Tricky Thieves Preparing for Tax Refund Heists

Seems that identity thieves are quite entrepreneurial these days. With tax filing season underway, and with some type of economic stimulus package sure to be approved - which would send rebate checks to most U.S. households in May and June of this year - scammers are already attempting to trick people into divulging their personal and financial information.

Among the new scams:

The Rebate Phone Call: Posing as an IRS employee, scammers are calling people and advising them that they are due for a large refund if they file their taxes early. The catch: they can only get the refund by direct deposit - if they don't disclose their bank account information, they don't get the rebate. But the IRS doesn't gather bank routing and account numbers by telephone. And, the IRS doesn't provide advance payments to taxpayers.

The Refund e-Mail: Scammers are sending bogus e-mails to people that appear to come from the IRS. Recipients are advised they are eligible for a tax refund and instructed to click on a link to complete a claim form that asks for personal and financial data. Another version of this scam targets tax-exempt organizations. The IRS does NOT send unsolicited e-mails, and there is only one way to apply for a tax refund - by filing a tax return.

The Audit e-Mail: Some people are receiving personalized e-mail notices that their tax returns are being audited. They are instructed to click on a link to a form that captures personal information. Unlike most spam mails, this one often incorporates the recipient's name. But if you're really being audited, the IRS won't notify you by e-mail.

The Changes to Tax Law e-Mail: Businesses, accountants and "treasury" managers are the targets of this scam, which instructs recipients to download information on tax law changes by clicking on a series of links to various IRS publications. But the links are bogus. What the user downloads is not tax law updates, but malware, which infects computers and sends personal information back to the scammer or allows the scammer remote access to the files on the computer. If you want to download IRS publications, visit www.irs.gov.

The Paper Check Phone Call: Scammers posing as IRS employees are calling people to let them know that the paper check they received from the IRS was not cashed, and they need to confirm the individual's bank account number. But the IRS doesn't really care if you cash your check or not, and won't contact taxpayers to verify any bank information that was provided.

If you get a questionable e-mail:

• Forward it to phishing@irs.gov
• Visit www.irs.gov and enter search for additional information by typing in "suspicious e-mails", "phishing", "identity theft", or "e-mail scams" into the search box at the top right corner of the page.

Did You Really Think Your Salary Was Confidential?

In every place I've worked, my paycheck was always delivered in packaging that defied wandering eyes... usually requiring the removal of three separate tear-off strips, a battle with a letter opener, and sometimes even a paper cut or two.

But like any other piece of identifying data that could be possibly be collected and sold for a profit, your salary information is a commodity. Each payday, The Work Number, a product of Equifax, collects, stores and re-sells salary data and job titles on 46 million Americans - one-third of the workforce.

If you've worked for Fortune 500 companies like American Airlines, Boeing, Cisco, Coca Cola, Fed Ex, Ford Motor, GE, Hewlett Packard, Intel, Kmart, Lockheed Martin, Marriott, Microsoft, Motorola, Nokia, Pepsi, Sony, Visa, Wal Mart, Westinghouse, or government employers like the Department of Defense, U.S. Department of Energy, The Coast Guard, State of California, State of Missouri, or the cities of Detroit, Fort Worth and Pasadena sometime during the last 10 years, you're in the database.

There are currently more than 1,700 employers contributing data. The Work Number has 165 million employment records for current and former employees on file. The data, which also includes Social Security numbers, is sold to lenders, employers, landlords, and government-sponsored social service programs (such as food stamps) that want to conduct background checks or verify incomes.

The Work Number claims that problems with the data are rare: just 150 disputes a month (compared with 1.1 million verifications) because the data is automatically updated by the employers each time a paycheck is issued.

If you have been denied a job or loan because of the data provided by this service, the company that bought the report is required by law to notify you. In order to be compliant with the federal Fair Credit Reporting Act (FCRA), consumers are allowed to review and dispute information in The Work Number's database.

With identity theft issues making headlines on a regular basis, some privacy experts view this collection of data as a troubling issue. According to Elizabeth De Armond, an expert on privacy law and assistant professor at Chicago-Kent College of Law, "Any collection of personally identifying information like that leads to the high potential for identity theft. It's sensitive data."

Your Credit Mama agrees... this is just one more reason to check your credit reports regularly!

Will the Doctor Still See You After Looking at Your Credit?

Every 30 seconds in the United States, someone files for bankruptcy in the aftermath of a serious health problem. According to a Harvard study, illness and medical bills are the cause of half the personal bankruptcies filed in U.S. An estimated one million Americans are financially ruined by illness or medical bills each year - more than half of them are college educated, homeowners, with good jobs. Surprisingly, more than 75% were insured at the start of the bankrupting illness.

Now I'm going to throw another number at you: 80 percent. That's the number of hospital bills that contain multiple errors, according to the Medical Billing Advocates of America.

Here's one final stat: 250,000. That's the number of medical identity theft victims reported to the FTC each year.

Now there is talk of a medical FICO score being developed by a company called Healthcare Analytics. Like your credit score, which calculates the level of risk via algorithms and the consumers' credit history, the medical FICO score calculates which patients are more likely to pay their medical bills. Healthcare Analytics is already gathering payment information from large hospitals around the country.

Supposedly the benefit of a patient scoring system is to help hospitals decide whether to write off some delinquent bills as charity cases rather than report them as delinquent accounts. According to msbnc.com, American hospitals face $40 billion in unpaid bills every year.

But with so many people already uninsured (47 million in 2007), and with out-of-pocket costs rising, and two million people filing bankruptcy each year due to medically-related issues, this medFICO is a serious concern for consumers and privacy advocates.

