ARE MSC's ID THEFT SECURE?
Warning: For Full Access Please Log In or Create an Account (Free)
How do you know that Russian or Chinese hackers won't attack MSCs? You don't know, unless you have some inside information and, if that's the case, then you should share it with the appropriate government agencies.
Realistically, the Nuclear Regulatory Commission, South Caroline Department of Revenue, Goodwill Industries, and numerous others have been hacked, why should MSCs be immune?
Realistically, your best bet is to protect yourself the best you can.
Realistically, the Nuclear Regulatory Commission, South Caroline Department of Revenue, Goodwill Industries, and numerous others have been hacked, why should MSCs be immune?
Realistically, your best bet is to protect yourself the best you can.
.
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
sign up for creditkarma.com. You get your credit score
and now also your reports for free. Check it at least monthly,
but they allow you get a new credit report once a week if
you choose to do so.
And yes its really free, no credit cards recquired.
and now also your reports for free. Check it at least monthly,
but they allow you get a new credit report once a week if
you choose to do so.
And yes its really free, no credit cards recquired.
= + = + = + = + = + = + = + = + = + = + = +
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
Hi. That creditkarma.com? How do they know your credit score? Do you have to give them your SSN or something? I'm curious. Thanks. 
they will ask for it then also verify your identity
with random questions from the report. It's in
partnership with transunion. One of the 3 bureaus.
Better then paying a monthly monitoring service or
paying for your report every month to check
with random questions from the report. It's in
partnership with transunion. One of the 3 bureaus.
Better then paying a monthly monitoring service or
paying for your report every month to check
= + = + = + = + = + = + = + = + = + = + = +
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
We are all at their mercy, and it's a crapshoot no matter how you approach it.
I so wish I was a techie to be able to understand the intricacy of the online universe as well as the hardware. My computer just went black the other day with no warning whatsoever and no suspicious usage that I could imagine. My first thought was that it had been hacked. I had to take it to a reliable repair place we'd used before and paid $118 for what was described as a Windows tantrum. I suspect I could have fixed it myself if I had ever taken the time to learn how it really works. Luckily, I didn't lose any of my files but will do my back ups a lot more often from now on.
I so wish I was a techie to be able to understand the intricacy of the online universe as well as the hardware. My computer just went black the other day with no warning whatsoever and no suspicious usage that I could imagine. My first thought was that it had been hacked. I had to take it to a reliable repair place we'd used before and paid $118 for what was described as a Windows tantrum. I suspect I could have fixed it myself if I had ever taken the time to learn how it really works. Luckily, I didn't lose any of my files but will do my back ups a lot more often from now on.
Canuck Wrote:
-------------------------------------------------------
> Thank you, Tech.
Check your email later for an invoice for my time.
-------------------------------------------------------
> Thank you, Tech.
Check your email later for an invoice for my time.
= + = + = + = + = + = + = + = + = + = + = +
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
There are no stupid questions, but there are a lot of inquisitive idiots
==--==--==--==--==--==--==--==--==--==
When you try to please everybody, you end up pleasing nobody
Hahah...I got an email from them, confirming my account.
It was painless. It only took a few minutes and bam! I got my credit report.
Amazing Tech.
Oh wait..forgot to tell ya that yours went automatically to my junk mail folder.
Oops.
Edited 1 time(s). Last edit at 08/30/2014 06:30PM by Canuck.
It was painless. It only took a few minutes and bam! I got my credit report.
Amazing Tech.
Oh wait..forgot to tell ya that yours went automatically to my junk mail folder.
Oops.
Edited 1 time(s). Last edit at 08/30/2014 06:30PM by Canuck.
I've been using creditkarma for a long time.
You can tell based on the URL when you sign in, whether it is a secured site or not. That's no guarantee that they won't be hacked, but it provides some small measure of comfort.
I don't deal anymore with the ones who are too cheap or too lazy to renew their security certificates, and let them lapse.
I don't deal anymore with the ones who are too cheap or too lazy to renew their security certificates, and let them lapse.
------------------------------------------------
Plan the work. Work the plan.
Plan the work. Work the plan.
