Thursday, December 19, 2013

Only You Can Prevent Identity Theft!

So, are you worried about the security breach at Target?

Me, I bought something with my credit card on December 15, the last day that cards were said to be vulnerable. So far, I haven't noticed any fraudulent activity, but I'll keep checking regularly for several weeks.

If anything, the news about Target underscores how vulnerable all of us are to identity theft. I found this out the hard way last spring, and in light of the Target news, I want to share with you what I learned about protecting yourself from identity theft.

My hope is that this post is very practical, very useful. Therefore, I strongly encourage you to read it, or at least skim it, and then bookmark it, in case you ever need to go back and access the information that I have included in here. Email me if you have questions.

My story:

On the last day of February in 2013, I got a call from an unknown number. When I answered the phone, the man on the other end introduced himself as a staff member with a collection agency on the East Coast. He was calling about payment on a credit card that I had taken out nearly a year ago, late in May 2012. More than $700 was owed on the card. 

Problem was, I never took out the card. 

Trying to figure out what was going on, I asked a few more questions about the card: What were the last four digits? What address was it associated with? What information did they have on me? and I listened as he read out, correctly, my full name, my date of birth, and my social security number. 

At that point, I thanked him, hung up, and called my father at work. "I think my identity's been stolen," I said. 

It was nearly four months, mid-June, before I learned that the banks and credit reporting agencies had recognized the card as fraudulent. During those months I spent hours (sometimes entire days, especially over Spring Break) on the phone with various financial organizations. I spent hundreds of dollars on postage, sending in whatever official documents I could use to prove that the card was, in fact, fraudulent, that I wasn't trying to weasel out of paying a $700 balance. I closed and re-opened all my banking accounts, sometimes twice. 

Yet some time during those four months, something odd happened: I called my father for advice one day and discovered that he was asking me for advice about protecting himself from identity theft. Somewhere during all the phone calls, all the paperwork, all the Internet research, I became the family expert on protecting yourself from identity theft. 

In fact, thanks to the stress of those four months, I've become somewhat of an evangelist on protecting your personal information. I will tell you if I think the information you're posting on Facebook is too personal, and I reminded the school where I work to take students' Social Security numbers off paperwork whenever possible. And, I'm writing this blog post: Here's how to protect yourself from identity theft, and what to do if happens anyway. 

Protect Yourself: Take Precautions, Especially online.

Various people worried about Target's security breach are recommending a move back to cash and checks. It's not a bad idea, especially the cash part. Yet with an increasing array of online purchasing and banking options, it's not feasible to stay cash-only, all the time. Here are some ways to protect yourself.

Obviously, be very, very careful about your Social Security number. Don't carry it around in your purse. Don't take it on trips. Lock it up somewhere. When you give it out to someone, make sure that person has an actual need for the number and may already have the number (most banks, credit bureaus, and employers fall into this category.) When I traveled to Argentina this summer, I had to fill out a health form. At the top of the health form was a place for my SSN. There was absolutely no need for my SSN on that form: No one traveling with me needed access to my credit report, nor did they need to hire me for any reason. Ultimately, I chose to simply leave that space on the form blank.

Online,  don't use the Internet Explorer browser. Right now I'm using Chrome, but Firefox is safer still. Download this and use it regularly and exclusively.

Set your browser to delete cookies whenever it's closed, then close your browser regularly. Cookies stored on your computer can be used to enable a phishing scam and steal passwords. You can Google how to delete cookies.

Be aware of any website that looks as though it may have been tampered with - for instance, a new home page, or something missing on one of the pages. Such minor changes can signal a phishing scam. If you suspect phishing, place a call to the owner of website immediately and ask.

Choose your passwords carefully, and don't use the same password for more than one site. If you're like me, meaningless strings of numbers and letters are difficult to remember, so follow this trick: Write a relevant sentence about what you use the website for, then choose the first letter from the sentence. So for instance, your iTunes password might be based on this sentence: The only Christian artist I like is Michael Card. That means my password would be this: T o C a I l i M C. You can then add relevant numbers to the set of letters, to make the password even more difficult to guess.

