Learn How Not to Get Conned from One of the World's Leading ID Theft Experts

       As the subject of the 2002 movie Catch Me If You Can, starring Leo DiCaprio, Frank W. Abagnale was a master at stealing identities- successfully posing as an airline pilot, an attorney and a doctor- all before the age of 21. After cashing millions in fraudulent checks, getting caught and serving jail time, he switched teams and began advising the FBI on how to outsmart the bad guys.

      Now, he's joined forces with the AARP Fraud Watch Network to help you learn how to spot an avoid scams so you can protect yourself and your family.

      At a recent Fraud Watch Network event in Houston, he shared these important tips on how to protect yourself from ID theft:

• Shred all sensitive documents using a “micro-cut” shredder. It's the only kind that makes it impossible for thieves to reconstruct your document. 
• Don't write checks for ordinary purchases. Everything a thief needs to steal your identity is right there! Use a credit card instead.
• Monitor your bank and credit card accounts online frequently, so you can report fraud as soon as it happens and have a better chance of recovering losses.

     From cradle to college, kids under 18 are 51 times as likely to be victims of identity theft as their parents, according to a study done by Carnegie Mellon University's CyLab. This alarming statistic is based on a sampling of some, children- and percent already had their Social Security numbers being used fraudulently. “There's no process to double-check what name and birth date are officially attached to each number,” reports CyLab. “As long as the identity thief has a Social Security number with a clean history, the thief can attach any name and date of birth to it” to create a false identity to use fraudulently.

     And in the recent Anthem data breach, tens of millions of American children had that information stolen, along with health care account numbers.

     Child identity theft can continue for years undetected. Without credit cards, mortgages or utility bills to pay off, youngsters should have no credit file for reporting bureaus to monitor. But when the victims eventually apply for credit cards, student loans, or a job they may find that their credit is already ruined- and good credit can take years or decades to rebuild.

Watch for these warning signs:

• Credit card and loan offers come addressed to your kid.
• Your child is denied a bank account, a driver's license or government (or health insurance) benefits because the SSN has already been used.
• The IRS sends notices that the child didn't pay income taxes or was claimed as a dependent on another tax return.
• The child is a target of debt-collection calls or bills.

If you think a child is at risk- or just want assurances- here's what to do:

1. Check the child's credit report. You want to hear that there's no credit report on file under the child's SSN; if a file exists but the child never applied for or was granted credit, assume the worst and file a police report and complaint with the FTC.
2. If there is a credit file indicating identity theft, send a letter to credit bureaus asking to remove all accounts, inquiries and collection notices associated with the child's name or personal information. Explain that the child is a minor and include a copy of he Uniform Minor's Status Declaration. Also, contact businesses where the child's information was misused.
3. Consider a freeze. If the child has a credit report, enact a credit freeze to restrict report access. Without seeing a credit report, creditors won't approve new accounts. Only 19 states have laws requiring credit reporting agencies to allow a parent or guardian to freeze a child's credit file: Arizona, Delaware, Florida, Georgia, Illinois, Indiana, Iowa, Louisiana, Maryland, Michigan, Montana, Nebraska, New York, Oregon, South Carolina, Texas, Utah, Virginia, and Wisconsin.
4. Be vigilant about Vitals. Prevention pays ff, so guard your child's sensitive data as carefully as your own. That means not sharing or carrying a Social Security card (ask why it's needed and whether alternative identification can be used), shredding documents with the child's personal information before throwing them away, not posting sensitive details or even photos of the child online, and securely locking up Social Security cards, birth certificates, and other sensitive documents.

To read about more scam alerts like this from our fraud expert Sid Kirchheimer, go to

aarp.org/fraudwatchnetwork

     With the latest in tablets, smartphones, and wireless Web access, staying connected has never been easier. The power of wireless computing and communications puts information and resources just a click away at home or at our favorite coffee shop.

     Unfortunately, some serious pitfalls of free Wi-Fi can put you right in the scammers' net. Here are three public Wi-Fi scams to watch out for:

Man in the Middle

How it works: A scammer hacks into a person's computer or smartphone to intercept their communication with others. The attacker then alters he user's communication to gain access to passwords or account information.