I highly recommend you read Clark Howard's Credit freeze and thaw guide here:
[www.clarkhoward.com]
It has given me peace of mind that nobody will ever open any credit in my name.
Clark Howard is my main man for consumer financial information. I love his radio show.
He's above Consumer Reports and [consumerist.com] in my level of trust in the quality of the advise he gives.
It is absolutly free, and the official way to stop identity theft in it's tracks, unlike the scam companies like Lifelock.
[www.clarkhoward.com]
It has given me peace of mind that nobody will ever open any credit in my name.
Clark Howard is my main man for consumer financial information. I love his radio show.
He's above Consumer Reports and [consumerist.com] in my level of trust in the quality of the advise he gives.
It is absolutly free, and the official way to stop identity theft in it's tracks, unlike the scam companies like Lifelock.
Here are two of the main security concerns I have found:
1. I signed up with someone yesterday and today when I went to look at my profile, I discovered they showed my entire SSN in plain text. That's just asking for a problem. I'm going to contact them about my concerns. If my issue can't be resolved, I will have to ask them to remove my SSN and deactivate me.
2. Most MSC's want you to use your paypal email address as your login address. That's half of your paypal credentials. If you use the same password at the MSC as at paypal, you have given all your paypal credentials to the MSC.
In both cases, you are vulnerable to both hackers and rogue employees or former employees.
1. I signed up with someone yesterday and today when I went to look at my profile, I discovered they showed my entire SSN in plain text. That's just asking for a problem. I'm going to contact them about my concerns. If my issue can't be resolved, I will have to ask them to remove my SSN and deactivate me.
2. Most MSC's want you to use your paypal email address as your login address. That's half of your paypal credentials. If you use the same password at the MSC as at paypal, you have given all your paypal credentials to the MSC.
In both cases, you are vulnerable to both hackers and rogue employees or former employees.
junk1958 Wrote:
-------------------------------------------------------
> Here are two of the main security concerns I have
> found:
>
> 2. Most MSC's want you to use your paypal email
> address as your login address. That's half of
> your paypal credentials. If you use the same
> password at the MSC as at paypal, you have given
> all your paypal credentials to the MSC.
>
> In both cases, you are vulnerable to both hackers
> and rogue employees or former employees.
I added a "secondary email" to my Paypal account that is for inbound funding only, and NEVER EVER gave a MSC my primary Paypal email address. Paypal will NEVER contact me in any way whatsoever with the secondary email address.
Never use your main primary Paypal address with a MSC. You can edit your Paypal profile and add an additional funding only email address.
This way, if you ever get an email from "Paypal" to this address, you know 100% that it is fake without even looking at the email headers or the fake links in the email to a hackers website that looks exactly like the official login to Paypal!
Edited 4 time(s). Last edit at 08/31/2014 12:13AM by scanman1.
-------------------------------------------------------
> Here are two of the main security concerns I have
> found:
>
> 2. Most MSC's want you to use your paypal email
> address as your login address. That's half of
> your paypal credentials. If you use the same
> password at the MSC as at paypal, you have given
> all your paypal credentials to the MSC.
>
> In both cases, you are vulnerable to both hackers
> and rogue employees or former employees.
I added a "secondary email" to my Paypal account that is for inbound funding only, and NEVER EVER gave a MSC my primary Paypal email address. Paypal will NEVER contact me in any way whatsoever with the secondary email address.
Never use your main primary Paypal address with a MSC. You can edit your Paypal profile and add an additional funding only email address.
This way, if you ever get an email from "Paypal" to this address, you know 100% that it is fake without even looking at the email headers or the fake links in the email to a hackers website that looks exactly like the official login to Paypal!
Edited 4 time(s). Last edit at 08/31/2014 12:13AM by scanman1.
scanman1 Wrote:
>
> Never use your main primary Paypal address with a
> MSC. You can edit your Paypal profile and add an
> additional funding only email address.
>
> This way, if you ever get an email from "Paypal"
> to this address, you know 100% that it is fake
> without even looking at the email headers or the
> fake links in the email to a hackers website that
> looks exactly like the official login to Paypal!
It doesn't matter which paypal email address you give the MSC, since you can log into paypal with any of your paypal email addresses. I have three email addresses registered with paypal. I can log into paypal with any of them.
