Identity Theft
J. Carlton Collins

According to U.S. Federal Trade Commission report, it is estimated that more than 50 million Americans were victims of identity theft. About half of the victims knew how their identity was stolen. The report found evidence that suggests that quick discovery of identity theft reduces the risk of thieves opening unauthorized accounts. Here are some relevant statistics:

1.       Accounts were opened in 45 percent of identity theft cases in which at least six months elapsed before victims noticed their information was misused. Accounts were opened in fewer than 10 percent of cases where victims learned of misuse within a month.

2. 33.4 million Americans were victims of identity theft from 1990 to 2003.

3. 34% say someone obtained their credit card information, forged a credit card in their name, and used it to make purchases.

4. 12% say someone stole or obtained improperly a paper or computer record with their personal information on it and used that to forge their identity.

5. 11% say someone stole their wallet or purse and used their identity.

6. 10% say someone opened charge accounts in stores in their name and made purchases as them.

7. 7% say someone opened a bank account in their name or forged checks and obtained money from their account.

8. 7% say someone got to their mail or mailbox and used information there to steal their identity.

9. 5% say they lost their wallet or purse and someone used their identity.

10. 4% say someone went to a public record and used information there to steal their identity.

11. 3% say someone created false IDs and posed as them to get government benefits or payments.

12. 16% say it was a friend, relative or co-worker who stole their identity.

13. The seven million victims the survey identified in 2002 represent an 81% rise over victims in 2001.

Security risks related to identity theft are on the rise. There are a number of ways in which identity thieves could threaten your computer systems. For example, they could use employee badges to enter your premises, or masquerade in the community as your employee or vendor. For example, a thief might assume the identity of a vendor’s sales representative and visit your accounts payable department to collect cash or check payments. With today’s technology, it is easy to reproduce business cards, badges, uniforms and even vehicle identification. That same thief might masquerade as one of your employees and attempt to withdraw money from your corporate bank accounts. An identity thief could republish your web site to a similar domain name, and change only the contact information.  The possibilities are frightening.

To protect against identity fraud, common sense is your best ally. Some of the top prevention measures include the following:

1.      Setting up PIN numbers on all bank accounts

2.      Using finger print or retina scan technology instead of passwords and badges to prevent access to computer systems or buildings

3.      Instruct employees not to write passwords down

4.      Force users to change passwords monthly

5.      Safeguard employee information such as social security numbers or employee numbers from non-authorized personnel

6.      Use shredders to destroy sensitive documents

7.      Reconcile all statements timely to the penny

8.      Password protect all traveling laptops at the system level.

9.      Have someone in your organization to search the internet for the use of your corporate name or the names of key individuals regularly to protect against improper use. 

Another key threat from identity theft is that of hiring a masquerading employee. Using a false identity, a thief could be hired into your organization and given access to critical systems and areas within your organization. Once trusted, this person could then arrange to steal cash and equipment, and disappear into the night. For this reason, background checks and a certain amount of due diligence work is necessary in order to verify that new hires are who they say they are. For more information on preventing identify theft, visit the Identity Theft Prevention Checklist at the following URL:

http://victimsassistanceofamerica.org/eduinfo/idtheft_prevention.cfm

Identity Theft - What To Do If It Happens To You

1. Report it to the police

2. Cancel all credit cards

3. Call fraud units - Experian, Equifax, Trans Union

4. Notify banks

5. Fill out fraud affidavits to prove innocence

6. Get a new ATM card

7. Have SSN changed

8. Notify the passport authorities

9. Report stolen checks to TeleCheck, National Processing Company (NPC), and Equifax

10. Notify postal inspector if you suspect mail theft

11. Call telephone, electricity, and gas companies and alert them

12. Change drivers license number

13. Call Consumer Credit Counseling for help removing fraudulent claims from your record 800.388.2227

14. Keep a log of all conversations you have dealing with this, including names and dates

15. Consider seeking legal counsel.

16. Pay attention to your mental health

17. Change passwords everywhere

18. Change PIN numbers

19. Change e-mail addresses

20. Use common sense

Recommendations for Preventing Identify Theft

Prevent Identity Theft
You can't guarantee that you will never be a victim, but you can minimize your risk with the following measures.

1. Big Duh - Don't give out personal information on the phone, through the mail or over the Internet (through email or online forms, or any other manner) unless you have initiated the contact or are sure you know who you're dealing with.

2. Resist Providing Personal Information - Before revealing any personally identifying information (for example, on an application), find out how it will be used and secured, and whether it will be shared with others. Ask if you have a choice about the use of your information. Can you choose to have it kept confidential?

3. Secure Your Home - Secure personal information in your home in safes that are bolted to the floor, especially if you have roommates, employ outside help, or are having service work done in your home. Securely store extra checks, credit cards, documents that list your Social Security number, and similar valuable items.

