Extra Tips For Communication With DCAs

[Halibutt]

Hi All,

 

I've spent alot of time reading through threads here and noticed some comments, posts etc. where really good extra general advice is given, but it doesn't always seem to filter through to prominent parts of threads.

 

I was wondering if anyone wanted to share their tips and tricks that just give that added bit of help? If it's okay with the site team, I'd like to suggest that people add to this thread.

 

Here are a few suggestions from me:

 

POSTING SCANS/PHOTOS OF DOCUMENTS

 

In many threads, people advise posting scans/photos onto Photobucket. Don't. It's not secure and your other photos/identifying factors could be revealed to anyone who knows how to do it. For example, there's the "fusker" program. Read about it here: http://en.wikipedia.org/wiki/Fusker

 

I would suggest an alternative: use sites like imagebam.com, imagevenue.com etc.

 

The reason being that they do not require registration, user names, or any other personally identifying information in the same way that sites like Photobucket and Flickr do.

 

You post almost anonymously, although your IP address is logged (as with any mainstream site, Photobucket included). A site is not required to reveal your IP address unless legally ordered to do so. With Photobucket, Flickr, Webshots, etc. a DCA could simply look up your username, match it with other results in internet searches and use certain computer programs to have a look at all of the photos you've posted.

 

Sounds paranoid? Well, what if you've posted a picture on your Photobucket account of you standing outside your house, proudly holding your new baby, but your brand new car reg. is clearly visible, along with your house number, etc.? You suddenly get a call from the DCA asking how you could afford a new car and that you should now "up" your monthly payments. Starts getting a bit more worrying, doesn't it?

REMOVING PERSONAL INFO FROM SCANS/PHOTOS

 

I've seen many examples in threads where people have used felt pen or biro to scribble over personal details. Don't do it. The information can easily be retrieved using Photoshop or similar.

 

Instead, use your photo editing software - even MS Paint will do the job.

 

In "Paint" simply open your document, use the "crop" tool to crop out any personal info. Drag the cursor around the bit you'd like to delete - it'll look like a rectangle with dotted lines. Hit the "delete" button on your keyboard. The pixel info is then removed from your image and can't be retrieved if someone tries viewing or downloading it - save your edited image under a different name and use the "properties" (right-click) function to remove personal details - this should prevent any info collection via EXIF data.

 

Here's an example:

 

WHICH EXTRAS DO YOU PUT ON LETTERS AS STANDARD?

 

I've started to mark every piece of correspondence with "By Royal Mail Recorded Delivery".

 

It might seem obvious, but it's a not-so-subtle reminder to anyone dealing with your correspondence that you can prove that you sent the letter and that the DCA received it.

 

Anything you can do to re-inforce any argument, proof of your/their actions is a potential help.

 

That's it from me for now. More when I think of any.

 

Cheers all.

Edited July 7, 2010 by Halibutt

[Guest Cartaphilus]

Yes, write in crayon, and include images so they can understand what you are saying ... well, maybe.

[Halibutt]

I wonder what a DCA's response would be if you did write to them in crayon?

[Guest Cartaphilus]

Mmm, well ...

[Halibutt]

SCREEN NAMES

 

When you post on a site such as C.A.G. don't use the same screen name that you use for Facebook, Myspace, Photobucket, etc.

 

Anyone, DCAs included, can simply do a websearch and find out alot more about you.

 

Choose a unique screen name that you don't use anywhere else.

[Guest Cartaphilus]

When you post on a site such as C.A.G. don't use the same screen name that you use for Facebook, Myspace, Photobucket, etc.

True. Which is why I didn't use one anywhere else or used before when I registered (though clearly there are potentially thousands of others with the same username, so they can have fun sifting it out if they so wish ) ...

 

You post almost anonymously, although your IP address is logged (as with any mainstream site, Photobucket included)

.

 

Regarding that, but someone told me a while ago it was possible to get an IP off a screenshot ... somehow or other using some code that's embedded there you can't see. Dunno. Just saying it because of the IP issue.

Edited July 7, 2010 by Cartaphilus

[Fred Bassett]

It's a good idea to have a thread like this. Another potential problem is when people use office software like Word, PowerPoint or other suites like Open Office. These files always contain metadata that can identify the name of the person who created the document.

 

Likewise, pdf files can very often be re-edited to remove blanking details. The simplest way to stop this happening is to convert documents to images (you can do this through PowerPoint or other drawing software like Open Office Draw.