What can happen: A criminal Alters a communication with your bank or credit card company so the funds go to their account instead of where you intended.

Evil Twin

How it works: The wireless version of common email “phishing scams,” hackers set up their own Wi-Fi access points, tricking consumers with names like “free airport Wi-Fi” or “free hotel Wi-Fi.”

What can happen: Since you are on their turf, any information you send using that Wi-Fi is fair game for the scammers controlling the access point. Often users are unaware that their accounts have been compromised until well after the incident has occurred.

War Driving

How it works: Armed with a laptop, smartphone or tablet, war drivers hunt for unlocked or poorly protected Wi-Fi networks, logging and collecting wireless network info without actually jumping onto the networks.

What can happen: Hackers download malware onto the unprotected system, and/or search the computers and devices connected to the network for personal, company and financial data.

1. Watch out for fake links: Con Artists often catch unsuspecting victims by choosing a network connection name that's deliberately similar to the coffee shop, hotel, or public venue offering free Wi-Fi. Verify the network name with an employee before logging on.
2. Mind your business: Don't access your email, online bank or credit card accounts using public Wi-Fi. A good rule of thumb: if a site requires a log in and password, wait until you are on a secure connection.
3. Watch your settings: Change the settings on your mobile device so it doesn't automatically connect to nearby Wi-Fi.
4. Control your surfing: If you need to access any websites that store or require the input of any sensitive information- including social networking, online shopping, and online banking sites- using you cell phone network is safer than an unknown public network.
5. Be a cyber safe shopper: When buying a new device, make sure it has a firewall that helps protect against cyber-attacks.

     Have you received a phone call from someone claiming to be with the tech support division of a well-known software company like Microsoft? Scam alert!

The intent of these “tech support” scammers is to

• Persuade you to give them remote access to your computer, which they can claim will allow them to solve the problem. In reality, that access allows them to look at everything on your computer- and lets them change your settings to lock you out of your own machine.
• Sell you a worthless one- time “fix” or ongoing maintenance or warranty program. The price can be s high as $600.
• Get your credit card information- over the phone or by directing you to their rogue websites- so they can bill you for the phony services and possibly make other fraudulent charges.
• Trick you into installing malware that could steal sensitive data useful in identity theft.

     Know this: Manufacturers of computers or antivirus protection systems don't make phone calls to individual costumers about problems. Rather, your installed antivrus software informs you with on- screen warnings. When new viruses are circulated, you can expect to receive software updates sent en masse over the Internet to you and other users of your software.

     So if you get one of these calls (or emails), HANG UP!

     Under federal law, if your credit card is used to make unauthorized charges after it is lost or stolen, you're liable for only $50- no matter the amount and with no time restrictions to report the fraud. And many issuers won't even charge the $50 for valued customers.

     But with a debit card, you have just two business days to report an unauthorized loss or money transfer, or you could be liable for up to $500. Wait ore than 60 calendar days after your statement is mailed, and you could be responsible for all the money stolen from the account.

     Although debit cards offer no-interest savings- which may factor for some plastic users- there are six places where you should never use them.

Gas Stations

     In addition to ATM machines, gas pumps are a popular target for “skimming,” in which crooks place a portable card-reading device in the pump. When a motorist inserts a debit card and enters the required personal identification number, the hidden device (which can be purchased on the Internet for less than $100) captures both the data from the card's magnetic stripe and the PIN. Later, the device is

retrieved, and the stolen data is used to create a duplicate card to raid the victim's bank account.

     Why gas stations? With only a handful of manufacturers of gas pumps, one key in the hands of a thief who gets a job at one station can be used to open pumps and install other skimmers elsewhere, especially at night or when unattended. And with older pumps, PINs may not be encrypted. If you must use a debit card (and it has a Visa or MasterCard logo versus being a cash-withdrawal-only card), choose the “credit” screen prompt, instead of “debit,” so you don't have to enter your PIN. This way, the purchase amount will still be deducted directly from your bank account, but it's processed through a credit card network, providing greater protection if fraud occurs.

