We've been hit. I finished our taxes and took them to our CPA on April 1. He finished them about 3 days later. We're supposed to get $2,257 back. He filed them electronically and it promptly bounced back. It seems that my Wife had already filed a tax statement and gotten $5,7xx back. I called her at work and told her about it. She got pretty upset. How could it happen? The CPA told me that it only takes somebody with a laptop somewhere.

She called the IRS and sat on the phone a couple of hours. The next morning she went to the IRS office in Dallas and discussed the deal. The scammer reported $19,000 and took a bunch of child care deductions, low income, etc. The perp has her name, address and SS #. They noted the deal on our file and we mailed in our tax statement. The IRS will investigate but could take 6 to 12 months or maybe longer. We will be given a PIN to file on all future taxes. We're not going to see that $2,700 anytime soon. OK, what happens if we don't have the PIN # by next 4/15? Don't know.

I talked to a friend who is in IT Security at Bank of America. She told me that once "they" get your SS#, they have it all. My SS# is hooked to hers in a lot of places so I'm also vulnerable. This will mean credit and debit cards plus Life Insurance, etc. The scammers can also cash in my Life Insurance policies that I've had for a long time. We can't change SS numbers and I'll bet 50 or more credit institutions and merchants have those #'s.

I've talked to the Credit Union where we bank and they have put additional security on all of our accounts. Including Grandkid saving accounts, I have 6 accounts.

What can we do and how do we protect ourselves? Mostly, there's not one damn thing we can do. Neither can you. Due to information sharing by financial institutions and merchants, our info, with SS#'s, is everywhere. I talked to my Wife about us cancelling credit and debit cards. Let's just say that I was unsuccessful and leave it there.

I saw where the IRS has found 1,491 of these occurrences this year. That's about twice what it was last year. I don't believe that #. There is no way that she beat millions to one odds and got hit.

So sorry to hear that, Dave!

Contact the credit bureaus to put an alert (or freeze) on your account. I have several clients that have done this and it seems no reports or inquiries can be ran without your approval (phone call) or without contacting the bureaus to un-freeze or un-lock your account so whom ever you have approved can have access.

Regarding life insurance withdrawals or surrenders, you can contact your life insurance company to give them an alert as well.

Most insurance companies also offer an "Identity restoration" type coverage through your homeowners insurance (or renters insurance) at much less than some of those advertised on TV or the internet. Ours is $25 per year for up to $25k in coverage. It puts the ball in their court (case manager) to make the necessary contacts to restore your identity. I personally wouldn't know where to start, nor have the time!

Just some thoughts and I'm sure there's others that know more, but I wish you the best!

Thanks LL. Those are some things that I hadn't considered.

Dave, that's terrible. I am very protective of my SS number. I have the paper SS card, and on the bottom it says "Not to be used for identification purposes". Yeah I know some law was passed a while ago to make it legal to do so.

I don't have my SS# on my drivers license. I use that drivers license # in place of a SS# whenever possible. PITA? Yes.

I do use a debit card on-line to make purchases, not a CC. That debit card has it's own account, and is not linked to any other account. I transfer $$ into it to make purchases, and just keep a minimum in there otherwise. There's been a couple of times that it's been hit, but when no $$ comes out of it, they give up.

Even if places ask for a SS number, and I don't feel like they have a real reason to have it, I gave up arguing with them about not giving one to them. I just give them a made up one.

LL, that sounds like something that I need to check to see if it's offered thru my homeowners. Thanks.

"I do use a debit card on-line to make purchases, not a CC"

My debit card was compromised in the Target breach in Dec, 2012. After I changed the account numbers and got new cards, we quit using the debit card and always use a CC instead. I understood it provides more protection than does a debit card and they don't have access to your account(s). Was I wrong?

I normally use my CC with the thoughts of protection from unathorized purchases because I didn't think my debit card did, but you seem to have safeguarded that with an exclusive account for your debit card.

I also signed up for "Verified by Visa" with my debit card through my bank. So if I use my debit card I have to enter a password to complete online purchases to verify I'm the one using it. It's no cost and offered via my bank's website.

