mysecurepc

Just like everyone should, I get my annual credit report to make sure no nefarious activity has happened. It is the case that everything goes in circles.

The usual procedure is to go to www.annualcreditreport.com, fill out the sensitive information, and get your credit reports. Hah! Only if Equifax is chosen will you get an online credit report. The others require you to send in everything but a stool sample to get theirs.

Problems? It happened to us. After filling out all the information there was a problem in processing. No indication what was wrong. No online help. No telephone help. Nothing. They say contact the appropriate credit reporting agency who then says contact annualcreditreport.com to resolve things.

After an exasperating hour of runaround, we called in and went through the automated system. They claim the information was successful and the credit report will be mailed soon. We’ll see.

Doug

My credit card company is offering a new and free security feature: virtual account numbers.

The idea behind virtual account numbers is they are used only at one online store. Thus if the number is stolen it is useless anywhere else. Some virtual account number issuers have a time limit can be set so the virtual account number expires (of course not past the card’s expiration date). Also another nice feature is a dollar limit can be set.

The process is pretty painless:
1. Logon to your virtual number account
2. Generate the disguised number
3. Use it at the specified merchant

Another way of generating an account number is using a tool which can be downloaded. The tool would have to communicate with the bank over Internet to send its generated number…hopefully this transaction is highly encrypted.

Transactions appear on your regular credit card statement.

Overall, the process is pretty easy and offers another way to mitigate stolen credit card numbers.

Doug

How many times have you been to a business that “needs” to copy your driver’s license, credit card, or other sensitive information? Car rental places, banks, and medical facilities are notorious for this practice. Another popular use is to make copies of tax returns.

Most photocopiers in the past few years have disk drives in them that help in producing copies. Problem is most of them have no security feature in them (digital overwrite or encryption) so a nefarious person could easily grab the information off the drive. The most vulnerable copiers are ones that are sold to another party. Copiers in small businesses can be easily stolen.

Most small businesses, libraries, tax preparers, and copy shops are not aware of the potential problem or if they were they may not know if their particular copier is a threat.

Next time you make a copy of sensitive information make sure the copier has data security features installed. It can save a large headache.

Doug

If you have not noticed by now, most banks, credit unions, and credit card companies do not have secure logins easily available. The login page is on an unsecured web page which means there is no simple way of verifying the login page is real or spoofed. We have written about this in a previous article. But there may be a way around this.

Go to your bank or credit card company login page. If the URL starts with https:// you are in luck - you can check the security information to make sure the web page belongs to the right entity. If the URL begins with http:// you are treading on dangerous ground. Enter a phony login id and password and try to login. Most likely an error will occur and now the login page URL begins with https:// - your lucky day. At least now the login page can be verified for correct ownership and the sensitive information sent to your bank/credit card company is secure and going to the right place.

I have tried this trick on several unsecure banking and credit card sites - and it worked every time!

Doug