Volume 5, Issue 5
Identity Theft - pdf
From the Desk of William F. Pelgrin, Chair
What is Identity Theft?
Identity theft is a crime in which your personal information such as your name, social security number, date of birth, and address is stolen and may be used by someone to assume your identity, often for the purpose of financial gain. It is also referred to as "identity fraud" when the stolen identity is used to impersonate the victim. Methods a criminal may use to steal your data over the Internet include hacking or using spam and phishing. Social media sites and file sharing can be prime targets for identity thieves, since users often make the assumption of a trusted environment, sharing personal information without understanding the consequences.
Identity theft is not just a risk for those who use the Internet. Criminals can obtain information by sorting through garbage, eavesdropping, stealing wallets, picking up receipts at restaurants, and other means.
Once enough information is gathered, criminals may open new credit card accounts, apply for loans, empty your bank accounts, make charges on your credit card, or develop fake forms of identification.
Identity thieves will not always use the information themselves. They may sell it to underground markets for financial gain.
What can I do to protect my identity?
There are security and privacy concerns that must be considered before moving to cloud computing, including the following:
- Ensure that any computer used to connect to the Internet has proper security measures in place. Use and maintain anti-virus software and keep your application and operating system patches up-to-date.
- Do not follow links provided by unknown or un-trusted sources.
- Do not open e-mail attachments from unknown users or suspicious e-mails from trusted sources.
- If you employ file sharing programs, check the configuration settings to ensure you are not inadvertently sharing your personal information.
- Be careful what personal information you distribute, particularly on social networking sites, and continuously check to see what information others may be posting about you. Also verify your privacy settings to ensure you are not inadvertently sharing your personal information.
- Check your credit reports from all three major credit bureaus (Equifax, Experian, and TransUnion) at least once a year. You are entitled to one free credit report from each bureau every year. You may wish to stagger your requests to check a different credit bureau every four months.
- Guard your personal information, including your social security number. Don't carry your social security card with you, and don't provide your social security number to anyone unless they have a legitimate need for it.
- Don't put your social security number or driver's license number on your checks.
- Be aware of your surroundings when providing personal information orally. Watch for eavesdroppers.
- Properly discard hard copy documents containing personal information. A crosscut paper shredder works best.
What do I do if my identity has been stolen?
The first step is to notify your bank, and any other entities with which you have accounts, to inform them that someone may be using your account fraudulently. File a report with your local police and report the event to the Federal Trade Commision. It is helpful to have your financial statements available to better explain your situation.
Contact all three major credit bureaus to request a credit report, and have a fraud alert or a credit freeze placed on your credit reports to prevent accounts from being opened without your permission.
Continue to monitor all of your accounts for any suspicious activity.
- Multi-State Information Sharing and Analysis Center
www.msisac.org/webcast/2006-02/info/resourses.cfm || www.msisac.org/webcast/2006-02/
- Federal Trade Commission
- Identity Theft Resource Center
- Test your Identity Theft Knowledg
- National Cyber Security Alliance
For more monthly cyber security newsletter tips visit: www.msisac.org/awareness/news/
The information provided in the Monthly Security Tips Newsletters is intended to increase the security awareness of an organization's end users and to help them behave in a more secure manner within their work environment. While some of the tips may relate to maintaining a home computer, the increased awareness is intended to help improve the organization's overall cyber security posture. Organizations have permission--and in fact are encouraged--to brand and redistribute this newsletter in whole for educational, non-commercial purposes.