PREVENTING IDENTITY THEFT- (from the actual, "COMPUTER SELLER")- (Overseas)

[scottt331]

My sister is currently in Rome, Italy (past month). [/B]First week there, her laptop blue-screened, and Dell said she needed new hard drive. Since she had a Dell 10v Mini,
after speaking with the computer repair/seller at a company in Italy- turned-out would cost just as much to fix (more expensive there), than she paid for it. So, instead
she went ahead and purchased a new laptop from him (and he put all of her files, from the old computer, onto this new one).
Well, she found out recently, she has been the victim of credit card fraud (in Italy). Not sure yet who the culprit is, but the computer guy is still on the list (won't go into story as not relevant). So, naturally, wondering about him; she's wondering, "What is the best way to prevent Identity Theft"; from future information she may store on this laptop. (In this special situation, she's trying to prevent identity theft from 'him'; not from a random virus, spyware, etc.).
As she doesn't know if he may have rigged this laptop so he could hack in and get info. Today, she purchased an "anti-logger" (Zemana). She's also getting Norton Internet Security installed.
Anyone with any experience or knowledge of how to "make sure your computer is clean (or not rigged), if you after the fact discover the computer guy is not so clean, himself"?Thanks,
scottt331
P.S. Specs (if important): Came with BullGuard Internet Security (which she's changing to Norton). Brand: Asus Laptop (2011)- model?, as he customized it: W7 Home
Premium, 64 bit. Pentium P3 3.70GHz, RAM 4GB DDR3, Hard Drive: SATA 3.0, 500GB, 72.000; Built-in web cam.

[abseh1]

Below are a few ideas:@ least have her call the FTC's ID Theft Hotline-1-877-438-4338 and ask them for any help they can provide to her (being overseas is a more difficult issue)

1)Contact the major credit bureaus.

2)For your sister, have them place a fraud alert on her credit reports for her...Social Security Account Number (SSAN) (initial fraud alert is good for 90 days and extendable up to 7 years), tell them she wants a copy of her credit report (and ask them to ensure only the last four digits of her SSAN are shown on these reports), and get and additional information or advice they can give you: Equifax 1-800-525-6285; Trans Union 1-800-680-7289 or Experian 1-888-397-3742.

3) Contact her credit card companies and tell them what happened; they should refer her to their anti-fraud department or some department with a similar name. They should offer to transfer her balance to a new card number and send her new cards. If fraudulent purchases have already been made, ask them how you go about disputing the fraudulent charges.

4) If new, fraudulent accounts have been opened, report it to the local police where the account was opened and to the FTC (see step 9 below). Obtain an ID Theft Report from the local police and/or the FTC. While waiting for the latter report, contact the company with whom the account was opened. Tell them it is a fraudulent account and a case of ID Theft and a formal report will be forthcoming, and ask the company to explain to her how to go about disputing any charges.

5) Contact her bank and other financial/investment institutions. They should offer to change her accounts, also.

6) Do the same for any and all accounts you have that could be compromised: eBay, PayPal, BidPay, whatever.

7) Do the same for mortgages or car loans or personal loans she may have.

8) Contact the police where she lives and let them know what has happened, especially if you feel her safety is in question (most likely it is not, but still do it).

9) Report what happened to the FTC's ID Theft Hotline-1-877-438-4338 and ask them for any help they can provide

10) Notify the Social Security Adminsitration, 1-800-772-1213. Let them know what happened. Get it on the record. In some instances, if fraudulent use of her number occurs, she can get a new number.

11) Now either take the money she has out of savings or borrow money in order to pay off all outstanding credit that she can; then close the accounts. Close the accounts means when she pays the balance off, tell the creditor she wants the account closed.

[abseh1]

Important: Have a clean install done on the computer from a reputable company and scan the data before putting it on the clean install
There is no telling if key-logs/malware etc are on the repaired computer form Italy

[DonnaB]

As a follow up to abseh's post:

Not sure yet who the culprit is, but the computer guy is still on the list

He certainly had access to every file on the computer and it is possible that he could have installed something that could send her personal information back to him if he was educated in the field of installing that type of software. The best way to create peace of mind would be to reinstall the software from disk. If the guy is this knowledgeable it would be pretty easy for him to get around Norton Security. I wouldn't advise performing any type of financial transactions in a wireless environment.

5) Contact her bank and other financial/investment institutions. They should offer to change your accounts, also.

6) Do the same for any and all accounts you have that could be compromised: eBay, PayPal, BidPay, whatever.

7) Do the same for mortgages or car loans or personal loans she may have.

For the above, advise her to not use that computer to contact and change her personal information.

abseh mentioned the Federal Trade Commission (FTC) in his post. Here's a link --> Avoiding Credit and Charge Card Fraud

Don't focus only upon the seller of the computer. She has to be very careful when making a purchase any where.

See the Do: and Don't: in the following link.

Avoiding Credit and Charge Card Fraud

There are scans that can be ran on her system but if anything is found such as a keylogger, rootkit or the like, even having that removed could still leave the computer vulnerable. The professionals always advise to reformat/reinstall unless no financial information has ever been stored on said computer.

Here is a recommendation by a well known Global Moderator that will explain better than I what the possibilities are if the computer was compromised.

Although the rootkit has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again.