4. Fool Burglars - Don't advertise to burglars that you're away from home. Put lights on timers, temporarily stop delivery of your newspaper, and ask a neighbor to pick up any items that may arrive unexpectedly at your home.

5. Guard Your Mail – Pick up mail from your mailbox promptly. Do not send mail through your mailbox – a red flag raised on your mailbox is …well…a red flag for burglars that a check is probably waiting inside. If you're planning to be away from home and can't pick up your mail (or are called away on an unexpected business trip or family emergency), call the U.S. Postal Service at 1-800-275-8777 to request a "vacation hold" or ask your carrier or a counter clerk for a "Authorization to Hold Mail" form (PS Form 8076). You might also consider purchasing and installing a relatively secure "locking" mailbox for either city or rural use.

6. Guard Your Trash - Protect your garbage. Identity thieves rummage through trash in your trash can or at landfills looking for personal information. To thwart identity thieves, who may pick through your trash or recycling bins to capture your personal information, tear or shred your...

a.      charge receipts,

b.      copies of credit applications,

c.       insurance forms,

d.      physician statements,

e.      checks and bank statements,

f.        credit card statements,

g.      expired charge cards that you're discarding,

h.      pre-approved credit card offers you get in the mail, and

i.        any documents that contain your social security number

7. Opt-Out - If you do not use the pre-screened credit card offers you receive in the mail, you can "opt out" by calling 1-888-5-OPTOUT (1-888-567- 8688). You will be asked for your Social Security number in order for the credit bureaus to identify your file so that they can remove you from their lists and you still may receive some credit offers because some companies use different lists from the credit bureaus' lists.
   
   (If you do accept a credit card offer, be aware that some credit card companies, when sending out credit cards, have recently adopted security measures that allow a card recipient to activate the card only from his/her home phone number, but this is not yet a universal practice.)

8. Purchase a Shredder – Shredders come in a variety of styles and prices, starting with shredding scissors and exculpating to powerful shredders that can shred through binder clips.

9. Limit, protect, and be aware of the type and amount of personal data you carry around...
   
   Keep your purse/wallet and organizer/briefcase - as well as any copies you may retain of administrative forms that contain your sensitive personal information - in a safe place at work.

10. Use PINS & Passwords - Place passwords on your credit card, bank, brokerage and phone accounts. Avoid using easily available information like your mother's maiden name, your birth date, the last four digits of your SSN or your phone number, or a series of consecutive numbers. When opening new accounts, you may find that many businesses still have a line on their applications for your mother's maiden name. Use a password instead.

11.  At Work - Keep your purse or wallet in a safe place at work.

12. Monitor Bills - Pay attention to your billing cycles. Follow up with creditors if your bills don't arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks. Check your bills/statements carefully and call companies if you do not receive regular bills in a timely manner. Make it your habit to review your bank and credit card statements as soon as you receive them and report any unauthorized transactions promptly so the accounts can be closed.

13. Credit Card Photos - Some issuers of bank and/or credit cards offer the option of adding the PHOTO of the named customer on the face of the card. If your issuer(s) offer this option, TAKE ADVANTAGE. It's certainly more difficult for someone else to use a card with your photo on it.

14. Be Check Smart - When ordering new checks, pick them up at the bank, rather than having them sent to your home mailbox. Consider using only your first initial(s) rather than your full name so a thief won't know what to sign. To save time, many people have their bank print every bit of personal info they can fit on personal checks to speed up check approval in the check-out line (and minimize what they have to write-in by hand). Resist the urge. Don't put any information other than your name and address on your checks. Also, keep a close watch on your checkbook both when you're writing checks and when it is lying around.

Some thieves use cleaning solvent to remove what is already written on a check, making it payable to themselves. To make this harder, you should write checks using a pen with thick, dark ink. Draw lines to fill in gaps in the spaces where you designate to whom a check is payable and the amount.

If your checks have been stolen or misused, immediately notify your bank, place a stop payment order, and close your checking account. Also, immediately report to your bank any irregularities in your bank statements. Report mail theft or tampering to the U.S. Postal Inspection Service, which is listed in your phone book

 

15.  GUARD deposit slips as closely as you do checks. Not only do they have your name, address and account number printed on them, but they can also be used to withdraw money from your account. All a thief has to do is write a bad check, deposit it into your account and use the "less cash received" line to withdraw your money.

16. Avoid Shoulder Surfers - A "shoulder-surfing" identity thief can memorize your name, address and phone number during the short time it takes you to write a check. Also, in many public places "shoulder surfing" criminals can stand nearby and watch you punch in your phone-card number, debit-card PIN, credit card number, or even listen in on your conversation if you give your credit-card number over the phone for a hotel room or rental-car. Don't carry more checks that you need. Keep extra checks in a secure place.

