With Christmas less than 60 days away, the shopping season has already begun, which means scammers are on the lookout for some holiday happiness of their own in the form of your money and information. In order to keep you abreast of the latest holiday scams we spoke to Fred Touchette, a security analyst who writes about security threats at the Digital Degenerate for AppRiver, to learn what to watch for as you start your holiday shopping.

Scams don't wait for the holidays, but scammers do take advantage of the increased shopping and distraction when things get busy to take your money and personal information. Fred shared the following three Holiday specific scams with WalletPop so that you don't get taken this year.

If you don't have a paper shredder and have documents that need shredding, then Saturday, Oct. 17 is your lucky day.

The Better Business Bureau and its partners are holding what they call "Secure Your ID Day" on Saturday across North America to help prevent identity theft.

Papers and floppy disks will be shredded for free on the spot at participating BBB offices.

In an era when the most esoteric James Bond spy gadget is available to anyone with a credit card, your expectations of privacy are sadly naive.

Take, for example, the telephone sold by Hammacher Schlemmer. The seemingly innocuous princess phone contains a motion detector and a microphone. You can program it so that, when someone wanders into the room, the phone will silently call you and allow you to evesdrop on the conversation.

This and other devices give me the creeps. For example, witness:

• The peephole reverser. This lens purports to allow peepers to see into the rooms behind security peepholes. Reporter Erin Andrews discovered to her misfortune how slimeballs can make use of peepholes to invade privacy.
• Envelope X-RAY spray that turns paper translucent long enough to read personal info off of a bank statement.
• The Computer Snooper, a device the size of a computer plug that, when inserted between the keyboard cable and the port in your computer, will record all your keystrokes without risking detection by security software.
• The Bionic Ear Sound Amplifier allows the wearer to hear conversations100 yards away.
• Wrist watch digital cameras, right from Q's lab, are actually on the bulky side for covert cameras.
• And don't overlook smart phones; am I talking on mine, or taking a video of you?

The sad conclusion? If someone is determined to invade your privacy, the tools available are readily available and almost undetectable. Perhaps the best countering strategy is the one I've adopted; live a boring life.

Take a minute and think about how many companies and institutions you have entrusted with your personal information like a Social Security number or bank account. More than likely you've given this information to an apartment complex, school, loan company, banks and credit card companies. You'd be surprised to know that half of them aren't securing that data!

According to a survey of 500 companies, 55% aren't securing your personal data other than credit card information as required by the recent PCI-DSS regulations and 52% aren't proactive in managing privacy and data protection risks.

Another interesting statistic to come out of the survey is that 79% of the surveyed companies have reported a data breach; with 41% of those reporting five or more data breaches.

The really bad news, especially for those of us who love to support smaller businesses, is that organizations with less than 1,000 employees fared far worse in compliance and protection of data. These organizations simply cannot meet the demands, both in labor and in cost, to deal with compliance and data security.


While there's no excuse for a company not safeguarding your personal data, which they require from you to do business, the lack of PCI-DSS compliance isn't surprising. Having dealt with this in a small part the regulations that need complied with and the surveys that need filled out are not simple to understand; especially if an organization doesn't have an individual dedicated to Information security.

Given the common occurrence of data breaches perhaps this news isn't that surprising after all but the good news, if you want to look for it, is that three-quarters of companies are working on PCI-DSS compliance to protect your credit card and other personal information. For smaller organizations, compliance and security should improve as the software and database systems they use get upgraded to support the compliance and better shield your personal information.

Until security becomes a top concern for more companies you'll need to stay vigilant and cautious about who you entrust with your personal information. The fact that the government scored a collective "C" on computer security at its last audit doesn't set to great of an example for the private sector.

Being someone who tries to steal from people through scams means having to come up with some believable proposition with the potential to get the person on the other end to give up money or private information. The latest scam in this never-ending series is targeting those who served the United States in the Armed Forces.

Calls are being placed to veterans telling them the Department of Veterans Affairs needs their credit card information to update their prescription records.

The VA is warning veterans nationwide that the calls are not coming from them or anyone acting on the government's behalf and urging the veterans to not give out their personal financial information to these callers.

"America's Veterans have become targets in an inexcusable scam that dishonors their service and misrepresents the Department built for them," Dr. Gerald Cross, the VA's undersecretary for health, said in issuing the warning. "VA simply does not call veterans and ask them to disclose personal financial information over the phone."

