Risk
5/4/2008
08:30 PM
Connect Directly
RSS
E-Mail
50%
50%

ID Theft Monitoring Services: What You Need To Know

Fee-based services say they'll protect your identity, privacy, credit, name, and more. Find out what they can and can not do -- and learn what you can do to defend yourself.

What is your identity worth? According to the Global Internet Security Threat Report from Symantec, credit card numbers go for as little as 40 cents on the black market. Complete access to a bank account? Just $10.

Not so long ago, one's identity didn't involve so many dollars and cents. Discussions of privacy seemed better suited to the realm of academic debates or conspiracy theories. Today, unfortunately, the context is too often one of ripped-off consumers, with tales of swiped credit card numbers, false mortgages, and employment fraud leading to many cumulative hours spent, perhaps over years, trying to clean up the mess.

Of course when someone comes gunning for granny's life savings, "good Samaritans" won't be far behind.

Take identity theft monitoring service providers. The pitch? Give us your Social Security number and notification of suspicious identity activity is only an e-mail alert or phone call away. These services, which typically cost $10 to $20 per month, offer to guard your identity by monitoring the three credit-reporting agencies (Experian, Equifax, and TransUnion), cell phone applications, government databases, and public information. Some also provide insurance (subject to underwriting, and not valid in every state) to help defray costs associated with recovering from identity theft cases.


Tips For Fighting ID Theft


•  5 (Mostly) Free Alternatives To ID Theft Monitoring Services

•  What No Identity Theft Monitoring Can Catch

Others offer even more. For example, Intersections' Identity Guard ($17 per month for the "Total Protection" plan) says it uses "patented scanning technology" to maintain "daily surveillance of the Internet's 'back alley' chat rooms and news groups" and see if your identity is for sale. Secure Identity Systems ($7 per month) says it "tracks hundreds of databases that use Social Security numbers, including utilities, DMV records, financial institution records, and more."

MyPublicInfo ($80 for a six-month "Public Information Profile") watches criminal records and real estate reports. Debix ($99 per year) automatically calls you at home or on your cell phone the moment someone obtains new credit in your name. LifeLock ($10 per month) requests "that your name be removed from pre-approved credit card and junk mail lists, and we keep making the requests as they expire," so would-be attackers can't swipe credit card offers from your mailbox. According to LifeLock, "we've got your back."

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
IdentityTheftAid
50%
50%
IdentityTheftAid,
User Rank: Apprentice
8/16/2014 | 11:42:12 AM
Re: Identity Theft Prevention Fallacy
I'll agree 100% with AlertBroadcasts comments.  However there are proactive steps individuals can take to help prevent identity theft.  Shredding mail, having a secure mail box, not sharing sensitive information on social network websites etc., are just a few examples of ways to help protect yourself on a daily basis.  Many of the credit monitoring services are just reactive to dectected threats.  Some, on the other hand, have processes in place to help stop identity theft in advance, such as password encryption software for your pc, keystroke encryption, internet scanning to see if your identity is being sold on black market websites and much more.  Similar to the StopCreditFraud.org website, we have a comprenensive list of services that will provide that extra level of preventitive protection, as opposed to just standard monitoring.  You can see our list here.  http://www.identitytheftaid.org/identity-theft-protection.  No matter what service an individual chooses, having somethign in place is better than waiting to find out that you had your identity stolen 6 months ago, and your credit is utterly destroyed.  
AlertBroadcast
100%
0%
AlertBroadcast,
User Rank: Apprentice
1/10/2014 | 5:31:47 PM
Identity Theft Prevention Fallacy
A lot of people don't really understand that these id theft services can't "prevent" identity theft or credit fraud from happening. That's up to the individual. However, the good identity theft monitoring services can definitely help minimize the damage that is caused if & when your identity is stolen. Just being alerted to any suspicious activity that may appear on your credit report or that has your social security number attached to it is invaluable in stopping the problem before it grows out of control. A great site for anyone looking to learn more about identity theft is stopidentitytheft.org. I ended up signing up for Identity Guard after reading their credit monitoring suggestions. Hope it's ok to post a link here. http://www.stopcreditfraud.org/credit-monitoring-services It's worth looking at for those of you who have been thinking about an id monitoring plan.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2003-1598
Published: 2014-10-01
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.

CVE-2011-4624
Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.

CVE-2012-0811
Published: 2014-10-01
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files gene...

CVE-2012-5485
Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

CVE-2012-5486
Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.