Protect Yourself: Checking Your Credit Report

Most of you probably know this, but your credit report is a list, provided by the three major credit bureaus (Transunion, Experian, and Equifax), of all credit accounts you've ever opened: any credit cards, any mortgages, any loans. Your credit report also keeps track of your public records, such as any payments made to collection agencies, and of organizations that have checked your credit score. 

That means, if someone has been using your credit fraudulently, their activity will show up on your report. The first thing I did when I discovered my identity theft was order my credit report, and sure enough, there was the bad card, its $700 charge heading my accounts. The credit report confirmed the theft gave me the information needed to clear my name. 

Each credit bureau (Transunion, Experian, and Equifax) are required by law to supply you with a free copy of your credit report once a year. (You have to pay extra for the credit score.) The only place you should order a copy of your credit report from is this website: annualcreditreport.com. This website is the one recommended by the Federal Trade Commission (FTC), the government branch that deals with identity theft. Pro tip: When you access the website, be sure you're on a computer connected to a printer. You will download PDFs of your credit report and print them out, and while it's possible for you to save them, it's easier to simply print everything right then.

When you get your credit report, look it over carefully for accounts that you haven't opened. If you find nothing, then Congratulations! Your identity has not been stolen. If you do, well . . . you might want to read the section below on cleaning up after identity theft. 

Protect Yourself: Credit Monitoring Service

If you're particularly worried, consider signing up for a credit-monitoring service. For a fee, such a service provides you with regular access to your credit report, maybe once a month, maybe unlimited. You can Google 'Credit Monitoring Service' to get an idea for what services are out there, as well as read consumer reviews on the various services. 

Of course, checking your credit report is like checking to see whether your front door is closed when you come home from a trip: good to know, but not actually effective in preventing identity theft. Thankfully, there are ways to "lock your door" when it comes to your credit. 

Protect Yourself: Fraud Alerts, Freezing Your Credit

Usually, you will only add a fraud alert to your credit report, or freeze your credit, after you've been the victim of identity theft. However, for a fee you can do both without having ever had your identity stolen, just as a protective measure. 

A fraud alert is like a little flag on your report, which should prompt the credit bureaus and lending agencies to contact you before opening new credit in your name. A freeze prevents agencies which have never had access to your credit score before (for instance, a bank issuing a new credit card, or a bank starting up a mortgage with someone who claims to be you) from gaining access to your credit agency. Neither is completely foolproof; like a lock, they can be picked, but you're safer with them than without them. 

To put a fraud alert on your credit file, you contact each of the three credit bureaus in turn. To freeze your credit, you contact your state attorney's office first and ask whether there is a fee to freeze your credit. Then you contact the three credit bureaus (Protecting your identity, and cleaning up after it, means you spend a lot of time on the phone with our friends, Experian, Equifax, and Transunion.) The FTC has further directions here.

Cleaning Up Identity Theft: Immediate Steps

If you discover identity theft, here are the first things to do:

  • Contact all three credit bureaus and place a fraud alert on your accounts. The first fraud alert is good for 90 days; after that, you can get one for 7 years. 
  • If you haven't done so already, order an official copy of your credit report. If you are getting a copy through a credit monitoring agency, you'll want to actually contact the bureaus, or go to annualcreditreport.com, and get the real thing. While the monitoring agency report should be accurate, you'll be using your credit report to prove that the fraud occurred, so it needs to be as official as possible. 
  • Contact the police and FTC to report the identity theft (more on this below).
If the fraudulent account is still open, contact the moneylenders to get it closed as soon as possible. If it's closed (mine was closed due to non-payment of the bill), you will still need to contact the business. More on this below, in the section on contacting credit bureaus and businesses.

You will also want to keep a journal of sorts, a day-to-day record of whatever progress you make towards cleaning up identity theft.

The FTC lists these three steps, along with other helpful information, here.

Cleaning Up Identity Theft: The Police Report

When my identity was stolen, I filed a police report as a matter of course. It was just one of many things listed on the FTC's "To Do" list, so I ticked it off, and didn't think anything more of it. Turns out, the police report is incredibly important. It's like your passport into the world of "identity theft victim": This is what you'll use to prove, over and over again, that you are in fact the victim of identity theft.  Credit bureaus will ask for it, and the lending agency implicated in the fraud (as in, the agency responsible for the bad card, the bad loan, the bad mortgage, whatever) will ask for it. 

