May 17, 2011
BOSTON — It was just days before Christmas last year when Chrissy DiPietro checked her online bank statement, only to realize the Grinch had come early.
“I saw a charge for $100 from Trinity Global. Then I looked back about four days before that and there was another $100 dollar charge. And then about 4 days before that, was a $500 charge,” DiPietro said.
At first, the South Boston resident thought it was her Edward Jones retirement fund, but when she Googled “Trinity Global PStars,” an online gambling site popped up. “I called the bank that day and they said this is definitely suspicious,” says DiPietro.
And it was. In the course of a few weeks, someone had funneled $3,000 from her bank account to a variety of offshore gambling sites, even opening accounts in her name. DiPietro says she still doesn’t know how they got her information.
“They basically are me right now. The person somehow had my name, my address, my parents address, my cell phone number, my email address. I think my computer was hacked."
Maybe. But getting information like that isn’t as hard as it used to be. Websites like Spokeo.com and 123people.com are aggregating information and showing it to anyone who wants to see, including identity thieves.
“I absolutely believe that they’re using these because there’s too much in the way of — basically low-hanging fruit to go after,” says Beth Jones, Internet security expert at Sophos.
Jones says it’s as simple as typing a name and city into the search box. Then, up pops a profile of that person including age, home address, home value, even your family members — and that’s just the free version. For a paltry four bucks a month, Jones says profiles get even more detailed.
“Scammers can start looking up people’s name and just do regular vanity searchers, see where people live, see where they’re working, see what their Facebook and Linked-in profiles have to say.”
Jones says the best way to protect yourself is to limit the amount of information you put out there, especially the information you share on Facebook and Twitter.
“If you wouldn’t tell a complete stranger and go up to him and say, hey my birthday is so-and-so and here’s my social security number, you know — if you wouldn’t do this in real life, don’t do it on the computer,” Jones said.
Chrissy DiPietro admits she shared too much information on Facebook — like her birthday and email address — and has since wiped her profile clean. She finally got her money and identity back, but it wasn’t in time to pay the bills.
“I’m in trouble now. I used my credit card for two straight months while the bank did my investigation and now I’m stuck in credit card debt,” DiPietro said.
Subscribe to WGBH News Emails