There is no question that the timing of this book is critical. With identity theft on the rise and so many new ways that theives can steal your personal data, a basic understanding of how you are most vulnerable is critical. If the small investment in this book can help you protect your identity, it is well worth it.

The Identity Theft Toolkit starts by explaining how individual are vulnerable to identity theft. It then goes on to provide detailed information on steps you should take if you find that you have been an identity theft victim, providing a detailed list of places you will need to contact.

There is no question that the majority of the information in this book is sound. However, when it comes to the advice on Internet "cookies" the book provides inaccurate information that may generate unnecessary fears. The author cautions the reader about the use of cookies, which he says are "... designed to track all the sites you visit on the web." This information is may have been true at one time, but this "hole" in browsers was fixed a long time ago. An Internet domain can only read the cookies it has set; it cannot read cookies from other websites. (Some cookies are used to track your use of a website, but many are used for useful purposes such as keeping you logged onto a secure area of a website such as your web mail account. It is true that large advertisers have a broad network and may have cookies from multiple domains on your computer. They use software programs to analyze the data and identify usage patterns, which in turn is used to deliver targeted advertising to users.

There author also seems to have a cyincal regard for businesses. In the section "Opting out" he writes "Every piece of information you give a company is seen by them as an asset - something to be sold and traded". My experience has been that many small businesses not only carefully guard customer data, but they rely on this data to provide the best possible customer service.

One thing that the reader should keep in mind is that personal information can be stolen from many places. There is no need to give out information if it is not necessary, but at the same time it is important to understand the ways that you make yourself most vulnerable. There are risks to living - even being locked in your home is no protection from natural disasters. However, some behaviours are riskier than others. Clicking on an email asking for your personal financial data is extremely high risk behaviour that Internet users need to be aware of. Meanwhile I would think that signing up for a catalogue from a company that you like is relatively low-risk behaviour. A prioritized chart would have helped readers understand the actions that would be most likely to lead to identity theft.

In conclusion this book has a few valuable tidbits that are not commonly addressed in articles on identify theft, such how to protect yourself from cheque washing, a process whereby thieves create 'blank cheques' using detergents to chemically remove the recipient name and amount, while leaving the signature intact. It also provides a good overview of the different ways that identity thieves get access to personal information. For anyone who has been a victim of identity theft the chapters on how what to do if you have been a victim of identity theft will be invaluable.

If you consider yourself to be a novice computer user, have been a victim of identify theft or simply want to have the convenience of reading a single book to inform yourself of important issues, then you will find value in this book.

Author response: A typical hacking technique for hackers is called cookie theft. It is a method of stealing the cookies off a computer by having someone click a link in an email. The only purpose of keeping a cookie is that it means they do not have to retype their password and login. Numerous programs can do auto logins without using cookies. They serve no purposes other than for the companies to gather personal data on people.

I am recommending that users set their browsers to delete all cache and cookies each time they close the browser.

Also, many search companies, like Goggle, add an id to every search you do, stored in the cookie. They then analyse the data for marketing purposes. Although they swear they would never publish the data, they did before, as it was reported in the news. By looking at the Id for Goggle it was possible to often determine the name and location of the user.

There is no reason to be paranoid. There is also no reason to keep cookies. They can be dangerous, either on purpose, or by accident. -- John Lenardon