Frontline: "The Card Game"

Prior posts in this blog have covered the excesses by banks with consumer credit cards. Frontline's "The Credit Card game" program debuted yesterday. I highly recommend this excellent program:

"As credit card companies face rising public anger, new regulation from Washington and staggering new rates of default and bankruptcy, FRONTLINE correspondent Lowell Bergman investigates the future of the massive consumer loan industry and its impact on a fragile national economy. In The Card Game, a follow-up to the Secret History of the Credit Card and a joint project with The New York Times, Bergman and the Times talk to industry insiders, lobbyists, politicians and consumer advocates as they square off over attempts to reform the way the industry has done business for decades."

If you want to learn about the ways banks have rigged the financial system against consumers, watch this program. In an interview during the program, Nessa Feddis, a lobbyist from the American Bankers Association, made some totally irritating comments.

Check your local PBS station for more broadcast times, or watch the Frontline program "The Card Game" online.

Anybody Can Buy And Operate an ATM Machine

This is wrong on so many levels.

Apparently, anybody can buy and operate an ATM machine. It's easier than you think. And, we consumers need to get smarter about recognizing an ATM machine that criminals have tampered with. Watch this video about how a security expert bought an ATM machine on Craig's List:

What do I do? I never use a standalone ATM machine, like those you find in casinos and convenience stores. I always use one of my bank's ATM machines that is located in a secure facility.

If you want to learn more, read this blog post on Information Security Resources. More importantly, write to your elected representatives in Congress and demand consumer protections with ATM regulations.

Online Personal Finance Web Sites: a "Perception of Security?"

Last year, I wrote a very popular blog post about Mint.com and data security. It seems that others are also looking at the security offered by personal finance Web sites.

In a blog post titled, "How Mint and other Web startups make users feel safe," the reputable Javelin Strategy & research firm said this:

"Though many consumers inherently trust bank security, the reality is that some will be willing to experiment with such sites because they believe there’s an acceptable trade-off between risk and reward. To get a feel for how Web startups tell their security stories, I examined the sites for Mint, Wesabe, Geezeo and Rudder, which suffered an embarrassing security mishap in May. And it turns out there’s a basic formula that involves creating a perception of security, minimizing the use of personal data, deputizing the customer with financial alerts and disclosure. But most interesting of all to me: Two of the sites spin their biggest functional weakness into a security strength. That weakness is that users of such sites can only monitor their money..."

Javelin Strategy advises its corporate and banking clients about how to make money online. I found the phrase "perception of security" most interesting, and this comment too:

"The challenge for Web startups is to create a perception of security.... as much as consumers are anxious about security, they can get over that hurdle if the benefits of the personal finance management tools are strong enough."

What does this say about today's Internet users and consumers? What does this say about how companies view today's Internet users? It suggests that we are a group of gullible sheep. As a group, we seem to be willing to overlook real security lapses and engage in a gamble that identity theft and fraud won't happen to me. That's not how I choose to do my online banking. I demand the best security available.

When You Should Close A Credit Card Account

In the comments section of a prior post about large interest rate increases by banks and credit card issuers, Vikki, a reader asked:

"Doesn't closing your credit cards bring down your credit score? This is the only reason why I haven't closed my cards... just paying them off and not really using them."

Vikki asked a great question, which I want to answer more completely. We all have felt "mugged" by the recent large interest rate increases, credit limit decreases, or both -- especially when you have an excellent payment history. The temptation -- or reaction -- is strong: to close the credit card account. Regardless, you don't want to make a bad situation worse by closing a credit card account and later learn that it was a mistake.

To learn more about credit scores, I spent some time reading the MyFICO.com Web site, which is run by the Fair Isaac Corporation, the same company that ownes the FICO score formula. At the Web site, you can learn about the factors your credit score includes and the factors your credit score excludes.

The site also has a page about whether closing a credit card account will negatively affect your credit score. A decision to close a credit card account should consider:

• The outstanding balance amounts on your credit cards
• How much of those balances you can pay off now
• The interest rates on your credit cards
• Your "utilization rate" -- how much of the total available credit you use with your credit cards
• The annual fees on your credit cards
• If you will need credit in the near future
• If you have several credit cards, which credit card account you want to close

Your utilization rate is important. It is one of the factors used to calculate your credit score. A high utilization rate will negatively affect your credit score. For example: closing a credit card with a $5,000 limit means you would have $5,000 less in available credit. If you have two credit cards each with a $5,000 credit limit and you owe $2,500 on your second card, then your utilization rate went from 25 to 50 percent. That would negatively affect your credit score.