To make my police report, I simply called the local police department, and I set up a time that an officer could come over to my house and take the report (As I remember, it was snowing, and it was easier and safer for the officer to come to my apartment, than for me to go downtown.) You could, however, simply show up in person and make the report. Whichever you choose, it is critical that you get a copy of the police report.

Clearing Up Identity Theft: Report it to the FTC

Like the police report, the identity theft affidavit through the FTC is proof that yes, you really are a victim of identity theft. You will want to make the report as soon as possible, then keep track of the affidavit. Even if you don't have all the information in about the identity theft, go ahead and call the FTC. They can update your affidavit as you go along.

The link to the Identity Theft Report is here.

Clearing Up Identity Theft: Reporting Fraud to the Credit Bureaus, Credit Card Business

Once you have your police report and FTC report, you're ready to report the fraud to the various responsible agencies.

The most important agency for you to report to is the one who issued the card in the first place, the one who is providing financial backing for the cards. Usually this is not Mastercard or Visa, but the bank or lending agency responsible for the card. The one opened in my name, for instance, was opened through a national bank, and so I contacted that bank to report the card as fraudulent. Ask the agency to either close the account, or if it is closed, to clear the fraudulent charges.

Incidentally, the Federal Trade Commission will tell you that the first step is to contact the bureaus. It's not. Once you've set up your fraud alert with the bureaus, contact the agency backing the card. Last spring, I very nearly missed this step because I didn't realize it was important; had I missed it altogether, I would have wound up paying the $700. Once you've contacted that agency, then you can contact the bureaus and report the card as fraudulent.

So, how do you make these contacts? What do you say?

The point of contacting the business and bureaus is to dispute the account and its charges. The FTC offers sample forms to contact the business backing the card, the credit bureaus, and even a collection agency here. I found the forms extremely helpful, and followed them to the T.

Whenever you contact the business or the bureaus, you'll nearly always include several things:

  • A copy of your police report and your FTC affidavit (Remember, these are proof that you're really the victim of identity theft)
  • Any information on the fraudulent account, such as an account number and the amount of money on the account
  • Copies of your credit report, with the fraudulent account highlighted and personal information blacked out
  • Whatever documentation you can use to prove that you did not, in fact, open the fraudulent card (such as proof that you regularly pay bills on time, or proof of address if the account was opened in a different state)
You may also be asked to submit proof of identity, including a copy of your driver's license and Social Security card. This is normal.

Before you submit all this paperwork, be sure you call the agency, business or bureau and ask workers to describe exactly what you should turn in. What they want from you varies from place to place. Nearly every place, for instance, was interested in the police report, but some of them didn't feel a need for the FTC affidavit, and not all of them wanted me to prove my identity. When you call, you should ask for the address to send your material to.

Before you mail the paperwork off, make copies of everything that you send. Keep this readily accessible during the whole affair. I eventually purchased a separate file case just to keep track of the identity theft documents.

When you do submit the paperwork, send it return certified registered mail. Yes, this is expensive, but it's also a guaranteed way for you to track the material and make sure that it arrives where it's supposed to. I also encourage you to follow up with your mailings: Call the business or bureau and confirm receipt of your paperwork, then call them again several weeks on to see if they're making progress on your claim. By law they have to process your claim in a certain amount of time, so they should be making some progress.

A final warning: Some credit bureaus will offer an online form for disputing fraudulent accounts and charges. Do not use this form. The form will not allow you to submit paperwork documenting your claim, which means that disputes begun via online form are rarely resolved in your favour. The only way to dispute the charges is by mail.

Cleaning Up Identity Theft: Other Recommended Actions

Whenever you hear back from the business, a bureau, or someone else involved, keep whatever mailing information they send you. You will especially want copies of your extended fraud and security freeze information, as well as any information about the account that they send you.