My point was to make sure you have a separate password that is not your paypal password and nothing like your paypal password. You don't want anyone from an MSC (or a hacker) to guess your password from the files they have access to at the MSC.
>
> Never use your main primary Paypal address with a
> MSC. You can edit your Paypal profile and add an
> additional funding only email address.
>
> This way, if you ever get an email from "Paypal"
> to this address, you know 100% that it is fake
> without even looking at the email headers or the
> fake links in the email to a hackers website that
> looks exactly like the official login to Paypal!
It doesn't matter which paypal email address you give the MSC, since you can log into paypal with any of your paypal email addresses. I have three email addresses registered with paypal. I can log into paypal with any of them.
My point was to make sure you have a separate password that is not your paypal password and nothing like your paypal password. You don't want anyone from an MSC (or a hacker) to guess your password from the files they have access to at the MSC.
I dont disagree that you can log in with any of the email addresses, but any emails recieved from Paypal will only be sent to the PRIMARY email address. If that is not known to the MSC's, then if there database is hacked and a hacker sends out fake Paypal emails, they will come from the non-primary address. This will be a certain flag as you will never ever get such an email from Paypal.
Besides, you should always log into Paypal directly and never from an email link.
This is just a way to stop fishing spam, if a MSC's database is broken and a hacker sends out spam to all the members of that company with fake Paypal links in the email.
Edited 1 time(s). Last edit at 08/31/2014 06:13AM by scanman1.
Besides, you should always log into Paypal directly and never from an email link.
This is just a way to stop fishing spam, if a MSC's database is broken and a hacker sends out spam to all the members of that company with fake Paypal links in the email.
Edited 1 time(s). Last edit at 08/31/2014 06:13AM by scanman1.
> This is just a way to stop fishing spam, if a MSC's database is broken and a hacker sends out spam
> to all the members of that company with fake Paypal links in the email.
Fair enough. I imagine most hackers try several approaches.
I was more focused on hackers who grab the list of email addresses and passwords, then try to login with that. There are always some people who use the same password for all their accounts.
But I am sure others start with a phising approach as you describe. Or try both approaches at the same time.
> to all the members of that company with fake Paypal links in the email.
Fair enough. I imagine most hackers try several approaches.
I was more focused on hackers who grab the list of email addresses and passwords, then try to login with that. There are always some people who use the same password for all their accounts.
But I am sure others start with a phising approach as you describe. Or try both approaches at the same time.
The advise about using a secondary PayPal address with MSCs is very good. I never thought of that. But what of ID theft? If you get a credit report monthly, you may find you've run up a $5000 Best Buy bill and a $10,000 bill at Tiffany's through phoney accounts. By then it's too late.
Maybe if MSCs didn't have all of the critical information needed for a crook to open an phoney account you could be protected. Do they need your exact address if you are paid by direct deposit or by PayPal? Why do they need your exact date of birth? A birth year is enough for age related assignments.
It is seeing the ID theft nightmares of friends andfamily that is making me somewhat paranoid. Just ask yourself how many MSCs have your own personal information.
Maybe if MSCs didn't have all of the critical information needed for a crook to open an phoney account you could be protected. Do they need your exact address if you are paid by direct deposit or by PayPal? Why do they need your exact date of birth? A birth year is enough for age related assignments.
It is seeing the ID theft nightmares of friends andfamily that is making me somewhat paranoid. Just ask yourself how many MSCs have your own personal information.
A birth year is not always sufficient for a compliance shop such as alcohol or tobacco, especially where jobs are on the line.
.
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
I agree with JamesBond. In addition, most age compliance shops that involve the possible loss of a job require that a photocopy of an actual ID documenting the month, day and year of birth be on file.
junk1958 Wrote:
-------------------------------------------------------
> Here are two of the main security concerns I have
> found:
>
> 1. I signed up with someone yesterday and today
> when I went to look at my profile, I discovered
> they showed my entire SSN in plain text. That's
> just asking for a problem. I'm going to contact
> them about my concerns. If my issue can't be
> resolved, I will have to ask them to remove my SSN
> and deactivate me.
Just because you can see your personal info, it does not mean that schedulers, editors, etc. within the MSP can see or gain access that info.