At this time, with what I'm learning, is that the debit card is very dangerous. If you spot something on your credit card bill, you can call the card Co(VISA or MC) and dispute it. They investigate and, if not real, they don't pay it. However, on a debit card, the merchant already has your $ and you are at their mercy to get it back. That may or may not be easy.

I called my Insurance company to discuss the identity theft protection. They essentially assign a representative of how to proceed and who to contact. They do not "make me whole". Since we may already be at risk, there is a question of whether they will take the added endorsement.

We use our debit card quite often at the bank drive up window to get cash. Actually, it's what they call a credit card that can be used as a debit card. I want to cancel it and keep enough cash around so we don't have to use it. I can go to the bank at any time, see a teller, and replenish the cash.

Dave -- I don't have any real advice.

I just know, that it all scares me.

We still pay cash for most of what we buy, except for gasoline -- and then there are the on-line purchases, through PayPal, Amazon, etc. Those really scare me. But, I don't know what the alternative is.

We are currently going through readjustments and issues because Lynda bought some Christmas presents on a credit card at Target last November/December. They re-issued her card. That caused multiple other issues, because things got bounced because the old card was no longer valid.

To make matters worse, we finally (after waiting decades) got actual addresses, thanks to the 911 system! Great, the fire department and ambulance can supposedly find me, but the credit card companies can no longer ID me. So, our credit cards, and many other accounts, bounce us.

Dave -- I sure don't have any answers. Gettin' old is hell!

Old Ken

P.S. Did you get a chance to send that special e-mail virus to Sunil?

Most debit cards are issued as 'credit cards' by visa or mastercard etc. This means you can use them like a debit card where you put in your PIN and money is transferred immediately from your bank account. This use is dangerous as password swipers or key stroke monitors can steal the PIN and use your data with immediate access to funds and little way to get it back.

However you can use the same debit card and use it like a credit card. Meaning you hit the credit button instead of debit and you DON'T put in the PIN. This money still comes out of your account but your PIN is safe and you have the full protection from unauthorized use or charges on that card similar to a standard credit card. Especially if you go to a hotel where they put a charge held on your card and you use a debit card you need to be sure it is used as a 'credit' transaction and not a debit with a PIN.

Confusing for sure, the whole economy is tied up in electronic and computerized transactions ripe for fraud and crime and it is very tough to protect anything or anyone much less change back to an all cash society.

I agree that those requiring a SSN should be given a phony one as it should not be used for identification purposes. One of my banks REQUIRES your SSN as your 'username' for logging in to online banking. How backwards is that?

That's what my "debit" card is, issued by Visa/Mastercard. I never, never use it as a "debit" card (PIN required). With my credit union, the card functions like a credit card. Unauthorized purchases are dispuatble, and it's pretty foolproof. Before I learned my lesson, and opened a completely separate account, I used my checking "debit/credit" card as a credit card. I thought I was being smart by calling the company and giving the number to someone via telephone (land line on my end). I happened to check the account a few hours later and found a fradulent charge. In the span of less than an hour, the fradulent charge went from a daycare in Atlanta (the place that I called was in Boston), to bouncing around in Europe for airline tickets and hotel rooms.

I called the credit union at 5 minutes to 5:00 p.m. (when they close) and reported the unauthorized transactions. At that point the total of transactions was over $5K. They said I had to come in and fill out paperwork to stop the card from being used. No way could I make it there before they closed. No problem they said, we'll wait for you. I arrived at 5:20 p.m. and didn't leave there until almost 6 p.m., an hour after they "closed". That's how I found out about using a different account for the "debit/credit" card to eliminate my chances of getting hit again.

I lost $0 from that fiasco, the credit union said "no problem, well take care of everything" and they did.

Run Forrest, run!

Hey Ken, my "friends" always keep Sunil in the loop. I got one of his scam EMails and knew immediately that it wasn't real. Heck, Sunil doesn't Email me. He picks up the phone and calls.

Sorry to hear that Dave.

That sucks Dave... Sorry you're having to deal with this.

