|
There were 43 data sets that appeared to contain real, sensitive information. Unfortunately, there were no email addresses associated with those data sets.
I decided to write a letter to each mailing address associated with a given data set. The correspondence was addressed to the person named in each data set.
There were 39 data sets with complete mailing addresses. I sent off 39 sets of correspondence. That means there were 4 sets of data from people I couldn't reach.
I wrote a cover letter, summarizing the basic facts: I found a public file at a fraudulent web site and that file appeared to contain sensitive personal information.
I included a printout of the piece of the file associated with each address. To preserve confidentiality of the data, I replaced every 3rd or 4th character in the data with the symbol "*." I did this because the correspondence might be opened or viewed by someone other than the subject of the information. If the original data were familiar to the person viewing the redacted copy, I am confident that person would recognize the original data.
If the data in the phishing data file proved to be familiar to the person receiving my letter, then I advised them to do the following:
* Contact Banks and Credit Card providers. Get new cards with new account numbers issued. Secure funds in accounts by following providers' advice.
* Contact the 3 Credit Reporting agencies and file a fraud alert statement. Consider establishing a Credit freeze.
* Check Bank and Credit Card statements for evidence of fraud.
* Contact Police and file a criminal complaint if there has been fraud.
Results:
4 letters were returned by the Post Office as being un-deliverable.
35 letters were delivered to real addresses. Good luck to those people.
|
|
