Employment Screening Goes Big League [more...]

Spyware Beware [more...]

Stores Blame Checkout Software for Identity Losses [more...]

ChoicePoint's Troubles Continue [more...]

United States 1, Ben Laden 0 [more...]

TSA Adds Lighters to Its List of Contraband [more...]

Office Dating Gets Hot [more...]

Cool Tools [more...]

Check Fraud Self-Defense [more...]

For a long time, savvy employers have appreciated the value of verifying credentials. It is no secret that job seekers often inflate credentials and experience in order to be more marketable while job hunting. But the concept apparently is foreign to Major League Baseball. Turns out that the medical director of the New York Jets and New York Islanders did not possess the education cited on his résumé. Dr. Elliot J. Pellman does not have the medical degree from the State University of New York he claims he did. He actually received his medical degree in Guadalajara, Mexico, though he spent one year at SUNY at Stony Brook. Best advice: Regardless of the position for which the applicant has applied, verify his or her credentials and ask to see the actual diploma(s) if practicable.

New York Attorney General Eliot Spitzer is at it again. This time New York's top crime fighter has targeted spyware; those nasty little programs that crooks, identity thieves and unscrupulous advertisers secretly load onto your computer in order to control it or monitor its use. Last week Spitzer sued Los Angeles based Internet marketer, Intermix Media Inc., claiming it illegally sticks hapless computer users with spyware and intrusive adware. To gain access to its victim's computers, Intermix lures users to one of its Websites-such as MyCoolScreen.com or CursorZone.com where they download screensavers, cursors, games, gags and greetings. According to Spitzer many of these freebies contain spyware and adware that download unnecessary and annoying toolbars and direct computers to unrequested Websites with pop-up ads. Spitzer alleges that his six-month investigation revealed that Intermix dumped 3.7 million unwanted downloads on New Yorkers alone. "These fraudulent programs foul up machines, undermine productivity and in many cases frustrate consumers' efforts to remove them from their computers," says Spitzer.

Spitzer is known for his bare knuckle negotiating tactics, often squeezing massive settlements from defendants before even getting them to trial. Says one observer, "A call from Spitzer's office can ruin your day, and your pocketbook."

Some of the big retailers say there is a common thread to many of the recent security breaches they and their customers have suffered: software that they say improperly stores credit card data. Merchants say that the software that processes customer credit card information is supposed to purge the data after each transaction. However, a programming glitch has enabled criminals to capture it and use it for illegal purposes. Retailer Polo Ralph Lauren Corp. is one such merchant. A spokeswomen for the firm said that software used at checkout counters at more than 180 stores improperly retained customer credit card data.

According to sources close to the problem, the magnetic strip on the back of credit cards contains encoded information that does not appear on the front of the card. If in the wrong hands, the information, including a three-digit verification code, could allow criminals to "validate" a fake card.

As concerns mount, retailers are fighting back. BJ's Wholesale Club Inc. has sued IBM to compensate it for losses stemming from a credit card breach last fall. BJ's claims that hackers stole 40,000 customer's credit card numbers by means of a defect in IBM's software. The Natick, Massachusetts retailer has set aside $16 million to cover potential claims resulting from the loss. In legal papers filed by IBM, it says it is not responsible.

According to the Wall Street Journal, recent computer breaches have raised questions about the security some credit card processing software offers.

ChoicePoint, a leading data wholesaler, faces problems on several fronts. In September 2004 the company became suspicious of several small business customers. An internal investigation eventually revealed that identities of over 140,000 consumers had been compromised. The investigation led to the arrest and conviction of one man. Because some 35,000 of the consumers lived in California, which has a notification law requiring consumer notification in the event of illegal access to their personal data, all 140,000 were notified. So far only 750 of them have been victimized. But according to Security Business Newsletter, ChoicePoint CEO, Derek Smith and COO Doug Curling, knowing the violation of internal controls had occurred, sold about $18 million in stock they owned. The price of the stock has since declined. SBN has called for their termination. In the meantime, ChoicePoint has begun to audit its customers and to truncate Social Security numbers when providing consumer information to its customers. The firm estimates that the loss of business and resultant litigation will result in a charge of about $20 million.

