After receiving medical treatment, many people never look over the paperwork (save for bill total) and just shove it into some folder in a file cabinet. But medical identity theft is very much out there; know the signs:

• You’re denied coverage because you allegedly have a condition you were never diagnosed with.
• A collection agency is hounding you about unpaid medical bills you never had.
• Your credit report shows medical collection notices.
• The bill is for treatment you didn’t receive.
• Your health care provider says you’ve reached your coverage limit.

Thieves steal identities to use the victim’s medical coverage, and this could prove life threatening to the victim depending on the victim’s health status. This is why you should keep records for all medical visits and treatments. Read everything carefully as though you’re searching for mistakes or mis-matched information. Keep records of all associated phone calls and e-mails.

But remember this: You always have a right to all of your records, so don’t let any resistance from the carrier make you give up.

• If you run into problems getting any records, learn about your state’s health privacy laws.
• Obtaining copies may require a fee.
• Request a copy of “accounting of disclosures.” This tells who has ever received copies of your medical records, and when and why.
• Look for mistakes and request corrections from the provider via certified mail.
• If someone has stolen your medical identity, the provider may not want to turn over the records to you. Check the provider’s Notice of Privacy Practices and appeal to the contact person listed there.
• With all that said, you should get the records within 30 days. If not, report this to the U.S. Department of Health and Human Services Office for Civil Rights.

Medical identity theft can result in you not receiving coverage for major treatment. Here are tips from vitals.lifehacker.com for prevention of this crime:

• Never reveal your Medicare number to anybody in public, even if it’s a person inside a medical clinic lobby approaching you and offering a free service for Medicare users.
• Never give your Medicare number over the phone. No exceptions, even if the caller is claiming to be from Medicare.
• Check all medical bills for any odd charges, duplicate charges or errors.
• If a charge appears unauthorized, promptly report it to the provider. If that doesn’t help, escalate it to Medicare if you’re on Medicare.
• Contact the Federal Trade Commission if you suspect medical identity theft.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Every time you have a medical procedure done, including routine checkups and treatment for minor issues, paperwork is generated. You should have copies of every single paper. This is one line of defense against medical identity theft.

Review your paperwork thoroughly for unauthorized or duplicate charges, mistakes with diagnoses, dates, names, anything that looks odd. Signs of medical identity theft include:

• Being billed for treatment or diagnostics you never received.
• Being told you’ve maxed out your coverage limit when you haven’t.
• A collection agency claiming you owe a debt that you don’t owe.
• Being denied coverage for a “pre-existing” condition that you don’t have.
• Paperwork showing you saw a doctor you never did or were prescribed a drug you never were is a red flag.
• An e-mail from your provider that requests you reveal sensitive information like your Medicare number is a big red flag. The subject line may be urgent, such as “Your Medical Coverage May Be Terminated.” Never click links inside these e-mails or fill out forms in them; instead contact your provider via phone. However, e-mails like these are scams; the thief knows if he sends 50,000 such e-mails out with his special software, a predictable percentage of recipients will “see” themselves in the message.
• A one-ring phone call may be a thief who just obtained your medical records to see if your number is legitimate. Never call back.

Be Vigilant

• If you suspect medical identity theft, keep strict records of all associated correspondence.
• Immediately obtain all records if you already haven’t, including the “accounting of disclosures”; you have this legal right, even if you get flack from the provider. Contact the provider’s patient representative or ombudsman for assistance.
• If you spot mistakes, even small, insist they be corrected.

Nevertheless, it’s usually not easy to detect medical ID theft. So let’s look at this in more detail:

• If a collection agency contacts you, request they provide information immediately; promptly contact your provider and carrier.
• Examine your credit report to see if it’s plummeted due to unpaid medical bills. The three major credit reporting agencies issue the reports free.
• If your provider offers online access to your files, sign up for this service, then inspect it for mistakes.
• Request records of imaging procedures.
• If no online access is available, have your doctor read the results or send a snail mail copy.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

It’s about time: a biometric for your smartphone that will change the way you think about biometric security.

This revolutionary biometric comes from Biometric Signature ID and it’s called BioTect-ID, and though it’s a biometric, it does not involve any so-called invasiveness of collecting body part information. The world’s first biometric password involves multi-factor authentication and just your finger—but not prints!

All you need to make this technology work to lock down your mobile device is a four-character password. But you can also draw a symbol like a star, leaf, a shining sun or smiley face as your password.

So suppose your password is PTy5 or a star. And suppose the wrong person learns this. In order for that person to get into your locked phone, they will have to literally move their finger exactly as you did to draw the “PTy5” or the star. This will be impossible.

BioTect-ID’s technology captures your finger’s movements, its gestures, and this biometric can’t be stolen or replicated.

