10 Ways to protect yourself from identity theft

advertisement
Why protecting your personal information is
important
David A. Streat
Statement of the Problem
Today private companies, government agencies and other
organizations large and small are spending an enormous
amount of time and money to protect growing collections of
information and data. All the while, hackers, identity
thieves, and terrorists remain one-step ahead of information
security experts and information protection programs. As
dependence on technology and the internet increases,
information security experts fight an uphill battle to contain
the overwhelming proliferation of identity theft schemes
(Streat, 2010, p. 3).
2
Identity Theft Definition
The 1998 Federal Identity Theft and Assumption
Deterrence Act considers an individual to commit an
act of identity theft when he or she “knowingly
transfers or uses, without lawful authority, a means of
identification of another person with the intent to
commit, or to aid or abet, any unlawful activity that
constitutes a violation of Federal law, or that
constitutes a felony under any applicable state or local
law” (18 U.S.C. 1028, Pub. Law 105-318, 112 Stat.
3007).
/
3
Early Days of Identity theft
- Impersonating Someone Else
- Pickpocketing
- Phone Scams
- Dumpster Diving
- Stealing Mail
- Counterfeiting and forgery
Identity Theft Laws
• Arizona was the first state to adopt an identity theft law in 1996.
• Identity Theft and Assumption Deterrence Act, 1998
This law was one of the first federal laws to single out identity theft. It specifically
singles-out identity theft in two distinct ways. First, it strengthens laws related to
identity theft and second, it focuses on consumers as the victims of identity theft.
• Fair and Accurate Credit Transactions Act, 2003
This law was enacted December 4, 2003 to amend the Fair Credit and Reporting Act
(FCRA) of 1970. FCRA is a law that outlined how an individual’s credit
information could be used by businesses.
• Identity Theft Enhancement Act, 2004
This law was enacted July 15, 2004. It was designed to establish penalties for those
committing aggravated identity theft. It is divided into four areas called sections that
addressed protection for all consumers particularly identity theft victims.
5
Statistical Analysis
• Victims
There were 10 million victims of identity theft in 2008 in the United
States (Javelin Strategy and Research, 2009).
1 in every 10 U.S. consumers has already been victimized by identity
theft (Javelin Strategy and Research, 2009).
1.6 million households experienced fraud not related to credit cards (i.e.
their bank accounts or debit cards were compromised) (U.S.
Department of Justice, 2005).
Those households with incomes higher than $70,000 were twice as
likely to experience identity theft than those with salaries under
$50,000 (U.S. DOJ, 2005).
7% of identity theft victims had their information stolen to commit
medical identity theft.
6
Statistical Analysis Continued
• Discovery
38-48% discover someone has stolen their identity within three months, while 9-18%
of victims don't learn that their identity has been stolen for four or more years
(Identity Theft Resource Center Aftermath Study, 2004).
50.2 million Americans were using a credit monitoring service as of September 2008
(Javelin Strategy and Research, 2009).
44% of consumers view their credit reports using AnnualCreditReport.com. One in
seven consumers receive their credit report via a credit monitoring service.
(Javelin Strategy and Research, 2009).
7
Statistical Analysis Continued
• Recovery
It can take up to 5,840 hours (the equivalent of working a full-time job for two years) to
correct the damage from ID theft, depending on the severity of the case (ITRC Aftermath
Study, 2004).
The average victim spends 330 hours repairing the damage (ITRC Aftermath Study, 2004).
It takes 26-32% of victims between 4 and 6 months to straighten out problems caused by
identity theft; 11-23% of victims spend 7 months to a year resolving their cases (ITRC
Aftermath Study, 2004).
25.9 million Americans carry identity theft insurance (as of September 2008, from Javelin
Strategy and Research, 2009).
After suffering identity theft, 46% of victims installed antivirus, anti-spyware, or a firewall
on their computer. 23% switched their primary bank or credit union, and 22% switched
credit card companies (Javelin Strategy and Research, 2009).
Victims of ID theft must contact multiple agencies to resolve the fraud: 66% interact with
financial institutions; 40% contact credit bureaus; 35% seek help from law enforcement;
22% deal with debt collectors; 20% work with identity theft assistant services; and 13%
contact the Federal Trade Commission (Javelin Strategy and Research, 2009).
8
The importance of the study
• Privacy invaded
• Suffering the psychological trauma of having your
reputation ruined
• Incurring financial liabilities
• undergoing tremendous transaction costs to restore your
name.