Add to that the frustrations of inaccurate billing, and you've got the same headaches as with the credit bureaus - who also have a dismal 79% error rate (nearly 8 out of 10 credit reports contain serious errors).

Will the doctor or hospital decide not to perform certain services or provide inferior care (ie: reducing the length of stay) after looking at a patient's medFICO score? Will an employer decide not to hire someone because they are too expensive to insure? They SAY these things won't happen, but the risk assessment industry is too lucrative for this information NOT to be used in other ways.

Who is Healthcare Analytics? The investors include Fair Issac Corp. (founder of the FICO scoring model) and Tenet Healthcare Corp., one of the nation's biggest hospital operators. Former Tenet CFO Stephen Farber is its CEO.

The product is not expected to launch commercially until the end of this year.

Don't ever give your SSN to a healthcare provider. They do not need it. They need your member number from insurance, not your SSN. Furthermore, it's illegal for them to ask for your SSN unless they are going to lend you money or hire you.

650,000 Affected in Latest Credit Data Breach

In yet another case of sensitive data becoming MIA (missing in action), the personal information of 650,000 people, including names, addresses, account numbers, Social Security numbers, and other information, was comprised when GE Money Americas and its backup storage vendor, Iron Mountain, lost an unencryted backup tape.

The backup tape contained data on customers for JC Penney and up to 100 other retail store customers.

GE Money alerted the New Hampshire Attorney General's office of this security breach on Dec. 28, 2007. According to their notice, the tape was checked into Iron Mountain's secure facility and never checked out, but a search of Iron Mountain's premises and theirs has been unable to locate it.

It is hard to assess if the information on the missing tape is being used inappropriately or whether it will be misused in the future. GE Money is offering 12 months of credit monitoring for those persons that had Social Security numbers on the lost tape.

As anyone familiar with the TJ Maxx data breach knows, 12 months is a short blip in the lifespan of sensitive personal data like Social Security numbers. It becomes the consumer's burden to regularly and consistently check his or her credit report for possible identity theft issues. If you fear that your personal identifiable information has been compromised, you can elect to implement a "freeze" on your credit.

To contact GE Money, call toll-free Monday through Friday, 9:00 am to 7:00 pm EST, at 1-866-913-6690.

A Five-Star Plan to Reduce Predatory Credit Cards

On the campaign trail, Democratic presidential hopeful Barack Obama is attacking predatory credit cards.

Last month, Obama and fellow Senator Ron Wyden (D-RO) introduced legislation designed to educate and protect consumers from abusive lending practices, while providing incentives to credit card issuers to improve their practices.

The Credit Card Star Safety Act of 2007 (S. 2411) awards "stars" to each card based on a points system. Cards with fair and friendlier terms and conditions are awarded more stars, with five stars given to the safest cards. These star ratings would be required on all marketing pieces, agreements, statements and applications. The idea is that consumers would naturally gravitate toward using the cards with more stars, creating competition among credit card companies to keep and attract new customers by changing abusive practices.

The rating system doesn't measure how good the interest rate is, but rather the safety of the credit card agreement itself. For example, card issuers that state they can change the terms of the credit agreement "at any time" without notice or employ "fee harvesting" techniques would earn one star. Those that provide 90 days' notice to cardholders before changing their terms, or have agreements that are easy to understand, would earn more stars.

This program is based on the success of the five-star crash test ratings system for new cars. Initially, no car was given more than two stars; today, a number of vehicles are earning five stars. While most of the credit cards today would probably rate an average of one to two stars, Obama and Wyden expect this program will have a similar, positive impact on credit card practices.

It's a pressing issue that many voters can relate to. According to data from the Federal Reserve and the U.S. Census Bureau, in September 2007, U.S. consumers were carrying close to $880 billion in credit card debt – nearly $2,900 for every man, woman and child in the country. Credit card debt has increased by almost $163 billion since 2004, an increase of over $500 per person in the U.S., or 23% in just 3 years.

How Will FICO's New Scoring Model Affect You?

Last summer, a little-known Internet-based company based in Florida was thrown into the national spotlight for its ability to "trick" the credit bureaus' credit scoring programs. Credit-challenged customers signed up with the company, who added them as authorized users on the credit cards of people with sterling credit. It seemed to be a win-win for everyone - the clients, who normally paid upwards of $1,000 for the service, got a boost of 30-200 points almost overnight; the original card holders were paid handsomely for allowing clients to piggyback on their good credit history. The losers? The credit bureaus and lenders.

As promised, Fair Isaac Corp., creators of the FICO credit score, will launch a new scoring model this spring. One of the major changes is the exclusion of these types of authorized user accounts from their credit score calculations.

According to Fair Isaac, 30% of the population has an authorized user account - approximately 60 to 75 million borrowers.

Since length of credit history accounts for 15% of one's total score, if the authorized account is the first (or only) type of account that the borrower has, then this new scoring model will have an immediate negative impact on the borrower's credit score by "shortening" the credit history.

This change is expected to have an especially dramatic - and negative - impact on teens and young adults who have been added by their parents as authorized users in an honest effort to help them establish credit.

One alternative to consider is making the borrower a joint cardholder instead of an authorized user, making each person equally responsible for the credit activity (payments and outstanding balance).

FICO is changing other scoring calculations as well. Points will be given for borrowers who have multiple types of credit (such as a mortgage, credit card and student loan). The thinking behind this is that borrowers who can manage various types of loans should be given greater consideration. Delinquencies also will be factored differently. The current scoring models lump in borrowers with one delinquent account with borrowers who are delinquent on multiple accounts. The new model separates these two groups.