BioTect-ID doesn’t stop there, however. The finger gesture biometric is only one component of the overall security. You’ve probably heard of “two-factor” authentication. This is when, in addition to typing in your password or answering a security question, you receive a text, phone call or e-mail showing a one-time numerical security code. You use that code to gain access. But this system can be circumvented by hackers.

And the traditional biometrics such as fingerprints and voice recognition can actually be stolen and copied. So if, say, your fingerprint is obtained and replicated by a cyber thief…how do you replace that? A different finger? What if eventually, the prints of all fingers are stolen? Then what? Or how do you replace your voice or face biometrics?

Biometrics are strong security because they work. But they have that downside. It’s pretty scary.

BioTect-ID solves this problem because you can replace your password with a new password, providing a new finger gesture to capture, courtesy of the patented software BioSig-ID™. Your finger movement, when drawing the password, involves:

• Speed
• Direction
• Height
• Length
• Width
• And more, including if you write your password backwards or outside the gridlines.

Encryption software stores these unique-to-you features.

Now, you might be wondering how the user can replicate their own drawing on subsequent password entries. The user does not need to struggle to replicate the exact appearance of the password, such as the loop on the capital L. Dynamic biometrics captures the user’s movement pattern.

So even though the loop in the L on the next password entry is a bit smaller or longer than the preceding one, the movement or gesture will match up with the one used during the enrollment. Thus, if a crook seemingly duplicates your L loop and other characters as far as appearance, his gestures will not match yours—and he won’t be able to unlock the phone.

In fact, the Tolly Group ran a test. Subjects were given the passwords. None of the 10,000 login attempts replicated the original user’s finger movements. Just because two passwords look drawn the same doesn’t mean they were created with identical finger gestures. Your unique gesture comes automatically without thinking—kind of like the way you walk or talk. The Tolly test’s accuracy was 99.97 percent.

Now doesn’t this all sound much more appealing than the possibility that some POS out there will steal your palm print—something you cannot replace?

Let’s get BioTect-ID’s technology out there so everyone knows about this groundbreaking advance in security. Here is what you’ll achieve:

• You’ll be the first to benefit from this hack-proof technology
• You’ll have peace of mind like you’ve never had before
• Eliminated possible exposure of your body parts data kept in files

You can actually receive early edition copies of the app for reduced prices and get insider information if you become a backer on Kickstarter for a couple of bucks. Go to www.biosig-id.com to do this.

Do these bank robbers have bricks for brains? They actually posted photos of themselves with wads of the stolen cash on Facebook, says a story on thesmokinggun.com.

The alleged bank robers are John Mogan, 28 and Ashley Duboe, 24, and they’ve been charged with robbing a bank in Ohio. Mogan has already served time for a previous bank robbery conviction and was out on parole.

It all started when Mogan apparently sauntered into the bank and demanded money with a note. It’s not clear from the article whether or not Mogan brandished a weapon. At any rate, the teller handed over the money.

A video camera shows a thief in a hoodie exiting the bank with cash in his hands. Mogan has a distinct appearance in that both cheeks are tattooed.

Authorities believe that Duboe covered up the facial (and neck) tattoos with makeup prior to the robbery. Four days later, both geniuses posted their images to the Facebook page that they share, with Mogan pretending to bite into a thick wad of bills—which he refers to as a “McStack.” In another incriminating image, Mogan is pretending that the wad of cash is a phone.

A relative spotted the images, and from that point, things went sour for these Bonnie and Clyde wannabes. Both are currently behind bars, and the bond has been set at $250,000. Let’s see Mogan try to make a “McStack” with that amount and put his mouth around it.

Not surprisingly, neither of these two look too smug in their mug shots.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston.

The Bring Your Own Device (BYOD) movement has in some ways saved companies money, but in other ways put customer data at risk. Employees are onsite, telecommuting or traveling on business. This means their devices, and company data could be anywhere at any given moment.

A company manager or owner realizes that company use of employee mobile devices brings benefits. But employees also use the devices for personal activities, increasing the risk of hackers getting into company data.

The solution is to train these employees in BYOD, information security and awareness. They must be aware of how risky a data breach is, how to secure data, especially if the device is loaded with company data. An overlooked part of that training is knowing how to deal with old data, back up that data and in some cases, delete it.

Data lives in 3 forms: stored on a local device, backed up in the cloud and deleted. Over time, old data begins to accumulate on devices and that can cause problems.