Another result of much greater consequence is the avalanche of new legislation proposed by lawmakers to restrict the access to consumer information and more severely punish those that steal identities. However the unintended consequence of much of this legislation, if enacted, will restrict those in the private sector that fight identity theft and chase down fraudsters. NPR's Larry Abramson reports on the affects this has had on private investigators, who have come to rely on personal data to solve cases. His report, "All Things Considered" can be heard at http://r.vresp.com/?PerMarSecurityServic/78992b6342/327817/c3d2f40e22/0599e17

Zacarias Moussaoui, the only person charged in connection with the 9/11 attacks against the United States, last month pleaded guilty to six counts, including conspiracy to commit terrorism, commit aircraft piracy, destroy aircraft, murder government employees, and destroy property. Moussaoui told federal Judge Leonie Brinkema that he was part of a broader plot to fly a jetliner into the White House. The surprise plea ended Moussaoui's rollercoaster trial, in which he represented himself and had to be delayed three times since beginning in October 2002. He now awaits sentencing, which could result in his being put to death. Moussaoui said he is opposed to the death penalty for religious reasons and would fight such a sentence.

Surprise: While Moussaoui held a six-month temporary Visa and was in the U.S. legally at the time of his arrest, he had a valid state drivers' license in his pocket-a license that would not expire for six years after the expiration of the Visa!

Last month the TSA added all types of lighters to its list of items that can no longer be carried aboard commercial airliners. Lighters have long been prohibited from checked baggage because of the potential fire hazard, so the change is an extension of an existing safeguard says the TSA. The new rule allows passengers to possess up to four books of matches and relaxes the restriction on nail clippers, disposable razors, knitting needles and tweezers. For a complete list of prohibited items go to the TSA Website and enter prohibited into the search box.

Office dating, a taboo in many workplaces, has gained new popularity. Because so many workers spend so much time at work, it has been increasingly difficult for singles to find dates outside of the office. According to the American Management Association, office dating indeed often leads to marriage. Among colleagues who dated, 44 percent married, another 23 percent had a long-term relationship.

Employers quickly respond however, that office dating is the leading cause of sexual harassment claims against them and their managers.

Stamps.com is at it again. The company that last year briefly allowed customers to turn their favorite image into a custom postage stamp - quickly stopped the offer when pranksters turned images of Ted Kaczynski and Linda Lovelace into legal postage - is back. This time Stamps.com has stricter rules on the kinds of images that can be placed on stamps. No longer will the firm allow the images of celebrities, politicians, world leaders or convicted criminals be put onto stamps. Obscene, offensive, pornographic and menacing images are out also. To monitor images submitted for stamps, the firm has assembled a library of tens of thousands of images it has deemed prohibited. In a recent test of just two months, Stamps.com said it sold 2.75 million custom postage stamps. Of the 83,000 images submitted about 9 percent were rejected. While some stamps of questionable taste did slip through, the U.S. Postage Service has given Stamps.com the green light to again sell custom stamps. Stamps.com will again be taking orders starting May 17th. A sheet of 20 37-cent stamps costs $16.99.

Security experts agree that it is only a matter of time before criminals figure out ways to find and exploit security holes in Check 21's new check processing technology. In the meantime, consumers can do more to protect themselves. Here's what we recommend:

• Never make checks payable to Cash.
• Order your checks from your bank. Mail-order checks are often less expensive but typically are easier to alter than bank checks.
• Protect deposit slips. A common scam is to deposit worthless checks into your account and get some of the deposit back as cash.
• Review all deposited checks and ensure they are still made out to and endorsed by the original intended party.
• Protect your signature. Use your real signature for checks and important documents; use another for forms, questionnaires and other routine documents.
• Report suspicious transactions to your bank immediately. The sooner the bank is aware of a problem, the sooner it can investigate it and take corrective action.