Ahead
Kempe’s problems stemmed from a similar effort by her own bank, Bank of Newport, to protect her interests.
“Right after we released the news about the Epsilon breach, my bank cancelled my card. They had picked up on the Epsilon breach,” she said. Admitting to being a frequent on-line shopper, she explained, “I attempted to use it on a purchase that was something I normally don’t buy. Just one purchase out of the norm.”
“I got a letter from the bank saying it was going to issue me a new card,” said Kempe. “The bank made the decision, just to be cautious…You have to give the banks credit, they are trying to their best.”
Bold Moves By Criminals
The credit and identity thieves cannot be accused of not being clever, or gutsy.
“Right after the Epsilon situation was made public, it was very bold to use the legitimate data breach to target and trick consumers,” Kempe said.
What the criminals were doing was going on “phishing” trips, sending e-mails to people claiming they were from Epsilon and were trying to help, and get people to send them their confidential information, thinking they were allies in their fight to protect their credit information and identity. Needless to say, some people bit.
Slick Approach to Casual Observer
“The con artists have become very sophisticated,” said Jim Lee, Chief of the Civil Division in the AG’s office.
“They are able to personalize phishing e-mails and make them look very professional, even like Epsilon,” Lee said. “They can create the look and feel of a legitimate business. It works because it looks right and can fool the casual observer, especially if it supposedly comes from a company where they have just made a purchase.”
Brazen Attempts
Identity and credit theft criminals “are becoming more and more brazen, especially if they are outside the U.S.” said Lee. “That's because it is so hard to track them down.”
Security firms are aware of the ability of the con artists to use impersonal computers, such as those in a public library. But getting as close to home as one can imagine, Lee added, “They can do it using your own computer, using your (unsecured) wireless access from a block away.”
Scammed and Scammed Again
“People are now very familiar with using the Internet to make purchases and confirm things,” said Kempe. “They are getting more and more savvy, and there is comfort among consumers.”
“You would think people who are savvy would not get pulled in,” she said of those who go along with the polished (but bogus) e-mails. “You get scammed out of money, and then you get scammed again.”
If you valued this article, please LIKE GoLocalProv.com on Facebook by clicking HERE.
Related Articles
- Gamers Beware. Sony Announces Security Breach on Play Station
- NEW: Kilmartin Hits Epsilon After E-Mail Security Breach
- BREAKING NEWS: Kilmartin Names Kempe as Public Information Officer
