Identity Theft is a crime in which an impostor obtains key pieces of personal identifying information such as Social Security numbers and driver's license numbers and uses them for their own personal gain. This is called ID Theft.
Worst Case Scenario • Someone has stolen your identity and without your knowledge has…. been married several times without any divorces, bought a home and is delinquent on payments, maxed out several credit cards in your name, subscribed to a kiddie porn site, purchased a car and been involved in a serious accident, gave your name on the police report, filed a false claim with the insurance company, applied for several years of bogus refunds from the IRS, asked for Social Security disability payments, made threats against the government and got you on the “no-fly” list.
How can your identity be stolen? • There are many ways. Half of all identity theft victims have no idea how their identity was stolen. • But from the other half who think they know how their identity was stolen, we can learn some valuable lessons. • Many of the fears listed in the public press are not major causes of identity theft
If your Identity is stolen… • The best single reference and guide for what you need to do is • The Identity Theft Recovery Kit • Free PDF download from www.spendonlife.com/idtheftkit • I suggest you download a copy, print it out and store it somewhere you can find it.
Sources of identity theft in 2003 to 2006 • Online transactions – 1/3 of 1 % • Garbage or dumpster diving – 1% • Phishing – 3% • Spyware on home computer 5% • Misuse of data in-store or in a telephone transaction - 7% • Stolen mail – 8%
Sources of identity theft in 2003 to 2006 • Theft by an employee – 15% • Someone in the home – 15% • Loss of a purse, wallet, checkbook – 30% • However, the percentages are changing with increasing incidents coming from phishing, spyware, and hacking into commercial computers.
Financial fraud comes in two categories • Existing accounts which are compromised • Protect yourself by examining your bank and credit card statements carefully each month for suspicious activity. • Newly created financial accounts of which you are not aware. • Protect yourself with free credit reports and/or a credit freeze.
A special agent for the FBI announced the arrest of an employee for AIG who stole a computer server with the personal information for over 900,000 policy holders.
Facebook Accounts • Stolen accounts of Facebook users are now on sale in high volume on the black market. • iDefense tracked an effort to sell log-in data for 1.5 million Facebook accounts on several online criminal marketplaces. • The offers were to sell bundles of 1,000 accounts with 10 or fewer friends for $25 and with more than 10 friends for $45, • The case points to a significant expansion in the illicit market for social networking accounts
The Kneber botnet, a new form of malware which has so far infected over 74,000 computers worldwide and has attacked over 2,500 corporate accounts. • The botnet extracts name, address, social security number, credit card number and other sensitive information stored on company computers. • Merck & Co., Paramount Pictures, Juniper Networks and Cardinal Health are among some of the companies hit by the botnet.
A woman exploited a loophole in D.C. tax office online systems to gain access to taxpayer accounts, establish herself as the owner of dozens of businesses and filed returns on their behalf. • Within 48 hours she was able to establish herself as the owner of the 76 businesses and gain access to their business accounts.
Who are these thieves? • Organized Crime in the US, Russia & China • Narcotics users - strong link to meth addicts • Opportunists who see an opening • Desperate people taking desperate actions • Family members or someone close to you
Total security isn’t possible • Your credit card number is stored in the computers of dozens of businesses, and even large businesses can’t keep out hackers. • When you hand over your credit card to your waiter, everything needed for credit card ID theft is out of your sight for several minutes. • Expect identity theft and be ready to react
Types of vulnerabilities • Home Computer -Electronic access to your computer by virus, worms, trojans, keystroke recorders, and other types of malware. • Business computers – your information can be accessed by employees and hackers. • Physical access to your financial information at home and while traveling.
Credit card records stored by companies with which you do business • You have no way of determining how effective security is at Joe’s Online Books or Aunt Judy’s Fashion Boutique, or Pottery Barn, or Nordstrom's. • Larger companies probably have better security, but they are also more lucrative targets.
What can I do? • When ordering over the internet or the phone, one safeguard is to not leave behind your credit card number on the merchant’s computer. • Alternative payment options such as PayPal, Bill Me Later, Checkout by Amazon, eBillme or Google Checkout do not leave behind your credit card data. • Since the merchants never see your credit card number, they can’t store it.
“One Time Use”Credit Card Numbers( also called virtual or disposable numbers) • Citibank, American Express, MBNA, and Discover, have a service that provides a valid acceptable credit card number which is linked to your real credit card number……but can only be used one time • If this “One Time Use” number is hacked from the merchants computer, it can’t be used.