 

17.  Bolster Your Insurance - ID theft already is covered under some homeowners' policies; others will add it for as little as $25 a year. A stand-alone policy costs from $60 to $200.

18. Be Careful in Job Searches - Online recruiting business giants like Monster.com, CareerBuilder.com and HotJobs.com caution users about false online job listings that are sometimes posted by identity thieves to illegally collect personal information from unsuspecting job seekers.

19. Check Your Credit Reports - Order a copy of your credit report from each of the three major credit reporting agencies every year. Make sure it is accurate and includes only those activities you've authorized.

20. Be Careful at Restaurants - When paying at stores, restaurants, and other businesses, be methodical at the payment counter, ensuring you retrieve your driver's license or other ID, credit card and your credit slip copy after your purchase. Make sure that the person you give the credit card to really is the waiter or proper person.

21. Xerox Your Wallet or Purse – Take a few minutes to make paper copies of all of the cards and IDs you carry in your wallet or purse, including the backs as they contain contact phone numbers in the event of theft. Secure the copies in a safe pace.

22.  ATM Crime - "Shoulder surfers" aren't limited to checkout stands and lines. Near ATMs, some sophisticated thieves will watch the victim use the card (perhaps using high-powered binoculars, or even hidden cameras) and learn the victim's personal identification number (PIN) and even the card number. Later, they'll steal the card or make their own and use ATMs to withdraw cash from your account. Watch for one or more persons loitering around an ATM, often in a car, behind bushes or otherwise nearby. Use your body, or cup your other hand over the keypad, to "shield" it as you enter your PIN into the ATM. Never write your PIN on the back of your card; you could lose it, and some ATM scams involve a scammer "distracting" the victim and grabbing the card before running away.

23. Drive up ATMs - If you are using a drive-up ATM, keep your engine running and be sure your passenger windows are rolled up and all doors are locked. Before you roll down your window to use the ATM, observe the entire surrounding area; if anyone or anything appears to be suspicious, drive away at once. When possible, leave enough room between cars when you're in the ATM drive-up queue to allow for a quick exit, should it become necessary.

24.  Counterfeit Cashier's Check

1.       Inspect the cashier's check.

2.       Ensure the amount of the check matches in figures and words.

3.       Check to see that the account number is not shiny in appearance.

4.       Be watchful that the drawer's signature is not traced.

5.       Official checks are generally perforated on at least one side.

6.       Inspect the check for additions, deletions, or other alterations.

7.       Contact the financial institution on which the check was drawn to ensure legitimacy.

8.       Obtain the bank's telephone number from a reliable source, not from the check itself.

9.       Be cautious when dealing with individuals outside of your own country.

25.  Credit Card Fraud

1. Ensure a site is secure and reputable before providing your credit card number online.

2. Don't trust a site just because it claims to be secure.

3. If purchasing merchandise, ensure it is from a reputable source.

4. Promptly reconcile credit card statements to avoid unauthorized charges.

5. Do your research to ensure legitimacy of the individual or company.

6. Beware of providing credit card information when requested through unsolicited emails.

26.  Debt Elimination

1. Know who you are doing business with - do your research.

2. Obtain the name, address, and telephone number of the individual or company.

3. Research the individual or company to ensure they are authentic.

4. Contact the Better Business Bureau to determine the legitimacy of the company.

5. Be cautious when dealing with individuals outside of your own country.

6. Ensure you understand all terms and conditions of any agreement.

7. Be wary of businesses that operate from P.O. boxes or maildrops.

8. Ask for names of other customers of the individual or company and contact them.

9. If it sounds too good to be true, it probably is.

27.  DHL/UPS

1. Beware of individuals using the DHL or UPS logo in any email communication.

2. Be suspicious when payment is requested by money transfer before the goods will be delivered.

3. Remember that DHL and UPS do not generally get involved in directly collecting payment from customers.

4. Fees associated with DHL or UPS transactions are only for shipping costs and never for other costs associated with online transactions.