 

Personally, I use Photo Bucket but I only use it for stuff I post up here anyway, so the privacy issue is not a problem for me, but this is a good point.

 

The other point I'd like to make regards barcodes. These can obviously be used to identify who letters were sent to. Barcodes should either be masked or, better still, use an online barcode generator like this one: Free Online Barcode Generator: Make a Custom Barcode in Seconds to make up your own and place it over the top of the one in the letter. If any passing DCA spies get to translate it they will then see a message telling them to go forth and multiply.

 

Regards.

 

Fred

[Halibutt]

Thanks Fred. Good advice. Bar codes are getting alot more prominent on DCA letters now.

[Fred Bassett]

I wonder what a DCA's response would be if you did write to them in crayon?

 

They'd think you were both on the same level.

[Halibutt]

CORRESPONDENCE

 

Never include your phone number - home or mobile - in any correspondence unless legally required. In the same vein, never include your email address.

 

If a DCA wants to contact you, make sure they put it in writing. They're less likely to bully or threaten you in the same way as by phone or in a doorstep visit, plus you have thinking time. You also then have documentary proof of everything, plus you can ask people here for advice and post the letter for reference.

[Guest Cartaphilus]

They'd think you were both on the same level.

I was going to say write in neon coloured pen, given their tendancy for 'highlighting' in their letters.

 

As for being on the same level I don't think they are even on the same evolutionary page TBH. Anyway, carry on the good work Halibutt.

[Halibutt]

someone told me a while ago it was possible to get an IP off a screenshot ... somehow or other using some code that's embedded there you can't see. Dunno. Just saying it because of the IP issue.

 

You can't get any info from a screen shot. It's simply by default, a .BMP file.

 

What you could do is view the HTML source code of the web page and on some websites, you might be able to view the originating IP address of a poster within the code.

 

You'd need to have some knowledge of HTML though, rather than being the usual peanut-eater employed by DCAs.

 

If you wanted to avoid leaving a trace of your IP address anywhere, you can simply log on using a proxy IP address.

 

Find out more here: Proxy server - Wikipedia, the free encyclopedia

 

It is theoretically possible to trace an IP address back from the proxy, although it's an incredibly involved procedure.

 

In addition, simply having someone's IP address is fairly useless info unless you can legally require the Internet Provider to divulge the user's name and address. For instance, all you would get from my IP address if you could find it is the UK region in which I was situated. With a population of around 50,000 I'd be just another needle in a haystack.

Edited July 7, 2010 by Halibutt
Info update

[Guest Cartaphilus]

Very easy for someone to do that, hackers do it all the time. Just reading up about the screenshot thing now. But, as these are DCAs we are talking about, would it surprise what lengths they may go to online or outside it? I've seen plenty online elsewhere on another forum - including a debt letter with someone's name getting posted on there same afternoon they logged in, was reported to the admin on there ... happened within minutes of that person being logged in so they must have been able to 'know' somehow they had done so, plus the person who did it was newly registered.

[harrassed senior]

Funny you mentioning photobucket, there were 2 posts today both directing to photobucket. The OC had very kindly put up 4 links to 4 images, when, in actual fact all I have to do was press the next/previous button in photo bucket and, as you say, see their whole album. So think some exploratory work with other site, and/or recomendations is needed.

 

Thanks H

[Halibutt]

I do see your point Cartaphilus, but hacking is, in many cases, a criminal offence. That's another way to collect ammunition against the enemy.

 

That's why I advise that if anyone is particularly worried, then try using a proxy. It's easy and free.

 

If anyone wants help/advice on this kind of thing, they're welcome to PM me. As long as they're genuine registered CAGgers that is

[Halibutt]

Funny you mentioning photobucket, there were 2 posts today both directing to photobucket. The OC had very kindly put up 4 links to 4 images, when, in actual fact all I have to do was press the next/previous button in photo bucket and, as you say, see their whole album. So think some exploratory work with other site, and/or recomendations is needed.

 

Thanks H

 

No problem H and thanks for your input. It should be pointed out also that with hacking programs, even "private" folders that are password-protected are vulnerable. If I can do it, anyone can...

 

As I said before, the anonymous image hosting sites are the best way to go - please see my initial post for a couple of examples.