Only you know whether or not you will need credit in the near future. If you plan to buy a house or a car soon, then you will probably need credit unless you can pay with cash. If you close a credit card account and that results in a lower credit score, then it could cost you more money on your new loan.

The MyFICO site has data tables that show the impact of a lower credit score. For example, if your credit score dropped 15 points -- say from 770 to 755 -- it could result in a higher interest rate and monthly payments on a 36-month auto loan. You can view data tables with credit scores and corresponding interest rates and monthly payments for auto loans, mortgages, and home equity loans.

Over at the Red Tape Chronicles blog, Bob Sullivan summed up the problem facing consumers:

"No one can say precisely how much closing a credit card account will hurt your credit score -- too many other dynamic factors go into calculating the number. Fair Isaac, which owns the credit score formula, says the impact can range from zero points to dozens of points..."

If you decide to stop using a credit card instead of closing that credit card account, then your decision could have negative consequences. Some consumers have reported that their bank or credit card issuer (e.g., HSBC, Citibank, American Express) has closed unused credit card accounts, often without notice. That credit card account auto-closed by your bank could drive up your credit utilization rate and negatively affect your credit score. So, check the fine print in your card agreement before you stop using a credit card.

After reading the MyFICO Web site, I remembered some credit decisions I made about 12 years ago, At that time, I had five credit cards with a combined outstanding balance of $18,000. For me, I had too much credit card debt and it had become unmanageable. I didn't need more credit and didn't want any more credit. 12 years ago, the Internet then wasn't the robust research source it is today. I met with a credit counseling agency to get some sound advice. What worked for me: I closed three credit card accounts, negotiated a lower interest rate on one card, halved the credit limit on one card, stopped paying off old credit card balances with new cards, stopped using my credit cards for cash advances, and paid off the highest interest rate card first. I didn't consider the negative impact on my credit score. I was focused on the benefits of living debt free with less stress.

In time, I was able to pay off all of that credit card debt. Today I have zero credit card debt and a credit score above 790. I had it easier than many people since the interest rates on my credit cards were not as high as the outrageous 29.9% today on some credit cards. Today, I pay off my credit card bills in full and on time each month to avoid finance fees. The two credit cards I have are manageable. If either of these cards raise their annual fee in the future, I will switch to another low-annual-fee card and close the offending card account.

Basically, the decision to close a credit card account depends upon your situation. The closed credit card account would be a reduction in credit that could have a big impact on your credit score and on your finances. Make the decision that best benefits you.

Banks Consider Large Annual Fees For Credit Cardholders Who Pay Off Balances

Do you have flawless credit? Do you pay off your credit card balances in full and on time every month? Watch out, you could get "mugged" by your bank.

CBS TV 2 in New York reports that Bank of America and Citigroup are considering annual fees of $29 to $99 per year for credit cardholders who pay off their balances every month in full and on time:

"Bank of America started notifying customers that they will be charged a new annual fee of $29 to $99... Bank of America said in a statement: "At this point we're testing the fee on a very small number of accounts and haven't made any final decisions." Citigroup is also trying out an annual fee with some card holders, and analysts expect more banks to follow their lead. The banks are starting to charge fees to reliable customers in response to a slew of new credit card industry regulations that will limit when banks can hike interest rates."

Consumers who don't accept the higher annual fees must close their credit card account and shop around for a new credit card at another bank.

I find the arrogance of this astounding. If the bank is serious about testing consumer reaction, all they need to do is read the comments by readers on prior I've Been Mugged blog posts about the higher interest rates announced back in February. The banks must be desperate for revenue to cover poor decisions they made about bad debts and risky investments.

FTC Delays "Red Flag" Enforcement Again

Once again, at the request of members of Congress, the Federal Trade Commission (FTC) has delayed the enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors.

The prior enforcement date had been November 1, 2009. In May of 2009, the FTC changed the enforcement date from May 1, 2009 to August 1, 2009.

As part of the Fair and Accurate Credit Transactions Act, Congress directed the FTC and other agencies to develop regulations requiring financial institutions and creditor companies to address identity theft. The resulting regulations require these companies to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities -- commonly called "Red Flags" -- that could indicate identity theft.

