100 likes | 164 Vues
Keeping Your Identity Your Own. Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005. The Range of Dangers. Fee fraud hoax ShareYourExperiences.com and Word-of-Mouth.org Work from home scam Phishing Pharming Evil Twins. Types of Data Compromise. Data loss
E N D
Keeping Your Identity Your Own • Amy Ginther, Project NEThics Coordinator • OIT Town Meeting • August 24, 2005
The Range of Dangers • Fee fraud hoax • ShareYourExperiences.com and Word-of-Mouth.org • Work from home scam • Phishing • Pharming • Evil Twins
Types of Data Compromise • Data loss • Data theft • Identity theft
How to Identify Scam Messages • Fraudulent messages only offer one means of communication with the company. • Look for awkward writing, grammatical and spelling errors in messages—they abound! • Fraudulent messages begin with a general greeting; you are not identified by name; messages may be directed to multiple addressees • Dangerous messages may contain attachments that load software to enable thieves to record your keystrokes
PayPal notice “…and we have reasons to belive that your account was hijacked by a third party” “If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.” PayPal logo on legitimate Web site (http://www.paypal.com/) always appears with trademark http://www.citibank.com/us/index.htm Legit?
Additional Tips to Avoid Victimization • Don’t react to the urgent or obligatory nature of the message • Don’t click on links to reach a company…they can take you to an illegitimate site. Instead, type the URL into a browser window to go to a secure (https) site. • Your legitimate service provider should require you to authenticate using an established user ID and password to login • To avoid connecting to evil twin, turn off Wi-Fi function when not in use
Steps to Take if You Become a Victim • 1. Contact your creditors and banks immediately. • 2. Begin keeping records • 3. Flag your credit file for fraud. Go to • http://www.consumer.gov/idtheft_old/index.html • 4. Review your credit reports • 5. Report the crime • 6. Address public record errors
What Compromised Agency Should Do • Communicate with you • Explain the nature of compromise and the likelihood of data theft • Advise you of steps to take (fraud alert) • Web site for more information and other resources • How to expect that you will be contacted • Do not release personal information in response to contacts which you have not initiated • Steps agency has taken to mitigate situation, protect information
Other Self-Protection Strategies • Next time you have checks printed, have only your initials and last name printed on them; have them sent to your bank for pickup • Do not sign the back of your credit cards; instead, write “Photo ID Required” • Do not put the full account number on the “for” line of your checks when paying bills, just use the last four numbers • Put your work phone on your checks instead of home phone • Photocopy the contents of your wallet