Here are some key considerations and best practices for dealing with the BYOD phenomenon at your business:

• Ask yourself when old data no longer needed? Data should have expiration dates set up to indicate this.
• Businesses should realize that “useless” or “old” data may surprisingly be needed sooner or later. This data can be stored offsite, in the cloud, so that if the device is hacked, at least the old data (which may contain valuable information to the hacker) won’t be accessible.
• Setting up cloud storage that automatically backs up data will ensure that if a device is lost or stolen, the data is still available. Every bit of data, even if it’s seemingly useless, should be backed up.
• How do you truly delete data? Don’t think for a second you’ll achieve this by hitting the delete button. In many cases, a hacker could still find it and obtain it from the hard drive. What you can’t see is not invisible to a skilled hacker.
• Want to just get rid of old data altogether? You must destroy the hard drive. This means put it on the ground and hit with a sledgehammer. Then recycle the guts. Or you can professionally shred it.
• Deploy Mobile Device Management (MDM) software that gives companies the ability to remotely manage devices. Tasks might include locating, locking or wiping a lost or stolen device. MDM can also be used to update software and delete or back up data.

The planning and prevention tactics above apply to businesses and really, everyone. Employees should be rigorously trained on proactive security and the tricks that cyber thieves use.

These days, who doesn’t travel with their laptop? But commonality doesn’t make it inherently safe for your sensitive information that’s stored in the device. In fact, traveling with your laptop is inherently unsecure.

Whether you’re traveling for business or to visit family this holiday season, here are some ways to protect your laptop and your personal data:

• Get a cable lock for your laptop. It’s a great way to deter a potential thief, especially if there are lots of people around.
• Register with an anti-theft service to track your laptop should it get stolen or “lost.”
• Carry your laptop in a bag that’s made specifically for these devices. If it’s awkward for you to carry a suitcase in one hand while the laptop bag is slung over the opposite shoulder, consider packing the laptop with lots of tight padding in your suitcase. (But only if the suitcase will be a carry-on that you’ll be gently handling.) This way it’ll be invisible to thieves.
• If you go with the special laptop bag, don’t leave it unattended while you make a trip to the bathroom or food court. The same goes for a carry-on suitcase. Either belonging should be with you at all times.
• Whenever you leave your hotel room, hang the “Do Not Disturb” sign. You never know what hotel employee would be tempted to get into your laptop should they enter your room upon thinking nobody’s in it.
• Never let a stranger use your laptop, even if that stranger looks innocent. The need to protect your sensitive data is more important than the feelings of a stranger.
• And back up your data—before the trip. Cloud backup such as Carbonite will update your data based on custom settings as frequently as you require.
• If you absolutely must conduct personal or sensitive online transactions on a public Wi-Fi, use a virtual private network (VPN), as this will scramble your transaction and make it worthless to hackers snooping data streams. One of these snoopers could be sitting in the same coffee house or hotel lobby as you are. Or, they can be a thousand miles away.

Robert Siciliano is a personal privacy, security and identity theft expert to Carbonite discussing identity theft prevention. 

It’s been stated more than once that WWIII will most likely be cyber-based, such as dismantling a country’s entire infrastructure via cyber weapons. And don’t think for a moment this doesn’t mean murdering people.

A report at bits.blogs.nytimes.com notes that foreign hackers have cracked into the U.S. Department of Energy’s networks 150 times; they’ve stolen blueprints and source code to our power grid as well. Some say they have the capability to shut down the U.S.

The bits.blogs.nytimes.com article goes on to say that cyber warfare could result in death by the masses, e.g., water supply contamination of major cities, crashing airplanes by hacking into air traffic control systems, and derailing passenger trains. So it’s no longer who has the most nuclear missiles.

The list of successful hacks is endless, including that of a thousand energy companies in North America and Europe and numerous gas pipeline companies. The U.S.’s biggest threats come from Russia and China.

So why haven’t they shut down our grid and blown up furnaces at hundreds of energy companies? Maybe because they don’t have the ability just yet or maybe because they don’t want to awaken a sleeping giant. To put it less ominously, they don’t want to rock the boat of diplomatic and business relations with the U.S.

Well then, what about other nations who hate the U.S. so much that there’s no boat to be rocked in the first place? The skills to pull off a power grid deactivation or air traffic control infiltration by enemies such as Iran or Islamic militants are several years off.

On the other hand, such enemies don’t have much to lose by attacking, and this is worrisome. It is these groups we must worry about. They’re behind alright, but they’re trying hard to catch up to Russia and China. For now, we can breathe easy, but there’s enough going on to get the attention of Homeland Security and other government entities.

Recent attacks show that these bad guys in foreign lands are getting better at causing mayhem. At the same time, the U.S.’s cyber security isn’t anything to brag about, being that very recently, some white hat hackers had tested out the defenses of the Snohomish County Public Utility District in Washington State. They infiltrated it within 22 minutes.

Another weak point in our defenses is the component of pinning down the source of major hacking incidents. So if WWIII becomes real, the U.S. won’t necessarily know where the attack came from.