The VA said it found out about the scam from veterans organizations that heard about the calls. The callers are told that the VA has recently changed its procedures from giving out medication and therefore needs their credit card numbers.

"VA has not changed its processes for dispensing prescription medicines," Cross said. "Nor has VA changed its long-standing commitment to protect the personal information of this nation's veterans."

Those who have any questions regarding the VA's services can call their VA medical center or 877-222-8387.

It was a Sunday morning, in Hyattsville, Md., right about 10:30 a.m., and not exactly the time you would expect your purse to be stolen from your car while you're paying for gas. But that's what happened to Harrine Freeman, igniting a nightmarish plunge into the murky waters of identity theft.

Of course, if it can happen to Federal Reserve chairman Ben Bernanke, I suppose it's not surprising this happened to Freeman. But still, this case seems more interesting given that Freeman is a personal finance expert who knows something about identity theft. Her firm, H.E. Freeman, offers credit repair, and Freeman often conducts personal finance workshops at schools, churches and other organizations.

Freeman, who I interviewed about a year ago in an article that appeared on CreditCards.com, dropped me a line, thinking that WalletPop readers might be interested in her story, and I think she's right.

You can now add Federal Reserve Chairman Ben Bernanke to the long list of the the rich and famous who have been victims of identity theft.

It's just been revealed that while Bernanke was in the throes of dealing with the financial crisis and Wall Street collapse last summer, he was faced with his own financial crisis at home. He and his wife were one of hundreds of victims of a $2.1 million identity theft scheme.

While at a local coffee shop, a thief had swiped his wife Anna's purse off the back of her chair. Her purse contained her wallet, driver's license, their joint checkbook, four credit cards and her Social Security card. Unfortunately for her and Ben, their home address and telephone number were also printed on their checks.

In most areas of our lives, we're doing everything we can to reduce identity theft by reducing the amount of personal information released to businesses when we buy things from them.

But in one area, a new law wil force us to divulge more: On Saturday, Aug. 15, the Transportation Security Administration (TSA) will require every American to include their birth date and gender in their passenger information if they want to book a seat on a domestic aircraft. The TSA also wants every person's I.D. to precisely match the name with which they book their tickets.

Although the official start date is Aug. 15, some airlines will get on board in the fall. But the change is coming.

The TSA says that the added personal details must be given during the booking process, after which they will be used to check computer records of suspicious passengers. Passengers shouldn't have to recite their true birth dates at the TSA's airport checkpoints, which should be good news for Joan Rivers.

It's part of the TSA's new Secure Flight initiative, which is setting up rules to allow government inspectors tighter control of the people who are permitted to fly. The TSA says that the additional information will help its clerks prevent mismatches that sometimes wind up detaining innocent passengers for hours on end.

Consumers have more to complain about, but the agencies they are complaining to have fewer resources with which to help them, a national survey found. A lot of problems people are having, the survey said, were directly related to the country's sour economy.

"It's ironic that at the same time that more people are asking state and local consumer agencies for help, their budgets are shrinking," said Susan Grant, director of consumer protection for the Consumer Federation of America.

"They deserve public support so they can continue to protect consumers from losing their hard-earned cash and ensure that the marketplace is fair for legitimate businesses."

Grant said that 62% of the consumer agencies surveyed reported an increase in complaints in 2008. The average increase was 10%, she said, with some seeing increases by as much as 47%. At the same time, officials reported staff and service cuts due to shrinking state and county budgets.

Nearly 45% of people reporting being scammed were ripped off using a phony check scheme -- by far the largest type of fraud reported in the first six months of this year, according to the National Consumers League. The average dollar loss in that type of scam: $3,178.

The group said top-reported scams are linked to the down economy. Bad check scams often are tied to work-from-home proposals or apparent schemes to make easy money. A survey by the league found that due to the state of the economy, people are more likely to consider the idea of working from home.

I have a theory about my safety in traffic when riding my "mamabikeorama," a bicycle-built-for-me-and-my-kids. I feel I'm safer on it than if we were riding in the manliest of SUVs. Why? Because my toddler rides between the handlebars, totem of cuteness. Who'd get road rage against us, even if I pulled some amazingly dumb traffic move?