-------------------------------------------------------
> Here are two of the main security concerns I have
> found:
>
> 1. I signed up with someone yesterday and today
> when I went to look at my profile, I discovered
> they showed my entire SSN in plain text. That's
> just asking for a problem. I'm going to contact
> them about my concerns. If my issue can't be
> resolved, I will have to ask them to remove my SSN
> and deactivate me.
Just because you can see your personal info, it does not mean that schedulers, editors, etc. within the MSP can see or gain access that info.
Joan Gingras
Senior Project Director~BarStoolie Mystery Shopping
Barstoolie@insideevaluators.com
Senior Project Director~BarStoolie Mystery Shopping
Barstoolie@insideevaluators.com
cvb42jeb Wrote:
-------------------------------------------------------
> I so wish I was a techie to be able to understand
> the intricacy of the online universe as well as
> the hardware. My computer just went black the
> other day with no warning whatsoever and no
> suspicious usage that I could imagine. My first.
> thought was that it had been hacked. I had to
> take it to a reliable repair place we'd used
> before and paid $118 for what was described as a
> Windows tantrum. I suspect I could have fixed it
> myself if I had ever taken the time to learn how
> it really works. Luckily, I didn't lose any of my
> files but will do my back ups a lot more often
> from now on.
Wow, this is weird! My Windows-based phone did the same thing on Friday! No activity at all! I put it in my purse while it was on, and when I took it out, nothing. Like it committed suicide. It was still under warranty and I'm waiting for a new one. Then I'm going to start looking for another model.
-------------------------------------------------------
> I so wish I was a techie to be able to understand
> the intricacy of the online universe as well as
> the hardware. My computer just went black the
> other day with no warning whatsoever and no
> suspicious usage that I could imagine. My first.
> thought was that it had been hacked. I had to
> take it to a reliable repair place we'd used
> before and paid $118 for what was described as a
> Windows tantrum. I suspect I could have fixed it
> myself if I had ever taken the time to learn how
> it really works. Luckily, I didn't lose any of my
> files but will do my back ups a lot more often
> from now on.
Wow, this is weird! My Windows-based phone did the same thing on Friday! No activity at all! I put it in my purse while it was on, and when I took it out, nothing. Like it committed suicide. It was still under warranty and I'm waiting for a new one. Then I'm going to start looking for another model.
*********************
I'm "Sandi" in the Middle!
I'm "Sandi" in the Middle!
Lots of good suggestions here!
I have the mscs and PayPal deposit my money into a small ($100 balance) checking account at my bank. I check for deposits every day and immediately transfer anything over $100 into my savings account that no one but me has access to. I don't know if hackers would be able to get into my savings account if they know my checking info, but it made sense when I set it up years ago.
Anyone know anything about LifeLock? Is it any good?
I have the mscs and PayPal deposit my money into a small ($100 balance) checking account at my bank. I check for deposits every day and immediately transfer anything over $100 into my savings account that no one but me has access to. I don't know if hackers would be able to get into my savings account if they know my checking info, but it made sense when I set it up years ago.
Anyone know anything about LifeLock? Is it any good?
*********************
I'm "Sandi" in the Middle!
I'm "Sandi" in the Middle!
I seem to recall the owner of Lifelock, when they first started, put his SSN out and $1 million to anyone who could hack his SSN. To the best of my knowledge, he never had to make that payout.
.
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
Assuming that your sate/county/city won't harass you to death, you could apply to the IRS for an Employer Identification Number [EIN] and supply that in lieu of your SSN.
It provides a number that the IRS would recognize for your monthly payments and yet would keep your SSN safe.
It provides a number that the IRS would recognize for your monthly payments and yet would keep your SSN safe.
.
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
Have PV-500 & willing to travel.
"Answers are easy. It's asking the right questions which is hard." (The Fourth Doctor, The Face of Evil, 1977)
"Somedays you're the pigeon, somedays you're the statue.” J. Andrew Taylor
"I have never met a man so ignorant that I couldn't learn something from him." Galileo Galilei
[www.scambusters.org]
------------------------------------------------
Plan the work. Work the plan.
Plan the work. Work the plan.
Sorry, only registered users may post in this forum.