The report breaks out complaint data on a state-by-state basis and also contains data about the 50 metropolitan areas reporting the highest per capita incidence of fraud and other complaints. In addition, the 50 metropolitan areas reporting the highest incidence of identity theft are noted.

For the first time, “imposter scams” – where imposters posed as friends, family, respected companies or government agencies to get consumers to send them money – made the top 10. The FTC also has issued a new consumer alert, “Spotting an Imposter”, to help consumers avoid imposter scams.

Read more from the Federal Trade Commission here.

FTC Appeals Ruling on Identity Theft – Red Flags
The Federal Trade Commission has challenged a court ruling that, if it stands, could give physicians some relief from regulations requiring implementation of formal identity theft prevention programs by June 1. In February, the FTC appealed a December 2009 ruling by the U.S. District Court for the District of Columbia that found the agency exceeded its authority in enforcing its “red flags” rule against lawyers. The American Bar Assn., which initiated the litigation, noted in a statement that the appellate court upheld a similar ruling against the FTC once before. Read the full American Medical News article here.

Congress Vulnerable to Online Attacks
Congress is under constant attack. But the assailants aren’t just partisan adversaries, special interests or foreign agents. These predators come armed with bytes and have names like Trojan, Spybot and Worm. In short, Congress has a cybersecurity problem that ranges from foreign governments stealing information off BlackBerrys to unwitting aides e-mailing sensitive information from their secure office computers to more-vulnerable terminals at home. Some security experts even look with suspicion at the very origins of the House e-mail system. An Israeli company manages the project. The equipment is Canadian. A French company makes the switchers. An Indian company wrote the code. And a Chinese company wrote the backup code. Read the full Politico article here.

Cybersecurity Needs Global Rules: British Lawmakers
Europe’s online security would best be served by developing global cyber regulation, ending current “ad hoc” international efforts, British lawmakers said on Wednesday, echoing industry calls for worldwide rules. In a report, a committee of parliament’s upper chamber said that creating a common European-wide approach, while a desirable step in the right direction, was seen by many in the cyber community as “second best” to global regulation. Read the full Washington Post/Reuter’s article here.

Moscow Gets Tough on Cybercrime as ID Theft Escalates
Russia has quietly arrested several suspects in one of the world’s biggest cyberbank thefts, raising hopes of a previously unseen level of official co-operation in a country that has been a haven for criminals. The Russian Federal Security Service (FSB)has detained suspects including Viktor Pleshchuk, an alleged mastermind behind a £6m (€6.6m, $9m) attack on the payment processing unit of Royal Bank of Scotland, said people familiar with the inquiry. The FSB asked the Federal Bureau of Investigation in the US, which has made the inquiry an international priority, to avoid scaring other targets in Russia into covering their tracks. Read the full Financial Times article here.

We’ve known for a long time LifeLock’s multi-million advertising campaign was misleading. CEO Todd Davis’ reckless display of his social security number on the side of trucks sent a clear message – our product is a silver bullet against identity theft. Illinois Attorney General Madigan put that myth to rest on Tuesday when she stated, “there is no 100% protection against identity theft.”

We know that. Our member companies live with it every day.

It’s good news that Identity management services are including features that alert consumers to possible fraud before criminals have an opportunity to exploit existing accounts or open new accounts or services. We always recommend consumers use free data protection tools – like monitoring their accounts online – but legitimate paid services can offer a extra level of protection and peace of mind.

It’s time that service providers, including ITAC and our proprietary service, ITAC Sentinel®, be held to a set of standards so consumers have a clear understandings of the value and limitations of paid identity theft protection.

Leibowitz made it clear the settlement represents all the company’s cash reserves to compensate more than a million LifeLock consumers. Leibowitz and Madigan called LifeLock’s advertising campaign and CEO Todd Davis “shameless” for exploiting consumer fear about identity theft.

“No service can provide 100 percent protection against identity theft,” said Madigan. She said LifeLock offered no protection against the most common type of fraud – existing account fraud. Ironically, Madigan received a
direct mail piece from LifeLock stating she was at risk of identity theft.

“As a nonprofit committed to helping consumers, we’ve been worried about LifeLock’s ads for a long time because we felt they were misleading,” said ITAC President Anne Wallace. “We’re happy the FTC has taken action to protect consumers.”

While this encouraging that there has been a 5 percent decline, the reality is that identity theft continues to be major problem. And, these findings very much reinforce the recent findings of the Javelin Strategy & Research’s “2010 Identity Fraud Survey Report,” which found that the number of identity fraud victims in the United States increased 12 percent to 11.1 million adults in 2009, while the total annual fraud amount increased by 12.5 percent to $54 billion.

And, if you do find yourself becoming a victim of identity theft, check out this video that the FTC produced about how to file a complaint with the agency:

According to the Washington Post, privacy and consumer advocates have long urged regulators to address the risks posed by peer-to-peer networks. They say that, for example, an employee at a commercial firm could inadvertently publicize unsecured customer data by using a work computer to download music from a Web service such as BitTorrent, BearShare or LimeWire.

For many years, P2P networks have been a cause of serious cyber security (and copyrights for that matter) concerns. In fact, yesterday, it was announced that researchers had identified Spybot.AKB, a worm that spreads across P2P networks and email systems. So, it is good to see the FTC addressing this issue.

According to this article from CMIO, The FTC’s interpretation of the regulation imposes an unfunded mandate on healthcare professionals for detecting and responding to identity theft, according to the organizations. In the letter, they asked the FTC to make it clear that the rule will not apply to their members given the result of recent litigation brought by the American Bar Association against the FTC where the U.S. District Court for the District of Columbia ruled that lawyers should be excluded from the requirements imposed by the “red flags” rule.

What do you all think about this? George Hulme the Healthcare blogger for InformationWeek had this to say: Step up and protect your customers from identity theft.

We believe that George has a valid point. Healthcare providers deal with sensitive customer information that can easily be compromised. Even though the Red Flags rule may be cumbersome to meet the requirements, what is the alternative? Having patients accept the responsibility when they become victims of identity theft? Wouldn’t it be better to have steps in place to ensure that this data is protected? We welcome all thoughts and feedback!

Funny stuff. Again, please let us know your thoughts!