TMCnet News

Pre-emptive moves can help keep pretexters at bay
[December 26, 2006]

Pre-emptive moves can help keep pretexters at bay


(Dallas Morning News, The (KRT) Via Thomson Dialog NewsEdge) DALLAS _ Identity theft has many facets, and the latest is called "telephone pretexting."

That occurs when someone calls you or a company you do business with and, on a pretext, tries to obtain your personal information.

Pretexting came into the spotlight during the scandal over Hewlett-Packard Co.'s attempts to stanch boardroom leaks. The company acknowledged hiring private investigators to acquire the personal phone records of company directors, journalists and others.



Most people will never be involved in such high-level skullduggery, but everyone needs to be aware of the threat that pretexting poses to their finances and privacy.

Once they get their grubby hands on your personal information, pretexters may sell your data to crooks who may use it to get credit in your name or steal from your bank account.


That's the classic identity theft scenario, in which the criminals don't care who their victim is. But often there are more insidious motives behind pretexting.

The information is frequently used by data brokers, private investigators, loan collectors or individuals involved in private disputes who are looking for specific information about a person.

Federal officials say they don't know how extensive pretexting is.

"We have no way of knowing," said Betsy Broder, an assistant director of the Federal Trade Commission's Division of Privacy and Identity Protection.

The FTC is working with the Federal Communications Commission to investigate and catch pretexters. Both agencies have pursued data brokers who've sold consumers' telephone records.

Federal law already makes it illegal to obtain financial records by pretexting. But no federal law explicitly makes pretexting for phone records unlawful.

The HP case highlighted that gap and put the spotlight on pretexting for telephone records.

What you can do

You can take steps to protect your information from pretexters.

One piece of advice applies to any fraud protection strategy: Be very wary of people who call you out of the blue, no matter who they say they are.

Don't give out information over the phone, through the mail or over the Internet unless you've initiated the contact or know whom you're dealing with.

"We would strongly advise customers to act with prudence and question heavily any caller who is trying to obtain information about them," said Bill Kula, spokesman for Verizon Communications Inc.

"If a customer receives a call and senses something awry or suspicious, they shouldn't release any information," he said. "Promptly call Verizon, and we can confirm whether we really are trying to speak to one of our customers."

There's another prevention strategy, one that applies directly to pretexting. It involves creating an online account with your telephone company so you can access your billing and call records.

Some people are wary of setting up accounts online, afraid that their information will be stolen. But experts say setting up your account online can actually prevent that from happening because it creates another barrier a potential pretexter must hurdle.

Verizon requires its customer service representatives to check if a customer has established a password on the account before disclosing information, Mr. Kula said.

If you've established an online account, "it's one way to make it less likely that someone will get your phone records," Broder said. "That's one way to thwart one type of pretexting."

Before creating online access to their account, customers must have their phone bill in front of them, because they will be asked to supply the customer code or account number from the bill, Kula said.

"Your password is the most important thing that you need to focus on," said Jimmy Duvall, spokesman for Verizon Wireless. "Make sure you have passwords on all your accounts. Don't use obvious passwords, and don't share your password with anyone."

An obvious password might be your mother's maiden name, the last four digits of your Social Security number, your birth date, your phone number or any series of consecutive numbers. The best password is a random string of numbers and letters. Write it down and keep it in a safe place.

Federal regulators are studying what phone companies are doing to protect customer information, what the weaknesses are and what improvements are needed.

"We are investigating the telecommunications carriers to determine whether they have implemented safeguards that are appropriate to secure the privacy of the personal and confidential data entrusted to them by American consumers," FCC Chairman Kevin Martin told Congress early this year.

Officials of Verizon and AT&T Inc. have filed lawsuits against those who have obtained customer information under false pretenses.

"We are actively pursuing pretexters in civil courts on potential criminal charges," said Walt Sharp, an AT&T spokesman. "We do take the privacy of that information very seriously."

Like Verizon, AT&T requires customers to provide "very detailed information" before it releases customer information. But Sharp declined to identify what exactly AT&T requires, saying the company doesn't want to give thieves a roadmap.

The FTC and FCC want Congress to make pretexting for phone records a federal crime, providing them with enhanced enforcement powers. So far, the FTC has had to pursue cases under its mandate to stamp out "unfair and deceptive practices" in commerce.

Several bills that would criminalize pretexting for call histories have been introduced in Congress, but none has come up for a full floor vote.

"Although the acquisition of telephone records does not present the same risk of immediate financial harm as the acquisition of financial records does, it nonetheless is a serious intrusion into customers' privacy and could result in stalking, harassment and embarrassment," Joel Winston, associate director of the FTC's Division of Privacy and Identity Protection, told Congress in September.

If you think your customer information has been disclosed without your permission, contact your telephone company right away. Also, file a complaint with the FCC at www.fcc.gov/cgb/complaints.html, or call 1-888-225-5322 (toll-free). But remember that there's no guarantee that you'll escape the clutches of pretexters.

"Pretexters are very resourceful," Ms. Broder said. "Even if a consumer takes all the precautions, it doesn't necessarily ensure that their records won't be accessible by some fraudsters."

___

(c) 2006, The Dallas Morning News.

Visit The Dallas Morning News on the World Wide Web at http://www.dallasnews.com/

Distributed by McClatchy-Tribune Information Services.

_____

ARCHIVE ILLUSTRATION on MCT Direct (from MCT Illustration Bank, 202-383-6064): phone scam

For reprints, email [email protected], call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.

Copyright 2006 The Dallas Morning News

[ Back To TMCnet.com's Homepage ]