Risk
5/4/2008
08:30 PM
50%
50%

ID Theft Monitoring Services: What You Need To Know

Fee-based services say they'll protect your identity, privacy, credit, name, and more. Find out what they can and can not do -- and learn what you can do to defend yourself.

What is your identity worth? According to the Global Internet Security Threat Report from Symantec, credit card numbers go for as little as 40 cents on the black market. Complete access to a bank account? Just $10.

Not so long ago, one's identity didn't involve so many dollars and cents. Discussions of privacy seemed better suited to the realm of academic debates or conspiracy theories. Today, unfortunately, the context is too often one of ripped-off consumers, with tales of swiped credit card numbers, false mortgages, and employment fraud leading to many cumulative hours spent, perhaps over years, trying to clean up the mess.

Of course when someone comes gunning for granny's life savings, "good Samaritans" won't be far behind.

Take identity theft monitoring service providers. The pitch? Give us your Social Security number and notification of suspicious identity activity is only an e-mail alert or phone call away. These services, which typically cost $10 to $20 per month, offer to guard your identity by monitoring the three credit-reporting agencies (Experian, Equifax, and TransUnion), cell phone applications, government databases, and public information. Some also provide insurance (subject to underwriting, and not valid in every state) to help defray costs associated with recovering from identity theft cases.


Tips For Fighting ID Theft


•  5 (Mostly) Free Alternatives To ID Theft Monitoring Services

•  What No Identity Theft Monitoring Can Catch

Others offer even more. For example, Intersections' Identity Guard ($17 per month for the "Total Protection" plan) says it uses "patented scanning technology" to maintain "daily surveillance of the Internet's 'back alley' chat rooms and news groups" and see if your identity is for sale. Secure Identity Systems ($7 per month) says it "tracks hundreds of databases that use Social Security numbers, including utilities, DMV records, financial institution records, and more."

MyPublicInfo ($80 for a six-month "Public Information Profile") watches criminal records and real estate reports. Debix ($99 per year) automatically calls you at home or on your cell phone the moment someone obtains new credit in your name. LifeLock ($10 per month) requests "that your name be removed from pre-approved credit card and junk mail lists, and we keep making the requests as they expire," so would-be attackers can't swipe credit card offers from your mailbox. According to LifeLock, "we've got your back."

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
clickyspinny
100%
0%
clickyspinny,
User Rank: Apprentice
11/22/2014 | 10:24:05 AM
Web Identity Monitoring
These guys provide a service for seeing and monitoring the info that's posted about yourself on the web. Cool way to easily know what info there is posted about you all around the internet. www.webidentitymonitor.com
IdentityTheftAid
50%
50%
IdentityTheftAid,
User Rank: Apprentice
8/16/2014 | 11:42:12 AM
Re: Identity Theft Prevention Fallacy
I'll agree 100% with AlertBroadcasts comments.  However there are proactive steps individuals can take to help prevent identity theft.  Shredding mail, having a secure mail box, not sharing sensitive information on social network websites etc., are just a few examples of ways to help protect yourself on a daily basis.  Many of the credit monitoring services are just reactive to dectected threats.  Some, on the other hand, have processes in place to help stop identity theft in advance, such as password encryption software for your pc, keystroke encryption, internet scanning to see if your identity is being sold on black market websites and much more.  Similar to the StopCreditFraud.org website, we have a comprenensive list of services that will provide that extra level of preventitive protection, as opposed to just standard monitoring.  You can see our list here.  http://www.identitytheftaid.org/identity-theft-protection.  No matter what service an individual chooses, having somethign in place is better than waiting to find out that you had your identity stolen 6 months ago, and your credit is utterly destroyed.  
AlertBroadcast
100%
0%
AlertBroadcast,
User Rank: Apprentice
1/10/2014 | 5:31:47 PM
Identity Theft Prevention Fallacy
A lot of people don't really understand that these id theft services can't "prevent" identity theft or credit fraud from happening. That's up to the individual. However, the good identity theft monitoring services can definitely help minimize the damage that is caused if & when your identity is stolen. Just being alerted to any suspicious activity that may appear on your credit report or that has your social security number attached to it is invaluable in stopping the problem before it grows out of control. A great site for anyone looking to learn more about identity theft is stopidentitytheft.org. I ended up signing up for Identity Guard after reading their credit monitoring suggestions. Hope it's ok to post a link here. http://www.stopcreditfraud.org/credit-monitoring-services It's worth looking at for those of you who have been thinking about an id monitoring plan.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.