[scottt331]

Hello abseh1, Thanks so much for both of your replies. Last night I read a couple hours on the ftc.gov site, so luckily; your first post does make excellent
sense, as they are quite similar instructions. I do have one question, about the, "Second Post". You said, before doing the clean install, to "Scan the data" (first). And
also, "To have the clean install done...from a reputable company".
My question is, "What do you mean by 'scan the data'...?". Would she do this or the company doing the clean install (before putting in the clean install)? And, if she would be doing it: "Do you mean a regular (Norton, etc... Antivirus scan), or is there a special or specific type of scan that should be done?". If so, what is it called?
Thanks Again,
scottt331

[scottt331]

Hello DonnaB, First thanks so much for your thorough reply. As it does seem that most of her concern (or what she doesn't know-nor myself); is how to know if the laptop she currently has is okay to use. (which you reply to). (Also, one thing I didn't include in the original post), is some added information (if you have any replies on
this topic would be appreciated. If no, that's okay, too).
Basically, as part of this process of purchasing this new laptop; he kept the 'old laptop' (as he gave her a discount-which she otherwise wouldn't have gotten). Since he had already had the original laptop in the first place, as he tested it out to see what repairs were needed; should she make an expedited effort to purchase this old laptop
back from him? Or, is (any damage), he might do; likely already done? (I don't mean to pose a theoretical question- as I mean for it to be a "technical" question). As I
don't know how long it takes to glean information from an old laptop, other risks, etc... (I spoke with her today, about this, and her comment regarding this was, "Well, whatever is done (by him), has likely already been done. So why should I pay him to get it back?"). That's a good question which I can't answer.
Thanks,
scottt331

[scottt331]

Hello to abseh1, DonnaB, or anyone with expertise/familiarity in this area,
To update: I'm a bit surprised to read the (rigorous) posts by abseh1 (2nd post) and by DonnaB; in terms of the level of threat remaining in the current laptop. I say this
only because of the following: "Last night, I also had a chat session with an agent from Microsoft Security; and asked her specifically: 'Is there any way that this computer guy could rig (the new laptop) with spyware, etc.; which he could somehow embed, or hide very well- 'So that scans such as Norton, Microsoft, etc., would not
be able to detect them?'" (As I truly didn't/don't know). And her response, was unequivically, "No".
This seems to be the opposite of everything indicated in these posts.
Is she correct?
Thanks,
scottt331

[DonnaB]

Scott,

I'm reaching out to a friend of mine who can answer that last question and is a Microsoft MVP. I'll let you know what she says if she doesn't post to this thread herself.

A few questions if I may.

Did the credit card theft occur before or after the purchase of the new computer? You still don't know for sure if the guy in the computer shop is at fault yet. Date of purchase for the new computer vs. date of credit card fraud may verify that.

How did she find out that she had been a victim of credit card theft? She can find out when the fraudulent purchases were made by contacting the credit card company.

You asked abseh: (I'm sorry abseh, don't mean to monopolize the issue)

"What do you mean by 'scan the data'...?".

Right click on the folder the personal data is stored in an right click. You/she should get the option to scan it's contents with your AV.

And to answer the questions in post #6:

Since he had already had the original laptop in the first place, as he tested it out to see what repairs were needed; should she make an expedited effort to purchase this old laptop
back from him? Or, is (any damage), he might do; likely already done? (I don't mean to pose a theoretical question- as I mean for it to be a "technical" question). As I
don't know how long it takes to glean information from an old laptop, other risks, etc... (I spoke with her today, about this, and her comment regarding this was, "Well, whatever is done (by him), has likely already been done. So why should I pay him to get it back?").

Your sister is likely correct. The damage is done. A professional can "glean" the information they want in the blink of an eye!

(if you have any replies on this topic would be appreciated. If no, that's okay, too).

There's no way we here at H2G would leave you in the dark. We do our best to console every fear/doubt you have. If we somehow overlook something that you need to know the answer too for your own personal needs, please feel free to ask us again. We do not mean to overlook detail intentionally.

Donna

[DonnaB]

Scott,

Here's the reply I received from my friend:

One shinning light -- I understand that Asus is an excellent product.

If the seller installed a valid keylogger program, then it is most likely the A/V would not pick it up.

Assuming she followed abseh1's advice and reported the credit card, then her credit card company would not approve any additional charges to that account. It is also critical that she follow your advice and change all of her passwords from another computer. Having done that, I see no reason to get the old Dell back.

She should also check that the installed software is valid and not pirated. She can go to What is validation and how does it work? - Microsoft Windows and click the "Validate Now" button. If NOT valid, take the receipt, the information about the credit card fraud and go to the police.

If valid, did the seller give her the software for Windows 7? If not, I suggest she take a friend and return to that shop and insist on a copy of the installation software (preferably cellophane sealed!).

Make sure remote desktop is disabled:

• Open Control Panel
• Open System And Security
• Open System
• Select Remote Settings from the left pane in System to open the System Properties dialog box for the Remote tab.
• Click Don’t Allow Connections To This Computer and then click OK.

With two people already responding, I think its best to keep it limited rather than adding a third voice. Feel free to share any of the above information you feel will be helpful.

Please have your sister follow the instructions to see if the copy of software is valid.

Also kave her follow through with verifying that the remote desktop is disabled.

Those are points I never even thought about.

[abseh1]

If you do not want the old computer this is a moot issue

It has mostly been answered, but I meant by clean install...reformatting and doing a fresh install of the OS and reinstalling your programs from disks or previous on-line downloads from the old computer

By scanning data ...if you saved any data from the old Italy install the data could have malware...so scanning it with an antivirus and malware programs will be recommended

Give this info to the reputable dealer....he should be well aware of fixing problems like yours....if the old computer has any value...if not then disregard