Last Friday I discussed the CEO of LifeLock’s appearance on the Today Show and how many of the services they offer are things you can do yourself. So, rather than leave it all vague, here’s what you can do for a do it yourself solution.

AnnualCreditReport.com

Through AnnualCreditReport.com, you can request a copy of your credit report from each bureau once a year. I generally like to stagger it every 4 months so you can keep up to date absolutely free. For example, get your Experian in January, then your TransUnion in May, then your Equifax in September, then Experian again the following January.

OptOutPrescreen.com

Visit OptOutPrescreen.com and sign up. This will significantly reduce the amount of junk mail, including credit card offers, you will receive. One of the biggest ways for your identity to be stolen is by stealing your mail and applying for all those “pre-approved” credit card offers out there. By reducing the number of mailings you get, you close off this leak.

Opt Out Of Internal Marketing Lists

One loophole in the OptOutPrescreen system is that companies with an existing relationship are still permitted to contact you - which makes sense. However, that means that if you have a Discover card, Discover will send you those convenience checks. If you have a Citi card, they’ll send you convenience checks.

I called up Citi and asked them how I could stop receiving those convenience checks. As it turns out, Citi has a central ‘Citibank Marketing List’ and you just have to ask to be removed from that. It takes 30 days to take effect but that will stop those mailings from appearing. Simply ask to do the same at all your financial institutions and they should be able to take you off. Scratch another headache off the list (you shouldn’t be using those checks anyway, so it’s a total waste of paper too).

Fraud Alert

Anyone can call up each of the credit bureaus (TransUnion, Experian, Equifax) and ask that they put a fraud alert on your account. This is a notation on your account that tells the creditor requesting your report to do additional due diligence. These are absolutely free but expire after 90 days, so remember to call back (set it on your calendar). The creditor is not required to do any additional verification, but they don’t want to get screwed so it’s better than nothing.

Freeze Your Credit

If the fraud alert isn’t hardcore enough for you, you can also put a total freeze on your account. Freezing and unfreezing generally costs in the $10 range, though it varies with your state.A credit freeze will stop the credit bureau from releasing your report without your consent. There are a few loopholes though, so it’s not 100% bulletproof. In certain circumstances, an existing creditor can still request your report so who knows. Perhaps if a scammer gets the stars aligned (or the creditor doesn’t care), they can still bust through this.

Here is what you need to do to place a freeze:

• Placing an Equifax Credit Freeze
• Placing a TransUnion Credit Freeze
• Placing an Experian Credit Freeze

Defending Yourself

To be honest, defending yourself requires time and that’s really the only thing companies like LifeLock can offer that you can’t get on your own. You can lay the groundwork but it’s a numbers game, if your number gets called then you have to deal with the estimated 25 hours worth of work required to fix things. One great resources it the Identity Theft Resource Center, staffed with volunteers to help you resolve your identity theft issues.

So, is $10 a month worth them dealing with the headache? That’s up to you.

Update: Sounds like LifeLock’s protection only applies to their own screw-ups… so it’s not even an insurance! You’re paying $10 a month for something you can do yourself.

(Photo: JJ & Special K)

This morning the CEO of LifeLock, Todd Davis, was on the Today Show with Matt Lauer to defend his company’s service. He was there to answer a few pending lawsuits about how the LifeLock service doesn’t work and that its claims to protect and prevent identity theft are fraudulent claims. Lauer really hammered Davis (as hard hitting as the Today Show can possibly be) but there were some pretty interesting statistics Davis brought up:

• Only a 105 out of a million customers have been victims of identity theft.
• Todd Davis, advertising his SSN for the last two years, has had 87 attempts with only one successful hit in Texas where someone was able to get $500.

My opinion of LifeLock has always been that the $10 you pay each month is essentially insurance on your time. Becoming a victim of identity theft, even if you are diligent in every single possible way, is like winning the lottery (a small firehouse charity one).

Just to give you a basis for comparison, the Privacy Clearinghouse 2007 Identity Fraud Survey reported that there were 8.4M cases of identity fraud in 2007. If there are 304M potential targets (that’s the census estimate and it does include children and babies, but they can be victims too) and a 2.73% chance of becoming a victim. With LifeLock’s measures (many of which you can implement yourself such as opting out of junk mail and freezing your credit reports), you have a 0.01% chance of becoming a victim.

So, going back to the Privacy Clearinghouse’s data, the mean fraud amount was $5720 in 2007 and the mean resolution time was 25 hours per victim; so your $10 a month is buying you insurance against that < 2.73% chance (that’s if you did the average to protect yourself) of losing 25 hours. To calculate what that’s worth, you look at how valuable you think your time is and whether the $10 a month is worth it.

LifeLock shouldn’t be considered bullet proof protection against identity theft, it should be considered time insurance against dealing with it.

So yesterday I did an analysis on whether identity theft insurance was worth it (it’s not) and my example ID theft insurance company was Lifelock, where the CEO posts his social security number directly on the website. Well, turns out that just recently someone tried to obtain a loan using his social security number and he discovered the social security number through the Lifelock website. Two things I wanted to say about that - first, the fact that he was caught is not a vote of confidence for Lifelock and second, you must be a fool to try to steal the identity of someone touting an identity theft insurance service. On the idea that it’s not a vote of confidence, the first thing the company does is request fraud alerts (here’s a do it yourself guide to do what Lifelock does for you, except it’s almost free), which means any strange looking loan request will get reported to you. You can request these fraud alerts yourself so the fact that the victim was the LifeLock CEO doesn’t really matter.

Robert Maynard, co-founder of Lifelock, has a less than sterling personal and business history. All this can be gleaned from a very interesting Phoenix New Times article I’ve linked to below. One of the popular stories he tells is how he spent a week in jail after being picked up for failing to pay a $16,000 casino marker (loan) at the Las Vegas Mirage. He tells the story as an identity theft victim but upon investigation it was shown that the loan was actually his and the Mirage had a copy of his driver’s license, taken when he took out the loan. In fact, Maynard may have stolen his father’s identity and opened up an American Express card that he charged $154,000 on. As if all that wasn’t juicy enough, Maynard’s credit-repair company was shut down by the Feds for false advertising and deceptive practice and he’s prohibited from working in the credit-repair industry forever. If you’re thinking about Lifelock specifically, I recommend reading that article because they also mention that they’ve only paid out three claims (no mention of how many denials).

On a sidenote, one interesting fact I learned from the Phoenix article, if you put a fraud alert at one bureau, they are by law required to notify the other two. That can save you two phone calls every 90 days, which is how long the fraud alert is good for, if you decide to go the DIY route (which is what I’d do if you’re fearful).

Much thanks to Josh for the Star Telegram article about the ID theft and much thanks to Jake for the Phoenix New Times article about the questionable history of Robert Maynard, Lifelock co-founder.

Update: Oh, if you want to read more, Phil points out this great article on TechCrunch.