I'm really sorry to hear about this Dave.

I thought I saw on 60 minutes or something that in Canada if they catch you scamming or hacking money out of someone's account(s) it's a life sentence. Anyway know for sure?

If it is the case I wouldn't have any pity for some going to jail for life for doing this.

I like "get a rope"

Same thing happened to Cathy, Dave. Her electronic filing was rejected (already filed) IRS happened to send her a letter since "she" had failed to add an overpayment from last year to her refund. IRS didn't send out the fraudulent payment yet. She also had $12,000 charged in 4K increments at a Florida Target store, a new account opened and flight from NYC to the Dominican Republic charged on it....ticket stopped...Capital one account was hacked and a "replacement card" sent to Florida...Cap one screwed up and sent it to OUR address...stopped that attempt.

It is a major PITA to have so many fraud alerts to send out, but she got pretty lucky really...she just happened to notice a charge on a card she had not used in 6 years that alerted her. All this fraudulent activity took place over a 32 hour time span....more things keep trickling in that were stopped after the fraud alert was made.

Sounds good to me!

The IRS would not accept my ss# said it does not match my name.. I can't wait to see what this is all about been a couple weeks still no answers.. nothing crazy on my credit reports or anything like that so I don't know wth is going on.. I thought to myself wow they had no problem taking money out of my checks all year but now it's time to write me a fat check and what do you know somwthing is wrong..

Sometimes I just want to give up on trying to make money in this country and start living like a slob and be paid for it.. Ok I'll stop before it gets heated..

We have been hit with things bought that we didn't buy several time on the credit card, but usually you are limited to only $50 liability and that is waved. But my wife uses a debit card and that always made me nervous because you could potentially have your whole bank account wiped out. I told her and told her to at least use a credit card. Now after a hit for $400 plus she got the message. Now for most things we pay cash. It's a pain in the butt but is't safer.

Totally agree life sentence with a quick end to the life. Why should we pay to keep them alive?

I had my credit card stolen three times. My card card company doesn't see this as a big deal and just cancels the card and send me a new one. I asked them repeatedly should I do anything different and they said no. Also wondering why more effort doesn't go into getting after the folks that do this. I guess most are off shore and hard to find.

Lassig, I read an article this morning about the Heartbleed hack that said almost 60% of the attacks come from China.

Lot's of companies out there that never delete your data. We had a Discount Tire credit card back in the day, and cancelled the account years ago. I got a letter last month from the underwriting credit card company about a rate change. They've kept my personal data for over 5 years with no transactions or activity.

The internet's forever.

Al, I just checked the business account (Hoosier Pond Pros) and from what I can see, once the credit card goes thru, the data is gone. To issue a refund (I've had people order aquamax fish food and NOT read the "pick up only or call for a shipping rate quote") I just write a check and mail it.

Had a guy from Virginia yesterday order a bag. I checked shipping costs before I called him to ask when he was picking it up.

UPS shipping on the single bag was more than what we're selling the food for.

I pay cash for as many things as I can, but keeping track of receipts is a PITA. I guess dealing with identity theft is worse, so I'll keep dealing with the receipts. I enter data into Quicken on a daily basis.

Scott,

I had a guy from California I believe want me to seen him a bunch of trout for a barbecue after he accessed my website (down at the moment). I said they start at $40.00 a piece (this was a few years ago my prices have gone up), and were for taxidermy purposes. Said that was fine. WTH!?

Anyway he wanted to pay with a CC and I said no and told him there had to be some private hatcheries in California.

I've got a guy that calls every few years from Michigan that wants to buy "All the fish in ALL my ponds. Just say send him the bill. However I can't call him as he doesn't have his own phone. The guy is fruit loops and probably calling from a nursing home or mental institution.

I'm not singling out any administration or poltiical persuasion so I hope this doesn't sound political (this goes back a ways with all admins and congress critters regardless of party), but if our government made world policeman less of a priority, and us at home more a priority, it would be amazing what they could do. I believe what little has been done is due to the congress critters having issues themselves with identity theft.

Mods if this is regarded political please feel free to delete.