Especially if your social security number was fraudulently used, you should contact your local social security office to determine the extent of the fraud. For instance, people can sometimes find employment under your social security number and name. Set up an appointment with the social security office, go in, and check on your account. (You will not, incidentally, be able to get a new social security number, even if yours is stolen. That happens very, very rarely. Your goal is to make your Social Security number unprofitable, by setting up fraud alerts and freezing your credit.)

Contact your bank and any investment agencies and explain the situation. Depending on the kind of account, they may be able to freeze your funds, they may put an alert on the account, or they may advise you to close out your current account and open a new one.

You may want to notify the IRS that you suspect identity theft. They cahere.
n then take this information into account when processing your taxes. The form to do so is

 Random Tips and Questions:

The big question is probably, Do I sign up for an identity protection service, or identity theft insurance?

Ultimately, it's up to you, but I chose not to. Here's why. ID theft protection services, such as Life Lock, receive fairly poor ratings from users. More importantly, however, they don't actually do much you can't do yourself, for free. Yes, Life Lock provides you with a copy of your credit score, but you can get your own copy of your credit score. You can put a fraud alert on your own account. Essentially, you're paying to be lazy. See Consumer Reports review of Life Lock here: http://www.consumerreports.org/cro/2013/06/id-theft-protection-review-lifelock-consumer-reports/index.htm

Second, when you call the large credit bureaus, use the right phone numbers. The numbers listed on the bureaus' website and on the FTC website will get you to a phone tree, not a real person, and you will get lost. The most recent numbers I have for the three bureaus are these:

  • Transunion's Fraud Department, 800 - 680 - 7289
  • Equifax, 877 - 784 - 2528
  • Experian, 877-870-5640
Note that the phone numbers change fairly regularly, so they may no longer work. If not, Google "how to get a real person at Transunion / Equifax / Experian" and the phone numbers should pop up. 

Incidentally, with some major organizations you can ask to be transferred to the American office. Sometimes this will get you out of the Indian office, and sometimes the customer service representative will take offense. But it's worth a try.

Tuesday, December 10, 2013

An Open Letter on the Eve of Finals

To all my freshmen students:

Tomorrow morning you start your very first round of final exams. Good luck! I hope they go really well - as well as you are hoping, even better than you are expecting.

My first semester in college, I started studying for my tests two weeks in advance. Trust me, I know exactly how stressful finals week is. So now, on the eve of all those big tests, I want to offer you a little encouragement.

First of all, you'll do fine. Have you studied? Showed up at class all semester? Paid attention? Then there's no reason to worry. Worrying can actually make you perform worse. Keep studying, and studying hard, but make wise decisions that are not influenced by your fears about the exam. Don't, for instance, skip a night of sleep to study a little more. Taking an exam on a foggy brain is not a wise move. Don't skip meals because you're nervous or studying too much. Taking an exam on an empty stomach is also not a wise move. You're smart and dedicated students, and you've got this. When final exam time comes, sit down, pull out that scantron, and trust God for the rest.

More importantly, remember this: Your finals are only a very small part of your academic education. Even your grade is only a very small part of your academic education. By "education", I'm not referring to the various life lessons that you learn living in the dorms, pitching in at church or holding down a job. I'm referring to what you actually take away from the course: The letter grade, whether it be an A or a C or even an F, is a poor indicator of what you've learned in any given class. I personally learned more in some of the classes I received a B in than in some of the classes I received an A in: Expository Writing, for instance.

Your final, scary as it seems right now, is not the most important part of the course. The most important part of the class is not the letter on your transcript; it is not the printed red number on the bottom of your scantron; it is not even the litany of facts and dates you may be able to rattle off afterwards. All that will be forgotten.

No, the most important part of the class is how it changes you. Do you think new thoughts? Have you picked up new habits? Found God somewhere unexpected? Do you see Him more clearly? Hopefully, the answer to this is Yes.