The FTC regulations are pretty specific about the types of companies covered by these new identity-theft regulations:

"The Rule defines a “financial institution” as: 1) a state or national bank, 2) a state or federal savings and loan association, 3) a mutual savings bank, 4) a state or federal credit union, or 5) any other entity that directly or indirectly holds a “transaction account” belonging to a consumer. “Transaction accounts” are deposits or accounts from which a consumer can make payments or transfers to third parties. Banks, federally chartered credit unions, and savings and loans come under the jurisdiction of the federal bank regulatory agencies or the National Credit Union Administration and should check with them for guidance. The FTC’s jurisdiction extends to state chartered credit unions and other institutions that hold transaction accounts – for example, mutual funds that offer accounts with check writing or debit card privileges or other businesses that offer accounts where consumers can make payments or transfers to third parties. Under the Rule, the definition of “creditor” is broad, and includes businesses or organizations that regularly provide goods or services first and allow customers to pay later. Examples of groups that may fall within this definition are utilities, health care providers, lawyers, accountants, and other professionals, and telecommunications companies. The definition also covers businesses or organizations that regularly grant loans, arrange for loans or the extension of credit, or make credit decisions. Examples include finance companies, mortgage brokers, and automobile dealers or retailers that offer financing... In addition, the definition includes anyone who regularly participates in the decision to extend, renew, or continue credit, including setting the terms of credit. For example, a third-party debt collector..."

In April of 2009, the FTC launched a Web site to help small and medium-sized businesses comply with the new Red Flag regulations. A U.S. District recently ruled that attorneys are exempt form the new regulations. A different set of regulations apply to hospitals and health care firms.

During the coming weeks and months I will explore the Red Flag rules more closely since the new enforcement data is an opportunity for consumers to demand more from companies that store and user their sensitive personal information. The opportunity is for consumers to be able to ask a company they are considering doing business with for a written statement of how that company protects their sensitive personal data.

Will the June 2010 date hold? Who knows. The FTC's pattern of delays suggests probably not. As this issue moves forward, the I've Been Mugged blog will report about it.

Trends In Data Breaches

Recently, GovInfo Security interviewed Mary Monahan, Managing Partner and Research Director at Javelin Strategy & Research. I found Monahan's assessments very informative. Monahan's view of current data breaches and hacks:

"Fraudsters are definitely taking advantage of website vulnerabilities. This is a common trend that they have been taking advantage of these website vulnerabilities and then identifying them over and over and over again to download package sniffers, open back doors..."

Monahan's assessment of the types of data breaches to expect in 2010 and beyond:

"... criminals are moving up the food chain. They are going after -- last year we saw them at the restaurants; this year they are at the processor, the restaurant processor. So they are definitely moving up the food chain. The Heartland breach with 130 million credit and debit cards is a lot bigger breach. So they are taking what they are learning at the smaller breaches and moving up that food chain. Using the same types of messages, but refining them as they go along, so last year where we might have been able to find that package sniffer, now they are learning to erase traces of the sniffer on their computer program... We see [criminals] changing their target. So because there are so much credit and debit card numbers out there that this data is becoming less valuable. So they are going to start targeting other types of information."

The information targeted by criminals that Monahan referred to includes "PIN thefts" at banks and financial institutions, and redirects of consumers to phishing sites. Think of it this way: rather than steal a consumer's credit card number, it is worth more to steal the consumers' sign-in credentials so the criminal can directly access the money in the consumer's online financial accounts.

So, my advice for consumers:

• Activate the anti-phishing software on your computer,
• Learn how to recognize a phishing web site,
• Learn about the anti-phishing features at your bank's or financial institution's web site,
• If your bank or financial institution doesn't provide anti-phishing features with its online banking service, look for another bank
• Create and use strong passwords,
• Use different passwords for your online banking vs. e-mail accounts and social media sites
• Protect the PIN number you use with your debit card at all ATM machines

Meet The Banks And Credit Card Industry

Are banks the new loan sharks for the 21st century? Despite the new law as some banks slowly loosen credit, so far in 2009 we consumers have experienced huge increases in credit card interest rates, lowered card limits, higher fees, more fees, and constantly changing due dates --  all of this after bailouts and bonuses in 2008.

For more humor about banking and other topics, visit Daryl Cagle's Political Cartoonists Index.