Cecil, I agree 100%

Scott as a vender, that sounds correct.

The store cards are the ones that worry me. They never delete your data in hopes that you'll change your mind, and reopen the account. You should always request a hard close.

Cecil, delete it? Hell, I agree with you. I could go further but it would damn sure get political regarding both parties of Congress and lots of guv "officials".

I just send Scott USPS money orders, as most else.

O.K. As soon as the funds clear I'll be putting them in FedEx would have been my answer.

What if he sent the money and turned out to be effected by Alheimers and I got the wrath of his family.

Dave, be sure fill out an FTC form at www.IC3.gov .... contact the Social Security admin at 1-800-269-0271 in case they work under your SSN and rip off an employer ...and let your health Insurance provider know, as many now get free health care on your plan and you will possibly get denied due to conflicting medical histories/procedures.

There really is not much limit to how an Identity thief can use the stolen info to screw us.

I saw on TV that our credit card system can be made a lot safer but not 100% so by adopting the the European system but there was resistance by banks, retailers, etc. because of the change over costs.

Not until it costs the banks more for the ID theft than the changeover will they do anything about it. :-(. No skin off their back leaving our bare butts in the breeze.

You guys scared me into submission and went through all of the effort in the past two days to protect our ID and check statuses. Looks clean right now... If only I could get my SSN converted to something new so all records of it would be disconnected (i.e. school records, old health insurance, etc)

Liquid, you CAN get your SSN changed by calling the SSA at 1-800-269-0271...However, I don't know if you have to document being a victim of identity theft for that to be done.

When Target got hacked they got Victoria's password for the Target account and her email address. Her password for her email was the same, so they got access to all of her emails. Once they had access to all of her emails, they knew everywhere she shopped on line. They also knew the password she used most often. Then the fun started for them.

We actually have an address where everything which was bought was shipped. It was San Diego, otherwise I would have visited the 'victim'. (Yes, that is how the death certificate would have read for them.) We notified San Diego PD and they said we had to report it to our police department first, which we did. They then had to contact San Diego for help in their investigation. I am sure it has gone nowhere.

Lesson learned: DON'T USE THE SAME PASSWORDS! Duh.

Our local police officer told us he was working another investigation of someone who was receiving goods at his home and re-shipping them overseas to Africa. He was 'in love' with a 'girl' he had met on-line who he thought was doing mission work. 'She' was having an on-line romance with him and convinced him to re-send things he received to her. She said they were supplies and donations. He would simply receive, add a label, and ship. He didn't suspect anything until he received a big screen TV. It was then he alerted the authorities. Turns out all of the purchases were being made with stolen credit card numbers and he was unwittingly an accomplice.

Victor:

Round trip ticket to Lindbergh Field (San Diego) is probably <$400. I'd take in some beach time while I was there.....

Then there's the SD zoo, Sea World, The Wild Animal Park, and TJ( the mexican one) is a short walk across the border.

It was actually an HVAC contractor that got hacked with the Golden Key to Target's business network. Target itself did not get hacked, but there was an open access point thru the contractor. One comment I read is "this is a hackers dream come true". Find a weak link and you're in. That's what they are looking for.

I'm surprised that both systems were on the same network. You never do that!!, but it could just be an older setup, and things were left combined. Don't really know the fine details, and have never been in a Target store.

I actually seen that statement somewhere to it was a hackers dream or perfect scenario they dream about

What about hiring a private investigator? Failing that, a hitman?

Rex, I know back a few years ago you did have to prove identity theft to get a new card. Surely DD1 falls under this if he chooses to get a new SSN. Credit card #'s are sold like Pokemon cards on the internet, and apparently that doesn't count. At least it didn't for us.

The European system will only help marginally and not at all for online aspects.

There is an article about this in a Control mag I get. Unfortunately, there are uncountable scenarios like this. The media just report the big ones.

There are hack proof ways of tying a business network to an industrial network. They both need info from each other. It's actually quite simple tho, and not very expensive. A hacker could never bridge this gap from one to the other. It's Impossible!!!