[Guest Cartaphilus]

I do see your point Cartaphilus, but hacking is, in many cases, a criminal offence. That's another way to collect ammunition against the enemy.

 

Yep, it is and the only reason I would bother learning about such things is because of having it done to me so you tend to come into contact with such things as a byproduct (I did actually report it to the police at the time because of the level of harm it was doing to me ie it wasn't just a common or garden hacker but someone who seriously wanted to harm me in that way and beyond but ... thankfully the laws have since changed a little following high profile cases in the media). Anyway, that's not for here but ... I said on another thread earlier this evening that I am much much more careful online now as a result certainly.

[Halibutt]

Yep, it is and the only reason I would bother learning about such things is because of having it done to me so you tend to come into contact with such things as a byproduct (I did actually report it to the police at the time because of the level of harm it was doing to me ie it wasn't just a common or garden hacker but someone who seriously wanted to harm me in that way and beyond but ... thankfully the laws have since changed a little following high profile cases in the media). Anyway, that's not for here but ... I said on another thread earlier this evening that I am much much more careful online now as a result certainly.

 

In any circumstance where you believe any of your internet accounts have been hacked by someone genuinely wishing to do you harm, the best thing is always to go to your local police, report it and make a statement. Insist on getting the crime number. If you ever need evidence in the future, you can produce that info.

 

Hope all is sorted out with your problem now Cartaphilus

[Fred Bassett]

Personally I do use email as a means of communication with DCAs. They always write back by post but it saves me money.

[pompeyfaith]

i alway use private browser mode when viewing forums good thread should be a sticky

[Halibutt]

I suppose that's a good point Fred, but I'm always wary of electronic communication as email headers, content, IP details, and so on, can quite easily be copied, changed, etc.

 

I'd prefer to be certain and get it all recorded by a third party i.e. Royal Mail.

 

Each to their own though - if something works for you and you've had no problems, then fair play to you.

[Guest Cartaphilus]

In any circumstance where you believe any of your internet accounts have been hacked by someone genuinely wishing to do you harm,

 

Suffice to say, everyone who was targetted by that one person did so, even tried to take legal action against them but ... they never used a fixed IP and ran riot online, they clearly considered they couldn't nor wouldn't get caught, it seemed they could find whatever they wanted out about you online or outside it, most of which wasn't even discussed online or in the public domain but because they went into forums, chat rooms and had a way of asking people things, getting information out of them, there you go ... They haven't been, I won't go into things (as I only mentioned it because of the IP thing originally) and it was a while ago, and went beyond just hacking to everyone involved, I came to learn after it wasn't just me ... They all tried to the police, solicitors but ... and some had much worse than me ... the police were not geared up for internet matters like, say, they are in places like America where maybe it's taken a bit more seriously, but these days it is taken more seriously and there is now an internet based crime unit set up this or last year for people to report online harassment, bullying, because of what has happened in the media since that has raised the issue and made people more aware of it's seriousness. Unfortunately, it has taken that, though, to get it taken more seriously. I don't know the person, nor do I wish to, but they chose to make themselves know to me in a very maliscious way. They were just someone who thrived on playing cat and mouse, knowing you couldn't do a thing about it.

 

However, thanks for the tip and should it ever happen again I whereas I was scared by it before, I know better now (because they wanted me to be frightened by it, nothing else) I will take it further than I did last time but I didn't know better or the proper people to speak to.

 

Anyway, some good advice BTW about the DCAs (if I didn't say it earlier before flying off at a tangent).

[Halibutt]

i alway use private browser mode when viewing forums good thread should be a sticky

 

Thanks Pompey - but... private browser mode in IE or Firefox doesn't mask your IP address. It will simply not record your browsing history on your machine and will clear your cache/temp files at the end of a session.

 

You need to use a proxy in order to avoid leaving an IP trail.

 

Actually, something that I didn't mention is "Roaming IPs". People can look it up if they wish. It just means that your IP address changes with every login session. Most people don't have them though as static IPs are standard with most non-WiFi providers.

 

If you're worried, use a proxy.

[pompeyfaith]

proxy tell me more plz is there a website that explains this subject

[Halibutt]

General info is here: Proxy server - Wikipedia, the free encyclopedia

 

You can do a Google or similar search for a proxy server.

 

You don't have to download anything, just enter the web address of the site you want to visit into the proxy server search field.

 

An example is this one:

 

 

There are plenty of free proxy sites if you do a search.