5. Contact DHL or UPS to confirm the authenticity of email communications received.

28.  Employment/Business Opportunities

1. Be wary of inflated claims of product effectiveness.

2. Be cautious of exaggerated claims of possible earnings or profits.

3. Beware when money is required up front for instructions or products.

4. Be leery when the job posting claims "no experience necessary".

5. Do not give your social security number when first interacting with your prospective employer.

6. Be cautious when dealing with individuals outside of your own country.

7. Be wary when replying to unsolicited emails for work-at-home employment.

8. Research the company to ensure they are authentic.

9. Contact the Better Business Bureau to determine the legitimacy of the company.

29.  Escrow Services Fraud

1. Always type in the website address yourself rather than clicking on a link provided.

2. A legitimate website will be unique and will not duplicate the work of other companies.

3. Be cautious when a site requests payment to an "agent", instead of a corporate entity.

4. Be leery of escrow sites that only accept wire transfers or e-currency.

5. Be watchful of spelling errors, grammar problems, or inconsistent information.

6. Beware of sites that have escrow fees that are unreasonably low.

30.  Identity Theft

1. Ensure websites are secure prior to submitting your credit card number.

2. Do your homework to ensure the business or website is legitimate.

3. Attempt to obtain a physical address, rather than a P.O. box or maildrop.

4. Never throw away credit card or bank statements in usable form.

5. Be aware of missed bills which could indicate your account has been taken over.

6. Be cautious of scams requiring you to provide your personal information.

7. Never give your credit card number over the phone unless you make the call.

8. Monitor your credit statements monthly for any fraudulent activity.

9. Report unauthorized transactions to your bank or credit card company as soon as possible.

10. Review a copy of your credit report at least once a year.

31.  Internet Extortion

1. Security needs to be multi-layered so that numerous obstacles will be in the way of the intruder.

2. Ensure security is installed at every possible entry point.

3. Identify all machines connected to the Internet and assess the defense that's engaged.

4. Identify whether your servers are utilizing any ports that have been known to represent insecurities.

5. Ensure you are utilizing the most up-to-date patches for your software.

32.  Investment Fraud

1. If the "opportunity" appears too good to be true, it probably is.

2. Beware of promises to make fast profits.

3. Do not invest in anything unless you understand the deal.

4. Don't assume a company is legitimate based on "appearance" of the website.

5. Be leery when responding to invesment offers received through unsolicited email.

6. Be wary of investments that offer high returns at little or no risk.

7. Independently verify the terms of any investment that you intend to make.

8. Research the parties involved and the nature of the investment.

9. Be cautious when dealing with individuals outside of your own country.

10. Contact the Better Business Bureau to determine the legitimacy of the company.

33.  Lotteries

1. If the lottery winnings appear too good to be true, they probably are.

2. Be cautious when dealing with individuals outside of your own country.

3. Be leery if you do not remember entering a lottery or contest.

4. Be cautious if you receive a telephone call stating you are the winner in a lottery.

5. Beware of lotteries that charge a fee prior to delivery of your prize.

6. Be wary of demands to send additional money to be eligible for future winnings.

7. It is a violation of federal law to play a foreign lottery via mail or phone.

34.  Nigerian Letter or "419"

1. If the "opportunity" appears too good to be true, it probably is.

2. Do not reply to emails asking for personal banking information.

3. Be wary of individuals representing themselves as foreign government officials.

4. Be cautious when dealing with individuals outside of your own country.

5. Beware when asked to assist in placing large sums of money in overseas bank accounts.

6. Do not believe the promise of large sums of money for your cooperation.

7. Guard your account information carefully.

8. Be cautious when additional fees are requested to further the transaction.

35.  Phishing/Spoofing

1. Be suspicious of any unsolicited email requesting personal information.

2. Avoid filling out forms in email messages that ask for personal information.

3. Always compare the link in the email to the link that you are actually directed to.

4. Log on to the official website, instead of "linking" to it from an unsolicited email.

5. Contact the actual business that supposedly sent the email to verify if the email is genuine.

36.  Ponzi/Pyramid

1. If the "opportunity" appears too good to be true, it probably is.

2. Beware of promises to make fast profits.

3. Exercise diligence in selecting investments.

4. Be vigilant in researching with whom you choose to invest.

5. Make sure you fully understand the investment prior to investing.

6. Be wary when you are required to bring in subsequent investors.

7. Independently verify the legitimacy of any investment.

8. Beware of references given by the promoter.

37.  Reshipping

1. Be cautious if you are asked to ship packages to an "overseas home office."

2. Be cautious when dealing with individuals outside of your own country.

3. Be leery if the individual states that his country will not allow direct business shipments from the United States.

4. Be wary if the "ship to" address is yours but the name on the package is not.

5. Never provide your personal information to strangers in a chat room.

6. Don't accept packages that you didn't order.

7. If you receive packages that you didn't order, either refuse them upon delivery or contact the company where the package is from.

38.  Spam

1. Don't open spam. Delete it unread.

2. Never respond to spam as this will confirm to the sender that it is a "live" email address.

3. Have a primary and secondary email address - one for people you know and one for all other purposes.

4. Avoid giving out your email address unless you know how it will be used.

5. Never purchase anything advertised through an unsolicited email.

39.  Third Party Receiver of Funds

1.      Do not agree to accept and wire payments for auctions that you did not post.

2.      Be leery if the individual states that his country makes receiving these type of funds difficult.

3.      Be cautious when the job posting claims "no experience necessary".

4.      Be cautious when dealing with individuals outside of your own country.