• During 2007, the FTC received 813, 899 consumer fraud
and identity theft complaints, an increase of 21% over 2006
(Swartz, 2009, p. 38).
9
Information Management
• Thieves do not need your credit card number in order to steal it.
• All they need is one piece of information about you and they can easily gain access
to the rest.
• The nonfinancial personal information you reveal online is often enough for a thief.
• Be careful of seemingly innocent personal facts that a thief could use to steal your
identity. For example, never list your full birthday on Facebook.
• Be careful with your snail mail.
• For example, follow your snail mail carefully. Check your bills and when you order
checks, pick them up at the bank instead of having them delivered to your mailbox.
• Remove all bank and credit card statements each month, preferably once a week.
• Watch for charges for less than a dollar or two from unfamiliar companies or
individuals.
• If an ATM or store terminal looks funny, do not use it.
• The mouth of the receptacle on an ATM machine should be flushed with the
machine or have only a very slight lip.
10
Information Management
• Identity thieves love travelers and tourists.
• Be alert to strangers hanging around whenever you use your credit card at an ATM
or phone. Also, try to avoid public wireless internet connections unless your laptop
has strong security activated.
• There are a few simple things that you can do to protect your credit card if it falls
into the wrong hands. “Sign your credit card with a Sharpie so your signature can
not be erased and written over.” Also keep the “please activate sticker on it.”
• Pay attention at the checkout line.
• If a cashier or salesperson takes your card and either turns away from you or takes
too long to conduct what is usually a normal transaction, she/he may be scanning
you card into a handheld skimming terminal to harvest the information.
• Go paperless in as many ways as possible.
• Cut back on the mail you receive from banks and financial organizations by
discontinuing paper bills and statements.
• Identity theft insurance can pay off, but you need to read the fine print.
11
24 Step Recovery
• Step 1: Take a deep breath and act rather than react.
• Step 2: Limit further disclosure of personal information.
• Step 3: Change all passwords that you use online as you
walk through the next 21 steps.
• Step 4. Place a fraud alert on your credit reports.
• Step 5. Obtain copies of your credit reports when you file
the fraud alert.
• Step 6: Create an ID Theft Report with attached Fraudulent
Account Statement.
• Step 7: Report stolen checks, and close unauthorized
checking and savings accounts.
12
24 Step Recovery Continued
• Step 8: Begin to call companies for any information that can
help you prove your identity theft.
• Step 9: Close the accounts that you know, or believe, have
been tampered with or opened fraudulently.
• Step 10: Contact all your other creditors to notify them
about the theft.
• Step 11. Report stolen ATM, debit, prepaid, gas station,
phone, department store, or any other cards.
• Step 12. Contact the Social Security Administration.
• Step 13: Notify the U.S. State Department about lost or
stolen passports.
13
24 Step Recovery Continued
• Step 14: File a complaint with the Federal Trade
Commission.
• Step 15. File a report with your local police or the police in
the community where the identity theft took place.
• Step 16: Find all your bills.
• Step 17: Question any callers who want your information.
• Step 18: Begin to block information from your credit report.
• Step 19: Stop businesses that may report information about
you to a Credit Reporting Agency.
• Step 20: Contest bills.
14
24 Step Recovery Continued
• Step 21: Expect to deal with false civil and criminal judgments.
• Step 22: Seek legal advice.
• Step 23: Secure all your personal information.
• Step 24: Don't leave a stone unturned.
• (Retrieved November 20, 2009 from
http://www.yourcreditadvisor.com/blog/2007/03/your_identity_h.html
).
15
References
Buell, D. & Sandhu, R. (2003). Identity management. IEEE Computer Society, 1-3.
Collins, J. M. (2003). Business identity theft: The latest twist. Journal of Forensic Accounting 1524-5586
(4), 303-306.
Eloff, J. (2003). Information Security Management- A new paradigm. Proceedings of SAICSIT, 130-136.
Holtfreter, R. E. & Holtfreter, K. (2006). Gauging the effectiveness of US identity theft legislation. Journal
of Financial Crime. (13)(1), 56-64.
Milne, G. R. (2003). How well do consumers protect themselves from identity theft? The Journal of
Consumer Affairs, (37)(2), 388-402.
Newman, G. R., & McNally, M. M. (2005). Identity theft literature review. Retrieved from
http://www.uspi.org/identity%20theft.pdf
16
Download