Online Purchases

     Along with providing added security should the retailer fall victim to a data breach- a hacker can't overdraft your bank account with a credit card- most credit cards (versus some debit cards) offer extra protection perks. If you don't receive the merchandise, it's defective or the wrong item, and the vendor won't issue a refund, it's easier to dispute charges with a credit card.

     Many credit cards also offer extended product warranties (usually for one year beyond what's offered by the manufacturer), and some provide price protection up to 90 days, issuing you the difference if the identical item is sold for a lower price than you paid. Although certain debit cards offer these protections, the hassle factor can be greater.

Big-Ticket Items

     Rewards aside, the above-mentioned credit card perks are especially useful for expensive products, whether purchased in store or online.

Restaurants

     Eateries are among the few places where a payment card can leave your sight, and crooked waiters can- and sometimes do- disappear to write down its number for possible identity theft. Even without a PIN, someone can use your card number to make fraudulent purchases online. And restaurants without sit-down service can pose a threat, since some (along with other businesses) keep customer payment information on file, but may not safeguard it.

Retail Stores

     Several months ago the FBI predicted an increase in cyber-attacks using sophisticated malware that specifically targets point of sale (POS) systems such as cash registers and card-swiping devices. It was this “memory-parsing” malicious software (also known as a “RAM scraper”) that was behind the well-publicized hacking of payment card information of some 110 million Target customers over the Christmas season- and responsible for nearly two dozen other attacks in the past year.

      True credit cards are also vulnerable in such POS attacks. But with more protections, credit card issuers always eat those losses (minus a possible$50 cap) should your plastic be hacked. Depending on when you learn of and report fraudulent use of hacked debit card data, you could be on the hook for unauthorized activity.

     Nuisance calls are the top complaint to the Federal Trade Commission and many state attorney general offices. How can you block them, beyond listing your number on the Do Not Call registry, which is ignred by scammers making live and automated calls?

Android Phones

     You can set your phone to Privacy Mode to get calls only from those preapproved and on your contact list, while built-in Call Rejection allows you to send calls directly to voice mail without your phone ringing. Among call-blocking apps, the Indiana attorney general's office recommends Call Control- Call Blocker by Kedlin Co., which offers a free basic version; other apps include DroidBlock and Call Filter.

iPhones

     Use Do Not Disturb to silence calls from everyone except those selected from your contact list. If you don't want to get calls from a specific number, you can add them to your blocked list (see your phone's specific User Manual to learn how.)

Call Service Providers

     MyVerizon customers can block up to five contacts at no additional cost for 90 days. Verizon Family Base plans block up to 20 contacts for $5 a month (similar to AT&T's Smart Limits plan). There's no cost to block up to 50 contacts with MySprint or 10 numbers with T-Mobile's Never Allowed.

Traditional Landlines

     AT&T, Verizon, Sprint and other carriers all have their call-blocking policies, which come with possible additional costs depending on your service. Digitone Call Blocker Plus, which costs about $100 and works with any carrier, was the call-blocking device rated best by a Consumer Reports test panel. Less costly options include Sentry Dual Mode Call Blocker and HQTelecom.com Landline Call Blocker, which had mixed reviews, and CPR Call Blocker Protect, deemed a “bummer.”

VoIP Landlines

     Nomorobo is a free service that intercepts calls after the first ring and blocks those on its vastFTC-assisted blacklist (quickly approaching 1 million numbers, with 200 added daily). If it's legitimate, the call goes through (for a second ring); if it's an illegal robocall, Nomorobo intercepts the

call and hangs up for you. 

Downside: This highly praised and effective system (winner of an FTC contest seeking the best solution to stop robocalls) works only with an Internet-based service offered by participating cable providers, such as Comcast and AT&T U-Verse, Vonage, magicJack or other Voice over Internet Protocol (VoIP) systems.

Additional Tips

• Whatever your phone or system, ongoing nuisance calls should be reported to your service department's “annoyance department,” which can place a trap on your number to stop specific callers.
• If you receive repeated calls from the same “legitimate” business, request that the company put you on its do-not-call list. (It's best to make this request in writing, and send a copy to the FTC, 600 Pennsylvania Avenue, NW, Washington, DC 20580). Robocalls and other nuisance calls can be reported to the agency.

