Online shoppers take heed.

Within the next 6 to 12 months, Homeland Security Department officials say they expect to have a long-awaited, instantaneous system for tracking foreigners who have overstayed their visits. Lawmakers have said such a tool is crucial for removing potential terrorists.

In 2002, DHS began to build a comprehensive entry and exit system for collecting biometric data from visitors traveling to the United States but nearly a decade later the exit part still doesn't exist.

Without an exit system, the department has encountered difficulty accurately identifying overstays, according to the Government Accountability Office. DHS estimates there were 36 overstays among the 400 people convicted through international terrorism-related investigations between September 2001 and March 2010. Five of the 19 hijackers on Sept. 11, 2001, were overstays.

Those statistics may change if all goes according to plans that DHS officials outlined at a House hearing this week.

The department is looping together a multitude of databases operated by three DHS components and the intelligence community to more quickly see red flags. Once integrated, the systems maintained by Customs and Border Protection, Immigration and Customs Enforcement and US-VISIT will be able automate previously manual searches and cross-check those findings with law enforcement and intelligence data. In essence, the integrated app will generate an e-dossier on leads, testified John D. Cohen, DHS principal deputy coordinator for counterterrorism.

"Instead of us being reactive," by screening an accumulated list of potential overstays, "CBP and the technologists will be developing essentially a hot sheet," he told members of the House Homeland Security Subcommittee on Border and Maritime Security. It "will essentially create a dashboard available to ICE, on a day to day basis, that will provide them with insights about those public safety and national security risks that are either overstays or existing visa holders."

At first, the application will not be the biometric one envisioned by authorities after 9/11. It will include biographic information and certain fingerprints from travelers entering the United States, and, with advances in research, gradually grow into a robust biometric system. "You have the foundation for a biometric exit capability of the future," Cohen said.

Already, the department has taken steps toward this goal by vetting a backlog of 1.6 million overstays, Cohen said.

In May, DHS officials began by scratching off names of people who had since left the country or changed immigration status. Then, they screened in-house law enforcement and immigration records, as well as intelligence holdings from the National Counterterrorism Center, to winnow the remaining 757,000 people to 2,000 high-risk individuals. Of those, some had died or since become part of an ongoing investigation, leaving several hundred potential leads.

Two months later, all of the previously un-reviewed overstay records had been analyzed from a national security and public safety perspective, Cohen said. ICE currently is pursuing suspects, he added.

"I cannot for one tell you how much better I feel now," said Subcommittee Chairman Candice Miller, R-Mich.

Not so, said GAO.

"If we're going to focus on the national security and public safety folks, which is the thing to start with -- it gives the impression that once you're in the country, you're in. Unless you act out," Richard M. Stana, GAO director for homeland security and justice issues, said at the hearing.

Omar Abdel-Rahman -- an overstay -- had no criminal record before he was arrested for the 1993 World Trade Center bombing, Rep. Michael McCaul, R-Texas, noted.

Foreigners who aspire to work for federal contractors can now use a Spanish-language website to make sure their correct immigration status is on file with the government before their employers are required to do so -- avoiding potential unemployment.

All personnel doing business with the government must pass muster with e-Verify, an online system that U.S. businesses use to check the employment eligibility of new hires. In March, U.S. Citizenship and Immigration Services, an arm of the Homeland Security Department, began offering an English-version of the system - e-Verify Self Check -- in a few states for foreign jobseekers to check that their personal information is accurate.

On Tuesday, USCIS announced a Spanish version is now available and the service has been expanded to 16 additional states. Nationwide rollout is expected by the spring.

Federal vendors often complain e-Verify contains errors such as missing Social Security numbers that generate messages showing a hire has no legal documentation. If that happens, the employee only has eight days to start working with the Social Security Administration to resolve the mistake. Otherwise, the staffer could lose his or her job.

You can try e-Verify Self Check if you live in California, Louisiana, Maine, Maryland, Massachusetts, Minnesota, Missouri, Nebraska, Nevada, New Jersey, New York, Ohio, South Carolina, Texas, Utah, Washington, Arizona, Colorado, Idaho, Mississippi, Virginia and the District of Columbia.

The Federal Trade Commission is allowing the U.S. Citizenship and Immigration Services arm of the Homeland Security Department access to its secure consumer complaint database so USCIS officials can investigate scammers posing as immigration legal advisers, federal officials announced on Thursday.

Typically only law enforcement officials can search through the FTC's Consumer Sentinel Network, which warehouses tips that customers submit to the Better Business Bureau, National Consumers League and other watchdog organizations.

USCIS, FTC and Justice Department officials announced the new data exchange on Thursday as part of a public awareness campaign to crack down on unauthorized legal assistance providers. Many imposters charge unwitting immigrants for resources the government offers for free, like application forms, or falsely claim they can expedite the approval process, according to USCIS officials. Some promise to help clients obtain immigration papers for which the applicant is ineligible.

Obama administration officials have been stressing the White House's commitment to immigration enforcement, as they try to ease the way for comprehensive immigration reform.

USCIS posted several campaign ads on YouTube to educate people on how to avoid immigration scams, but the promos do not encourage reporting deceptive outfits. The ads direct Internet users to the uscis.gov/avoidscams website for more information. A "Report Immigration Scams" tab on the site takes visitors to an interactive Web page where they can notify authorities about suspicious professionals.

The Pentagon and the Homeland Security Department are aiding Defense contractor Lockheed Martin Corp. on an investigation into a cyber attack that reportedly infiltrated the firm's security networks, federal officials said Saturday night.

"DoD is aware of a cyber incident impacting Lockheed Martin and, together with the Department of Homeland Security, is working with the company in determining the extent of the incident," Pentagon spokeswoman Lt. Col. April Cunningham said. "Impact to DoD is minimal and we don't expect any adverse effect."

In the past, the Defense' Cyber Crime Center has been responsible for heading probes into intrusions on .mil networks and systems in the defense industrial base, which includes Lockheed. Homeland Security has focused on helping civilian agencies and commercial companies assess cyber events, such as the recent Sony PlayStation network breach.

But, increasingly, the Pentagon and Homeland Security have been sharing cyber experts, tools and privacy officers, to respond to cyberattacks against government contractors, including one disclosed in March that hit security firm RSA. In that incident, perpetrators compromised a system containing information on RSA-manufactured "SecurID" digital credentials used by many federal employees and contractors.

According to Reuters, which first reported the Lockheed incident on Friday, unidentified hackers "breached [Lockheed] security systems designed to keep out intruders by creating duplicates to SecurID electronic keys," according to one person who was not authorized to publicly discuss the matter. The offenders learned how to copy the security keys with data stolen during the RSA attack, the Reuters story said.

At the time, RSA Executive Chairman Art Coviello announced through a message on the company's website that the data stolen could potentially be used to weaken the security of SecurID devices "as part of a broader attack."

As a matter of policy, Homeland Security and military officials declined to comment on the operations underway to stem damage at Lockheed.

DHS and Defense officials have "been in contact with the company to offer assistance in determining the extent of the incident, performing analysis of available data in order to provide recommendations to mitigate further risk," Homeland Security spokeswoman Amy Kudwa said.

Lockheed officials did not immediately respond to a request for comment.