2009 In Review: Data Breaches

Bank Info Security recently reported:

"... 356 data breaches so far in 2009, according to the Identity Theft Resource Center (ITRC). And 46 of those breaches have involved financial institutions - up from 34 at this same time last year... The good news is that, based on percentages, financial institutions consistently have lower percentages of data breaches than other organizations... The bad news is when financial institutions - or their third-party service providers -- are breached ... it's big. Example: the Heartland Payment Systems breach, which resulted in the compromise of 130 million credit and debit cards. Financial data -- bank account numbers, social security numbers, and other personal identifying information - is invaluable to hackers..."

In other words, on average financial institutions have fewer breach events compared to other industries, but when financial institutions have a data breach, far more records are stolen with consumers' sensitive personal and financial information.

Early on, Heartland Payment Systems had no idea how many records were stolen, and some class-action lawsuits were filed.  The I've Been Mugged blog explored consequences of the Heartland breach. Later, breach details emerged as the Miami hacker's role was exposed.

The ITRC analyzed the types of breaches at financial institutions and found seven types:

• "Insider theft: 12 breaches;
• Skimming: 8;
• Missing paper documents: 10 of the breaches
• Exposure of data on the Internet: 4;
• Accidental breaches: 2;
• Stolen or missing hard drives/laptops: 5;
• Outside network intrusions: 2;
• Unknown cause: 3."

The bottom line: consumers should know that any site that advertises itself as having "bank-level security" isn't 100% hacker proof. Unfortunately, there is a risk involved and bad stuff happens.

The Credit Card Industry Struggles With Keeping Consumers' Data Secure

The last few weeks have included a huge increase in identity-theft news. First, we consumers heard on August 17 about the indictment of three hackers -- a Miami man and two Russian accomplices -- in what is probably the largest data breach and theft in the USA. More than 130 million debit and credit card numbers were stolen.

This latest theft of 130 million card numbers covered data breaches from 2006 to 2008 for companies including Heartland Payment Systems, a card payment processor, and retail chains 7-Eleven Inc and Hannaford Brothers. The Heartland breach has affected dozens of banks nationwide.

Second, we learned that this the Miami man, Albert Gonzalez, was also a former government informant for the U.S. Secret Service since 2003 and was already known to government officials, and already in prison for a series of eight retail hacks affecting and additional 40 million credit cards. The thefts of those 40 million additional cards included retail companies such as BJ's Wholesale Club and TJX Companies/T.J.Maxx. So one man (with help from some friends) stole more than 170 million debit/credit cards.

How do three people steal 130 (or 170) million credit cards? Third, we started hearing technical terms like the "SQL injection" technique the criminals used to exploit weaknesses in the way computer system developers write code for credit card databases. According to InternetNews:

"For his crimes, if Gonzalez is convicted in the Heartland incident, he'll face a fine of at least $250,00, and up to 25 years in prison. Gonzalez had servers in California, Illinois, Latvia, the Netherlands and Ukraine..."

Sounds to me like far more than three people are involved. You don't simply set up servers in multiple countries without some help. This theft smells like an organized business. I want law enforcement to capture and prosecute other criminals worldwide (e.g., Hacker-1 and Hacker-2 who are in or near Russia) who aided the thefts and/or resold the stolen data.

Fourth, details then began to emerge about the breaches at specific companies:

"... Dallas-based 7-Eleven, while confirming security breaches, said that only ATMs at some stores were affected... Moreover, the Dallas chain would not say where the affected stores were.... A 7-Eleven statement said the chain became aware of attacks in late 2007, saying they had occurred Oct. 28 through Nov. 8. The indictment said the chain’s network was breached from August 2007... Each card-issuing company made its own decision on what action to take, including replacing cards or putting card numbers on an alert for fraud..."

Like a bad screenplay, we further learned that Gonzalez went by the "soupnazi" online alias and he:

"... reportedly became an informant for the Secret Service in 2003, helping in a sting of a cybercrime syndicate, known as Shadowcrew.com. But afterward, Gonzalez re-established his own hacking group, called "Operation Get Rich or Die Tryin," according to Threat Level..."

Perhaps most troubling:

"Accomplices to the crimes are believed to be on the loose in Russia or other countries where U.S. authorities are less likely to get them. And the underlying security holes mined by the hackers still exist in many payment networks."

Most of this was summarized nicely in the New York Times:

"The financial stakes are getting higher. Fraud involving credit and debit cards reached $22 billion last year, up from $19 billion in 2007, according to California consulting firm Javelin Strategy & Research."