     Spotted a scam in your area or need help figuring out how to spot or report a fraud? For over 14 years, AARP Foundation Volunteers, who've been trained in coaching people on how to avoid fraud, have been helping people learn what to watch out for and what to do if they or a loved one has been victimized.

     “Volunteers are the lifeblood of the AARP Fraud Watch Network Helpline; we wouldn't be able to do it without them” states Amy Nofziger, who oversees the Helpline.

     “Scammers keep coming up with new ways to steal people's money and it can be overwhelming to know where to turn for help. Our volunteers are trained by leading fraud experts and law enforcement, and they take the time to walk people through the steps they need to take to get their life back.”

     Adele Phelan is one of those AARP Foundation volunteers. After a very successful career in higher education, Adele's dedication to her community has shown through for the many callers she's assisted on the helpline. “I appreciate being able to help people who feel like they have nowhere else to turn” states Adele. “I feel especially passionate about being able to help those who are most vulnerable:

the grandparents who want to protect their grandchildren; the elderly who are terrified that they owe the IRS; and the lonely persons looking for love who lose both love and money through the romance scams”

      Based out of Denver and Seattle, volunteers at the Fraud Watch Network Helpline answer around 1,100 callers from across the country each month. While the calls come in on a wide range of topics, the top three areas that we've received the most reports about this year are: IRS Imposter Scams, Computer Hacking Scams, and Complaints about Sweepstakes and Foreign Lotteries.

     If you or someone you know has been a victim of a scam or need help learning what to watch out for, and you want to talk to a live person, call the Fraud Watch Network Helpline at 1-877-908- 3360. You can give us a call on the Helpline as well if you live in the Denver and Seattle area and want to be trained to help others protect themselves from fraud.

     Last Year, more than 31 million U.S. consumers had their credit card information stolen, more than three times as many as in 2013. New EMV “smart chip credit card technology promises better protection, but scammers are taking advantage of the change already.

     EMV- short for Europay, MasterCard and Visa- is that small, metallic square on the front of these new cards that creates a unique transaction code that cannot be used again, unlike magnetic-stripe cards that store unchanging account details that aid fraudsters.

     If you haven't already received your new EMV “smart chip” credit cards you soon will. Here are the scams to watch out for and tips to protect you:

1. Legitimate emails from card issuers should be short, to-the-point notifications that your new EMV card is being mailed, perhaps with an “expect within 10 days” time frame. They should not include links or attachments promising details or urging action to “update your account” or the like; that's the calling card of scammers.  As a general Rule, don't trust links in emails- and before clicking, always hove your computer mouse over the link; if it doesn't display the sender's company name, assume the worst. It's also safe to access any business website by typing its URL yourself, not via provided links. Or call the phone number listed on your card, not provided in emails.
2. Bogus PayPal emails are making the rounds, with malware-laden “Update Your Account” attachments.
3. Authentic emails from card issuers will address you by name and include some specific reference to your credit card, such as the last four digits of your account number. Those from your PayPal, eBay or other businesses will also include your name. Emails vaguely addressed to Dear “Cardholder,” “Customer” or “Account Holder” are scams.
4. Even if the email includes your name, don't trust it unless you previously provided your email address to that business (for instance, when you enrolled in online banking). Email mailing lists- with account holder names- can be purchased by scammers.
5. Be suspicious of phone calls or text messages supposedly from card issuers about EMV cards. These could be “vishing” (for phone phishing) or “smishing” (named after SMS technology that sends text messages) attempts aiming to glean account and personal information.

If you think you downloaded malware or allowed a cybercriminal to access your computer, don't panic. Instead:

• Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem.
• Change any passwords that you gave out. If you use these passwords for other accounts, change those accounts too.
• Secure your credit: If you paid for bogus services with a credit card, call your credit card provider to dispute the charge and ask that it be reversed. Check your statements for any other charges you didn't make and dispute those too.