Perhaps the most life-changing class I took never had a final exam. I fell in love with my class in Milton, especially with the fiery anti-censorship tract, 'Areopagitica'. Yet days before the end of the semester my senior year, a campus-wide whooping cough epidemic forced administrators to close the school early. Faculty were given a choice between giving a shorter, earlier final exam or simply skipping the final altogether. As I remember, most of my teachers picked the first option, but Dr. S picked the second. She used that final class period to deliver one last lecture on Paradise Lost. This was not, or at least not entirely, out of kindness to the students; Dr. S was one of the hardest graders I ever had. No, her decision was a decision of priorities: Exams are important, but the truths that we learn in class, truths that perhaps cannot even be covered on the exam, are far more important.

I still have my notes from that class. According to my notes, the final books of Paradise Lost hold out, in defiance of Adam's fall, a promise of hope: that "All this good of evil shall produce" - in other words, that whatever errors we commit, Providence shall erase them, and correct the sum. That final class was the story of Redemption, of the foundation we believers have in divine grace. Such truths are, obviously, worth so much more than a grade on an exam.

You may not have a whooping cough epidemic to get you out of exams, but what you do have is this:  the opportunity, in every class you take at Emmaus, to discover such truths for yourself, and to be changed by them. Those of you who take English Composition with me have (hopefully) already made such discoveries: for instance, that all truth is God's truth, that sometimes the deepest truths (even the truth of the Gospel!) are communicated by story. Yesterday at lunch my student A. told me about a discovery she made in her Old Testament class: that Leviticus, despite its reputation for being a dull and legalistic book, was actually shot through with evidence of God's grace and His desire to walk close with His people.

Hold fast to these discoveries. Long after the exam is finished, long after you've forgotten your grade in the course, these truths are the ones that you will remember. These truths are what make your education worthwhile. They guarantee that not only your mind but your soul and spirit are growing as well, that you are being transformed into a thoughtful, Christlike individual.

Study hard for your exams, by all means. That's a good decision. But even more than that, study hard to discover, in every class, more of Truth, and more of Christ.

Good luck tomorrow!

Your teacher

Monday, December 9, 2013

Are Male and Female Brains Wired by God?

Earlier this week, an article titled "Male and Female Brains Really Are Wired Differently" jumped to first place on The Atlantic news site. I was instantly interested, especially since I've tried several times this semester to teach my students exactly the opposite.

Many students start college believing that men and women are in fact wired, or biologically programmed, for certain life pathways. Men, they wrote, were "wired" to be bold, to take charge, to lead. Women were wired to raise the kids. Students always brought up this presumed biological wiring as an established fact, beyond question.

In sharing this, my goal is not to criticize my students. (Why would I criticize them? I love my students, and they're smart!) My quarrel is not with my students. My quarrel is with the common evangelical teaching, which students are picking up on, that men and women are hardwired by God for certain personality traits. However widely accepted this teaching is, it is at best only a partial truth, at worst an affront to human beings and to our Creator God.

Perhaps I, as a single woman without children, am more aware of how the lurking offense in the term, "wired". I am not married. I do not have children, nor do I ever expect to. I was never one of those girls who coos over the new babies at church. Quite the opposite: When I was in my early teens, I volunteered with my mother at a local VBS, and instead of playing dolls or Legos, I cornered the children and read them whatever book I could persuade them to sit still for.

So when evangelicals (or anyone else, really - the leadership / nurturing stereotype is one that Sheryl Sandberg, chief operating officer of Facebook, addresses) say things like, Women are wired to be nurturing, the statement strikes me as false. I feel like I'm being asked to turn in my "woman card". Don't like kids? our culture asks. Gee, you're not very feminine. Of course, we do the same thing to men. You like kids? we say. Gee, that's so unusual for a man. At Bob Jones University, I started referring to myself as a feminist specifically to indicate that I thought it was okay for a woman to want a job, instead of simply wanting to be married and have children, which was one of the most common career goals among women there. The simple word for all this is, of course, stereotyping: We hold to very limited ideas of what defines a man and a woman, and we pass off these stereotypes as the mandates of a human brain wired by God.

Unfortunately, wiring is neither a scientifically nor a biblically accurate term to apply to the human brain. While the brain does in fact have wires, we are not wired, at least not in the sense of having pre-programmed personality traits and abilities based on our gender. The reality is, thankfully, much more complex.