You may remember that the breaches at Heartland and Hannaford occurred while both companies were supposedly within compliance to security requirements. Again, from the New York Times:

"Those standards were set by a council that includes the world's two largest credit card networks, Visa and MasterCard Inc; fast-food leader McDonald's Corp; oil major Exxon Mobil Corp; and big banks Bank of America Corp and Royal Bank of Scotland Plc... Yet some 5 percent of the largest retailers and restaurants still have not met compliance deadlines set in 2007, according to Visa."

Clearly, the security standards are insufficient and need to be strengthened. Then, we learned that J.C. Penny, Target, Boston Market, DSW, Office Max, Barnes & Noble, and Sports Authority were affected by the Gonzalez-led breaches. By the end of the week, Gonzalez pled guilty to several charges about the breaches, and would get a maximum of 25 years in prison.

Meanwhile, the banks, credit card networks, and retailers argue about the appropriate security standards and who should pay. What should consumers do?

We consumers can't control the squabbles between the banks, credit card networks, and retailers. We can control which cards we use and when. My advice is this:

1. Shop online with your credit card, since that gives you more protection than a debit card.
2. If you can, use cash for in-store purchases, or use a credit card. Why? Retailers are not honest and transparent about informing consumers of breaches or about which stores in their chain are problematic. (Remember, not all states have data breach notification laws.) And, the credit card industry still hasn't solved its security problems. See this blog post above.
3. Use your debit card at your bank's ATM machines. Regardless of those entertaining Visa and MasterCard advertisements on television, the system isn't as secure as it should be. I avoid ATM machines in convenience stores, and try to use ATM machines only in my bank's branches.
4. Review your monthly credit card statements, since some fraud shows up as tiny charges first (e.g., 25 cents) and since you may spot fraud first. Don't rely on your bank spotting it first. If you spot fraudulent charges, report it quickly to your bank or credit card issuer.

Capital One Wants To Decide What's In My Wallet

Way back in February 2009, I wrote about the Capital One notification I received about a huge interest rate increase on my Visa credit card. Back then, guest author Bill Seebeck also wrote about the huge interest rate increases the banks and credit card issuers were implementing.

Last weekend, I received a letter from P. Taylor Jamison, the Director of Accounts at Capital One:

"Dear George Jenkins,

Ready to enjoy more buying power? Well, grab your shopping list and your Capital One card because: Your credit line has been increased by $5,000.00... If you want to unload some higher interest rate balances and possibly enjoy more time and money for yourself, well -- your new credit line can help with that, too. You decide... Thanks for being our customer. We hope you enjoy your new credit line increase!"

Well, I sincerely appreciate Capital One for extending me more credit. I didn't ask for the credit line increase, but Capital One seems happy to provide it and decide what amount of credit is in my wallet. I guess that the Obama Administration's bailout program money (Capital One received $3.5 billion) is finally flowing to consumers... 6+ months later.

Unload higher rate balances? My Capital One Visa interest rate (17%) is the highest rates I have. I don't have any loans nor credit card balances with higher interest rates. So, there's nothing for me to transfer or unload.

On Monday I called the Capital One Customer Service to see if they could really help me. A very nice woman, Alina answered the phone. I asked Alina to reduce my credit line since I don't need $8,000.0 amount of credit. I sincerely appreciate the increase, but don't need that much credit. Alina was very polite and adjusted my credit line immediately.

While discussing this, I asked Alina to reduce my interest rate also, since Capital One obviously considers me a good customer. Alina said that she couldn't lower my interest rate and that I'd have to speak with a supervisor.

A couple minutes later the supervisor, Carol, joined the phone call. I repeated my request to see what Capital One could do for me, like a lower interest rate instead of the higher credit limit I didn't need. I reminded Carol that Capital One had increased my Visa interest rate in March by a lot, and a point or two reduction now would mean a lot.

I added that the higher rate has scared me from using my Capital One Visa credit card. Their card is basically no longer in my wallet.

Carol seemed to understand and empathized. After checking her files, she said that while I have been a good customer since 1994 Capital One wouldn't lower my interest rate at this time. Maybe a lower rate in the future. She said she could convert my card to a Rewards card with either frequent-flyer miles or 1% cash back. I thanked her for the Reward offer and replied that I'd keep using my Discover card since it pays me 5% cash back.