My theory has been tested, in a way. Of 240 wallets left on the streets of Edinburgh by researchers, 42% were returned by honest folks. (None of the wallets contained cash.) Which wallets were returned, however, was telling. The study's designers put additional items in some of the wallets: a photo of a baby, a puppy, a family, or an elderly couple; one set included a receipt for a recent charity donation. Of the wallets with baby photos, 88% were returned, compared to those with puppy photos at 53%.

The family photo wallets were returned slightly less than half the time, whereas the elderly couple's photo only inspired 28% of finders to return the wallets. (Perhaps this says something about why the elderly are so often the victims of fraud; is it psychologically easier for criminals to take advantage of them?) Giving to charity, evidently, made barely any impact on those who found wallets; only 20% were returned. However, wallets without any personal items whatsoever were returned even less, 15% of the time.

Richard Wiseman, one of the study's authors, said that the "baby kicked off a caring feeling in people, which is not surprising from an evolutionary perspective." Baby's cuteness inspires the hormone oxytocin (the "cuddle hormone") which, in turns, makes one feel protective and loving. Puppies have less of a biological impact (given the difference in species), but they're still cute, after all.

It's fun to imagine how else this concept could be applied; could a cute-baby screensaver keep your laptop safe from would-be thieves? Are bicycle with baby seats stolen less often? Could terrorists be deprogrammed by papering their cells with photos of my adorable kids? And I'd love to see the study repeated with a small amount of cash in the wallet. How much is a cute baby's face worth?

At any rate, if you've got a wallet and you tend to lose it, go out, immediately, and get a baby photo. Please feel free to download one of mine. And if your lost wallet is returned, by all means, feel free to send me the reward...

Massachusetts-based TJX Cos. reached an agreement with 41 states attorneys general over data breaches that could have released as many as 100 million credit and debit card numbers collecting from customers.

Using stolen card numbers allows thieves to steal identities and make fraudulent transactions.

Under the settlement, TJX has agreed to pay a total of $9.75 million. The money will:

• Provide $2.5 million to establish a new data security fund for the states,
• Pay a $5.5 million settlement along with $1.75 million to cover expenses related to the states' investigations;
• Certify that TJX's computer system meets detailed data security requirements,
• Encourage the development of new technologies to address vulnerabilities in the payment card system.

Pretty much everyone owns a digital camera now. Even your grandma, although she may not understand how to work it. But most of us are still using them exactly the way we used those old Kodak cameras: for souvenirs. They're best for that, of course, but there are other money-saving and life-saving tricks you can use them for.

1. When you accept a rental car
Take pictures of your new car from every angle before you drive it off the lot. In addition to the prior paper damage report you sign when you check out the vehicle, those images can serve as proof of its condition should your rental company try to pull a fast one and charge you for damage that wasn't there, or to claim you came back with a dent that was worse than what you left with. Make sure you get the license plate in there.

The Brooklyn, N.Y., district attorney announced the Monday arrest of 49-year-old Thomas Parkin for dressing as his dead mother to collect Social Security benefits, according to a New York Daily News story.

Parkin was charged with forgery, grand larceny, conspiracy, criminal impersonation and perjury. Sound shocking? Wait until you hear the rest.

Thomas' mother, Irene Prusik, left her Brooklyn home for him to inherit. When she passed away in 2003, Thomas took out a $200,000 mortgage. He later found out, perhaps due to the recession, that he could not afford it and stopped making mortgage payments.

The home eventually went into foreclosure and was bought in 2003. To avoid eviction, Parkin decided to take on the identity of his dead mother to afford the apartment and pay for his real estate venture.

The reincarnated "Ms. Prusik" was complete with sunglasses, nail polish, wig, and old fashioned clothing. The scam continued for six years as the government offices supplied Parkin with his requested funds. He created a fake ID and even hired a nephew to assist him, or her, at the bank.

Here's bank video of the pair:

Heavily marketed credit monitoring services were dealt a serious blow by a federal judge who stopped one of the biggest of the firms from placing "fraud alerts" on behalf of their customers.

The credit reporting agency Experian sued the monitoring firm Lifelock, alleging its automated system of renewing thousands of fraud alerts was costing them millions. Experian contended the law that allows the placement of fraud alerts, which gives a consumer whose account is at risk of identity theft an added layer of protection, only permits an individual -- not a company -- to place them. U.S. District Judge Andrew J. Guilford agreed.