Scientifically, researchers assure us that even though men's brains are, on average, different than women's brains, these differences are not an infallible guide to our behaviour. The Atlantic article concludes like this:

As Anke Ehrhardt, a psychiatry professor at Columbia University Medical Center cautioned during a recent panel on neuroscience and gender, "Acknowledging brain effects by gender does not mean these are immutable, permanent determinants of behavior, but rather that they may play a part within a multitude of factors and certainly can be shaped by social and environmental influences."

In other words, a computer is wired in that its electrical connections determine precisely, inescapably what it is and is not able to do. We are not wired in that sense. Sure, there is wiring our brains, but that wiring is only one very tiny part of who we are. Secular researchers such as Ehrhardt point out our upbringing and education, by the historical time period in which we live in as influencing our identity. To these influences the Christian adds also free will and the Providence of God. C.S. Lewis suggested that "good, as it ripens, becomes continually more different not only from evil but from other good". Thus, influenced not only by electrical impulses but by our own will and by the hand of God, we do not mature into robots, each identical in our Christlikeness; we become instead wholly individual, each of us a unique, though marred, picture of Christ.

To say that we are wired, then, may sound scientific, and it may sound Christian. Yet truthfully, to call human beings wired is to erase the most important part of the Christian life: the grace that God gives us to walk, of our own free will, with Him.

Some time ago, I stumbled upon the excellent article, "I am Not a Sex-Fueled Robot," by Micah J. Murray. This, probably, was where I first became aware of the deep problems surrounding the word wired applied to Christian believers. Murray, in his post, pushes back against the idea that men are utterly consumed and driven by their sexual desire:
Men and women are not wired by God at all. We are flesh and blood and breath and electricity all bound up together in skin. We are whole human beings fully alive. Wires are for robots.
In light of Murray's analysis, the problem with attributing human behaviour to wiring is that it makes humans into robots, and forgets that we are in fact "whole human beings fully alive" - a beautiful phrase, and one that leaves room for God's transformative grace in our lives. As "whole human beings", we have choices that robots do not have, and we receive grace that robots do not have. My tablet does not get to choose which book I read when I open my Kindle app. My computer does not choose which web pages I visit. No, I, a whole human being, make those choices.

Thus, when we are talking about what it means for men and women to live Christlike lives, we must not say they are wired for particular behaviours: We choose, or we do not choose, to walk with Christ. We chose, or we do not choose, to demonstrate love, and joy, and kindness in our lives, and the other fruits of the Spirit. Kindness is not something programmed into women, nor is courage something programmed into men. These are virtues that all human beings are meant to develop, individually, as they become more and more like Christ. To that end God does not rig our brains so that we demonstrate then automatically.

More important still, my computer cannot receive grace. My own laptop is in the process of dying. It's left hinge has come undone, and a fan frequently whirs in the background. When my computer dies, I will not extend it "grace". I will simply get in a new one. In fact, when my computer makes more ordinary errors, I do not extend it grace. I reboot it. For an inanimate object there can be no forgiveness, but we are "whole human beings" and not inanimate objects, and so for us there is forgiveness.

You may be thinking, "Wait - we're not wired? But I thought men and women were made different by God." Truthfully, the evangelical church tend to exaggerate these differences somewhat. As a friend and I recently discussed, the virtues usually assigned to men (say, courage) are valuable for women, and those assigned to women (say, gentleness) must also be practiced by men. It is difficult to think of a characteristic that women, or men, should have which the opposite sex would not also benefit by developing. Mostly, we are not to be "women" or "men" but Christlike individuals, by God's grace choosing to walk with Him. Yet whether men and women are different is not, ultimately, the point. If there are in fact differences, they are not "wired" into us but something for us to develop individually, as God has created us and as He gives grace.

Let's retire the word wired, which does injustice to the individuals God has created us to be. As Murray points out, we are not robots. We are more than electrical connections in our brain, part of a body that will one day die. Let's talk instead about the choices that we make, about a willing heart that loves Christ and wants to follow hard after Him. And most importantly of all, let's own up to the times that we choose wrong, and talk about the grace of God for every mistake that we, fallen but whole and living human beings, make.