My point for sharing this story: we consumers decide what's in our wallets (and purses). Given the high interest rate and low cash-back payments, my Capital One Visa is not in my wallet. It could return to my wallet, but Capital One will have to make it worth my benefit.

Fake ATM Machine Scams Consumers At Las Vegas Convention

This blog has always been about empowering consumers to protect their identity information and money. The Threat Level blog recently reported:

"A malicious ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DefCon hacker conference before someone noticed something suspicious about the kiosk. An organizer for the conference said security authorities seized the device... Witnesses say the kiosk was well-placed to avoid surveillance cameras... The ATM had been placed right outside the hotel’s security office."

I'm always conscious about the ATM machine I choose to use. My habit is to use ATM machines at my bank's branches, and avoid ATM machines at convenience stores. By using familiar ATM machines, it is easy for me to spot skimming devices attached. But when you are traveling, it's not so easy since every ATM machine is unfamiliar.

How can a consumer avoid getting "mugged" by a fake ATM machine? According to Bankrate.com:

"... when you're using an ATM, pay attention. Look for strange wording, like 'swipe your card here before using the ATM.' If your card doesn't come back right away, contact the bank. Don't let strangers help with transactions, or even stand close to you for that matter."

When traveling Bankrate.com advises:

"Thieves place phony ATM machines at high-traffic tourist areas. So stick to ATMs that are near banks or in airports or in hotels. Visa and MasterCard have worldwide ATM locators on their Web sites. So it's easy to scope out legitimate ATM locations in the areas where you'll be traveling.

5 Tricks Banks Use To Charge Consumers More Overdraft Fees

I've Been Mugged warned its readers in February about higher credit card interest rates and lower card limits by banks which followed during March and in April. Unfortunately, banks haven't given up. They still seek ways to increase their revenues, which means new and higher fees for you.

WalletPop has a good list of five tricks banks use to charge you overdraft fees more often and with greater amounts. Follow their advice and you can avoid these tricks. One trick banks use is "Reordered Transactions:"

"Just because you bought a smoothie in the morning with your debit card and paid your rent in the afternoon doesn't mean that's the order in which your transactions will be cleared. Banks often change the order in which debit transactions clear – and tend to clear debits before clearing any deposits made – from highest to lowest amounts. By doing so, the customer's account is depleted more quickly and they'll incur more overdraft fees..."

Part of the problem is that banks don't disclose the order that they process transactions. Another trick to watch out for is "High Daily Maximums:"

"With many banks, there's no limit to the number of overdraft fee-triggering transactions you can charge. Bank of America, HSBC, Chase and Wells Fargo have no limit per day, while Citibank permits four (for a total of $136). Some banks use a tiered overdraft system that increases charges for subsequent overdrafts. Chase charges $25 for the first offense and $32 to $35 apiece for subsequent charges. At PNC Bank, the first three offenses cost $31 a pop, the fourth through sixth each cost $34 and seven times or more costs $36."

Experts advise that you keep at least a $100 minimum in your checking account to avoid overdraft fees. Experts advise consumers to ask your bank to set the debit overdraw amount on your account to zero, so it will reject transactions instead of incurring overdraft fees

Another trick is "Holding Deposits For Clearance:"

"Take a close look at your bank account. Just because it shows that your paycheck was deposited doesn't mean you have complete access to those funds. When paychecks are deposited, the bank can take two to five days to clear them..."

What consumers can do: contact your elected officials and demand legislation to protect consumers:

"... the Consumer Overdraft Protection Fair Practices Act, legislation that aims to prohibit overdraft fees unless the consumer opts for "courtesy" overdrafts. Even if a consumer opts for overdraft protection, they must receive a warning of an impending fee before they finalize a purchase that may trigger the overdraft fee."

I strongly encourage you to read the detailed WalletPop article.

Social War Dialing: A New Identity Theft Scam. How To Protect Yourself

Identity thieves and fraudsters constantly develop new ways to trick consumers into revealing their sensitive personal data and financial information. WindowsITPro described the latest scam:

"... called Social War Dialing also known as “Vishing”. Like its cousin Phishing, this con attempts to talk unsuspecting victims out of their account numbers, passwords, etc. However instead of using email or the computer which many of us have been trained to not trust, they use the good ole telephone... Those picking up the phone hear a prerecorded message from their friendly local community bank that their account has been compromised. They need to change their PIN code immediately to avoid any unauthorized charges. They are directly via a menu to enter their account number, their old PIN and a new PIN. Of course, this isn’t the bank calling but rather a sophisticated overseas ID theft gang using VOIP technology. Caller ID shows the name of the bank giving further credibility to the attacker. Once they have the card number and PIN, they can quickly generate a fake ATM or debit card and start either withdrawing cash or making purchases."