Virtual Cards • Not for ordering theatre tickets for pick up– they want to see the plastic card to confirm identity. • Also not good for airline, hotel, or rental car reservations who want to see the plastic card. • But for all other kinds of online purchases, they are an excellent option to prevent identity theft. • They are also very useful for subscriptions that want to “auto-renew” your subscriptions each year unless you tell them not to. When they try to auto-renew you, the number won’t work.
How To Use A Virtual Credit Card after you enroll in the program • Open the credit card program on your computer, enter your passwords, and get an image of a credit card on screen. • The screen credit card has your name, an expire date, and a 3 digit security code, just like a physical credit card would have
Keep your credit card numbers out of business computers • Some merchants will ask if you want your information retained on their computers • Or, they will ask if you want your credit card number retained in their files. • If you say “NO” you will have to give the information again next time you purchase from the site, but your credit card number will not be compromised if their computer gets hacked.
Physical Loss • Don’t carry every credit card you own. If you lose your wallet or purse you will have to cancel all that were lost, leaving you with no credit cards for some period of time. • Have your spouse carry different credit cards than the ones you carry. If one of you lose a wallet you will have to cancel those cards, but your spouses’ cards will still work. • Notify your credit card company before traveling overseas and have the phone numbers to cancel the cards you do carry. • Never write down PIN numbers and passwords and carry them in your wallet. • Medicare cards still show Social Security number?
Debit Cards • If your debit card is lost or stolen, report it immediately by phone then follow up with notification in writing. Federal law limits your liability to $50 if you report your loss promptly. • Keep receipts and compare them with your bank statements, and immediately report any discrepancies.
Credit Cards • If a thief gets his hands on your credit cards, not only can he use those to the maximum but he can also use the information on each one to create multiple new accounts in your name. • As many identity theft victims already know, the damage that can be done once new accounts are opened in your name is far greater and takes far longer to rectify.
Physical Security • Although locally there is not much identity theft from people sifting though trash, it can’t hurt to shred documents containing • Bank account numbers • Brokerage account numbers • Your social security number • Credit Card offers • When mailing checks, use a secure mailbox to mail them.
Physical Security • Although it is not widely known, you are at some risk of identity theft by using large copiers at work or at locations like Kinko’s • Large commercial copiers have a hard drive that retains a copy of every document which is copied on the machine • Often these hard drives are not wiped clean before the copier is resold. • Personal copiers at home are safer for making copies of your tax returns, etc.
Pre-approved credit card offers are a risk • If you don’t want the three major credit bureaus selling your name to advertisers and credit card companies you can call 888-567-8688 and “opt out” for 2 years. • Or, for an even wider net to remove junk mail - Google for “Stop My Junk Mail Now” from the Privacy Council
Physical Security • When people are going to be in your home • Lock up your wallet, credit cards, check book and financial documents in a file or drawer. • Turn off, or password protect your computer • Information theft often occurs from documents laying about in the home. • It can be your housekeeper, your electrician, your neighbor, your nephews girlfriend, or someone close to you.
Hello Mr. Smith, I’d like to talk to you about your unpaid bill with Mellon Bank • Often this is the first indication you have a problem….particularly if you don’t have an account with Mellon Bank • Someone may have taken out a credit card in your name and had the statements sent to a different address so you won’t find out about the existence of the card.
Unknown Credit Cards • Because the statements demanding payment are mailed to another address you never receive them. • When the bank finally turns over the delinquent account to a credit collection agency, they use your name and “former address” to track you down and call you. • This type of identity theft is very hard to protect yourself against.
What you can do • 3 times a year, get a free credit report from the 3 major credit rating agencies and look over the statement closely for any activity that seems suspicious. • Enroll in a service that monitors these three agencies and sends you information about anything unusual occurring in your name.
Free Credit Report.com IS NOT FREE • Heavily advertised on TV, FreeCreditReport.com is very misleading in it’s name and advertising. • The free credit reports which are provided under federal law are found only at AnnualCreditReport.com • Free Credit Reports.com will send you one “free credit report” but also signs you up for a $15 a month reporting service.
Identity Protection • There are many companies now offering Identity Protection Services or Insurance for a monthly fee. • These services may be of value but you need to research the offerings carefully • One summary of these services can be found at http://www.nextadvisor.com/identity_theft_protection_services/compare.php
Suits over ID Theft Protection Claims Settled • Mar 10, 2010 Lifelock Identity Theft Protection agreed to pay $12 million in fines by FTC. Will no longer be able to make claims of absolute protection against identity theft. • In a separate article it was revealed the identity of the founder (who posted his social security number on a billboard in Times Square) has been stolen 13 times.