Variations of this scam use text messaging via cellphones and smartphones. The scam also targets consumers who are not familiar with computers and Internet. Experts advise consumers to hang up and direct dial your bank or financial institution to verify the phone call. Do not respond to the call by entering your bank account information. Do not rely on Caller ID to verify the caller's identity. hang up and call your bank to verify if they called you.

Too Big To Fail

This blog has covered the abuses by banks of consumers. Banks and companies that are too big to fail are simply too big. Enjoy the music video below from the Austin (Texas) Lounge Lizards:

Log-in Credentials Breach At Several Corporations

Who said banks' web sites are bullet-proof? SC Magazine reported:

"A trojan has reportedly been uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee. According to a report in the Friday edition of The Register, Jacques Erasmus, CTO at Prevx, an internet security vendor headquartered in the U.K., discovered a site where a trojan is uploading FTP login credentials from more than 68,000 websites. Once an individual's PC is infected with the trojan, that user's stored FTP login credentials are harvested. An attacker can then login to the FTP site..."

And we all know that your log-in credentials (e.g., username and password) are just as valuable to identity thieves and criminals as the money in your bank accounts. And companies like McAfee, a provider of anti-virus software, should know better, too.

Banks: The New Loan Sharks & Extortionists of the 21st Century?

[Editor's Note: today's blog post is by guest author William Seebeck. During the 1980's, Bill and I worked together at Lexis-Nexis in Dayton, Ohio. Bill has a wealth of experience in online systems, banking, publishing, and public relations. Bill also blogs at Seebeck's View.]

By Bill Seebeck

Well, here it is the 21st of June. It's Father's Day.

Yet today, millions of credit card holders that have received notices from their banks since June 1st, know this is the beginning of a new cycle in which the percentage of funds due monthly on their accounts has doubled. Instead of having to pay 3% of their total amounts due, they will now have to pay 6% and for some of them at an interest rate upwards of 29%.

You know, I bet there are still some guys in prison doing time for loan-sharking in this country. What's a loan shark? That's someone who charged greater than a rate considered just by the society. That rate before the banks and Congress changed it used to be 23%. It was called the usury rate.

The Catholic Encyclopedia states that usury is a sin and frankly is so in every major Abrahamic religion. "...Lending money at interest give us the opportunity to exploit the passions or necessities of other men by compelling them to submit to ruinous conditions...[Usury has been defined] as the abuse of a certain superiority at the expense of another man's necessity... It is in itself unjust extortion, or robbery."

So, who are the loan sharks now? Who are the extortionists?

What's extortion? Findlaw states, "Most states define extortion as the gaining of property or money by almost any kind of force, or threat of (1) violence, (2) property damage, (3) harm to reputation, or (4) unfavorable government action. While usually viewed as a form of theft/larceny, extortion differs from robbery in that the threat in question does not pose an imminent physical danger to the victim..."

I think it is fair to say that demanding high monthly minimums at interest rates up to 29.99% can be viewed by the "card holder" as threatening. Failure to pay can result in harm to their reputations in the form of credit scores and possible default, and in this world, "no credit" can put a person and their family on the street in a nanosecond.

So, if you think that the banks are OK and that everything has changed, you are living in a world of dreams. Take a look around your neighborhoods and see how many empty stores there are and how many people are out of work. In part, it is because of what some banks did and what some banks continue to do.

What they are doing is squeezing, you, the public for their own benefit.

Definitely actions that are not in the interest of the public good.

Who are their monitors? Where are their monitors? How do they continue to get away with this stuff?

I'm upset by this, are you?

By the way, Happy Father's Day!

Copyright 2009 WBSeebeck. Reprinted with permission.

Banks' And Credit Card Issuers React To The New Credit Card Law

Warning: adult language.

New Credit Card Laws. If you liked this video, watch this one about Citibank.

After A Data Breach, Will A Replacement Credit Card Affect Your Credit Score?

You've just received a replacement credit card. Perhaps, your new credit card was the result of identity theft, fraud, or a preventative action by your bank after the Heartland Payment Systems or RBS WorldPay data breaches. The questions is: will your replacement credit card affect your credit score? Bankrate.com reported:

"This is one of those instances where an account closure likely won't affect your score at all. With lost or stolen cards or data breach situations, an issuer will usually close the old account and specify a reason, such as reported lost or stolen, and open a new account for you. As long as the new account keeps the original open date and doesn't trigger a hard inquiry, the conversion shouldn't harm your score."

Experts suggest that your new credit card account should have the same open date as your original account, so you retain your payment history. The credit limit and balance for our new card account should remain the same, too.

When a consumer normally applies for a new credit card, the credit card issuer checks the consumer's credit report to see if the consumer is a good credit risk or not. This inquiry can ding (e.g., lower slightly) the consumer's credit score when a lender interprets the closed old card account as:

"... the credit limit loss can increase your credit card use."

If your replacement credit card is an account upgrade, this could affect your credit score.

Experts advise that if the credit report inquiry is issuer-initiated, then your credit score probably won't be affected. If the credit report inquiry is customer-initiated, then it will likely affect your credit score. After you receive your replacement credit card, it's wise to check your credit report to verify that the information in your credit report is accurate.

To me, a consumer should not have to worry about this; especially if the replacement credit card was the result of a data breach at either the credit card issuer, the bank, or a transaction processing firm like Heartland. It seems to me that once again, a company's carelessness causes consumers inconvenience and more work.

There has to be a better way. The current system seems unfairly tilted towards the needs of companies over the needs of consumers.

Another Consequence of the Heartland Data Breach

When banks and credit card issuers provide replacement debit/credit cards after a data breach, this negatively impacts the restoration of online payment arrangements by consumers. From the Washington Post:

"The data breach last year at Heartland -- a company that processes roughly 100 million card transactions a month for more than 175,000 businesses, has forced at least 600 banks to re-issue untold thousands of new cards in a bid to stave off fraud. For consumers, receiving a new credit or debit card number means contacting companies that have those credentials on file to charge for monthly or periodic bill payments. Less well understood, however, is the economic impact that large scale processor breaches and the inevitable waves of re-issues by banks may have on companies when customers simply fail to reset that automatic billing when they receive a new card number."

The WaPost story focuses on a company that is seeing a $1 million impact from the consumer card turnover. Multiply that by thousands of small and medium-sized business and you are describing a huge, on-going financial impact. The article explores some of the reasons why consumers don't restore their online payment arrangements with their new debit/credit cards:

"The trouble is that convincing customers who had once set up auto-billing to reestablish that relationship after such a disruption is tricky, as many people simply don't respond well to companies phoning or e-mailing them asking for credit card information..."

Like you, I am a consumer. My list of reasons why consumers don't restore their online payments with replacement debit/credit cards after a breach:

• Resentment: breaches inconvenience consumers. While banks and credit card issuers provide replacement cards, it is consumers that bear the burden -- time, effort, and money -- to contact retailers to restore online payment arrangements.
• Preoccupied: consumers are busy. Young parents are busy raising families. Professionals are busy with their jobs and business travel. The work to restore online payments is prioritized against other important household responsibilities. If the consumer has already experienced fraud on their card account, then even more work is required before they can restore online payment arrangements.
• Broken trust: breaches like Heartland's tell consumers that their bank -- or its contractor -- hasn't protected their sensitive personal data like they should. That causes consumers to not use their debit/credit cards.
• Lack of personal attention: a standardized, nameless form letter of notification tells consumers that their bank or credit card issuer is doing the absolute minimum, and probably doesn't care.
• Poor Customer Service: low online payment restoration rates are inevitable if the bank or credit card issuer's customer service is reactive or ill-prepared. This includes a bank's web site that is not updated or does not contain the necessary information to help consumers restore their online payment arrangements.
• Lack of transparent notification: when banks, credit card issuers, and processors like Heartland are slow or reluctant to release details about the breach, trust erodes. Consumers expect and deserve open, honest and direct communication. Poor communication causes consumers to conclude that breaches are likely to happen again. The attitude becomes: I won't bother to restore online payments because another breach is likely.
• Reduced access to credit: banks and credit card issuers have raised the interest rates on their cards, reduced limits, and imposed new or higher fees. These actions discourage consumers to use their cards.

As I reread this list, it occurred to me that this is also a pretty good list for consumers to use when deciding whether or not to switch their bank.

What do you think? If you have received a replacement debit/credit card after a breach, did you restore all of your online payments? And why, or why not?