Transcript Identity Theft

What is Identity Theft?
 The theft, misrepresentation or hijacking of
another person or business’ Identity
 It is a growing problem in Canada
 Fraud
 Provides an effective means to commit other
crimes using your name.
Two Main Types of Identity Theft
 Account Takeovers





Card Skimming
Non-Receipts
Card Replacements
Unauthorized Use
Phishing
 Application Fraud





Loans
Bank Accounts
Credit Cards
Mortgages
Cell Phones
How Does It Happen?
 Fraudsters are
innovative
 Happens though
computer use, email,
snail mail, transactions
over the phone, even
material taken from
your trash!
 Consumer is not aware
of potential fraud
What Can You Do?
 Protect yourself
 Minimize the chances of having your identity
stolen
 Be Aware of what is happening
 Be A smart consumer
 Stay one step ahead and protect yourself
The Less Information that’s out there
the better!
 Carry only the cards you need in your wallet. Leave extra
credit cards, social insurance cards locked up at home.
 Make a copy of all of your cards and lock the copy up in
your house.
 Don’t let a store clerk write down your credit card #
 Don’t print your SIN or Drivers License # on your cheques
 When asked for your SIN always ask if you can provide
another number
 Don’t Use ATM tellers from financial institutions you don’t
recognize.
Protect yourself at work
 Keep your purse/wallet locked up at the office at all times.
 Workplace theft is more common than most people realize
 Ask your employer for a safe place to lock up your things if
one is not provided for you.
 Ask your employer about security procedures for personal
files
 DO NOT log onto personal financial websites using
company computers.
 DO NOT set passwords to auto remember.
 And do not store personal information in your desk or on
your office computer at work.
Protect yourself at home
 Protect your mail, get a locked mail box
 Never have new cheques sent to your home
in the mail. Pick them up from the bank
 Buy a shredder to shred personal
documents
 Check your credit report at least once a year
 Keep your personal information in a locked
room or a filing cabinet.
A review of the problem
• What is the problem?
– Fastest growing crime in the country
– 25 million victims, 10 million in 2004
– Sheer numbers swamp law enforcement
8
Further thoughts on the problem
• What’s the harm?
– 600 hours spent to restore identity and
credit
– $1,400 out-of-pocket costs to victim
– $16,000 in lost productivity of victim
– $40,000-$92,000 business community
losses per stolen identity
Source: Identity Theft Resource Center
9
How do they get the
information?
•
•
•
•
•
•
Dumpster divers
Mail thieves
Burglary and personal theft
Insider compromises
Phishing
Internet sources and hacking
10
How can I protect myself?
• Place passwords on credit card,
bank, & phone accounts
• Don’t use your mother’s maiden
name, birth date, last 4 digits of
SSN, or phone number
• Secure personal info in your home
• Shred all documents containing
your personal info
11
How can I protect myself?
(continued)
• Drop outgoing mail in a USPS box, not
your home mailbox
• Limit the number of credit cards you carry
• Don’t carry your Social Security card
12
Web site links
• Web site provides links to federal and
state resources for additional info on ID
theft
– www.idtheftcenter.org
– www.consumer.gov/idtheft
• To opt out of prescreened credit card
offers by phone, call toll-free 1-888-5OPT-OUT
– www.privacyrights.org
13
Additional Web site links
• Information on state laws, forms, and
prevention checklists for businesses
– www.idtheftcenter.org
• For identity theft brochure re: banking
industry
– www.bos.frb.org/consumer/identity/idtheft.h
tm
14
20 U.S.C. § 1097 [Title IV, HEA]
• Any person who knowingly and willfully
embezzles, misapplies, steals, obtains by
fraud, false statement or forgery, or fails to
refund any funds, assets, or property
provided or insured under [Title IV, HEA]
or attempts to so embezzle, misapply,
steal, obtain by fraud, false statement or
forgery, or fail to refund any funds, assets,
or property, shall be fined…or
imprisoned…
15
Tools used to commit identity
theft of federal student aid
funds
• computer
• online application process for FSA
funds
• online enrollment
• identity of another person
• fake identification documents
16
Protecting others from identity
theft
•
•
•
•
•
•
•
Properly handle documents
Shred sensitive info
Use key identifiers instead of the SSN
Password-protect sensitive info
Audit access
Review access privileges
View info on computers in the same
manner as paper documents – is it
secure?
17
Protect Yourself Online
 Use A Firewall – this will prevent Phishing
attempts
 Choose good passwords – Use an alpha numeric
password and change them frequently
 Choose a good username – do not use your email
address as a username (Hannah1199)
 Beware of Phishing – Pay Pal/Best Buy/EBay/RBC
etc
What does Phishing Look Like?
Signs that you may be a Victim
 A bank or cell phone company contacts you
about suspicious transactions
 You start receiving suspicious calls for more
information about yourself
 A collection agency calls you about
 an unknown debt
 Unknown items appear on one
 of your statements
Source: Consumer Measures Committee
 You are denied credit for unknown
reasons
 Bills and statements are not arriving in
the mail
 Your credit report has unknown or
inaccurate entries
 Bills or statements arrive for unknown
accounts
Source: Consumer Measures Committee
Current Threats
 The Prize Pitch:
– Remember that you should never have to buy
anything to win a prize in a contest
– Be careful of the sweepstakes contest, you will
be contacted by a judge border services person
or a lawyer. They will tell you that the money
must be sent up front for tax reasons.
Current Threats
 Emergency or Grandparent Scam
– Happens over the phone
– May use accident or travel as an excuse
– 2 methods used
 1) typical:
 Do you know who this is?
 don’t tell anyone!
2) email
a hijacked account is used to ask friends or family to
send money.
The results of the scam
 By the end of October 2009:
– Grandparent scam had 278 failed attempts
– Had 88 Successful attempts total loss reported
= $317,732.63 Average of $3,610 per victim.
 In 2008 total loss on the same scam was
$157,452
 December 2009 OPP warns of the scam
What do you do if you are a Victim?
Contact police – file a police report
Notify the Credit Bureaus – Equifax, Trans Union
Contact your banking institution
Contact Phone Busters – 1.888.495.8501 or on the web
at www.phonebusters.com
 Investigate new accounts – review your credit report
 Check your Address – check with Canada Post to see if
there was a change of address reported. Notify them that
you are a victim
 Check your passport – check with passport Canada to be
sure no one has applied for a new passport under your
name. you can visit their website at www.ppt.gc.ca or call
1.888.567.6868




What Can be Done?
• Be suspicious of any e-mail with
urgent requests for personal financial
information
– Unless e-mail is digitally signed, you
can't be sure it wasn't forged or
“spoofed”
– Phishers typically include upsetting or
exciting (but false) statements in e-mails
to get people to react immediately
26
What Can be Done? (continued)
– They typically ask for info such as
usernames, passwords, credit card
numbers, Social Security numbers, etc.
– phisher e-mails are typically NOT
personalized, while valid messages from
your bank or e-commerce company
generally are
27
Phishing Prevention
• Don't use links in an e-mail to get to any
Web page if you suspect the message
might not be authentic
– instead, call the company on the telephone or
log onto its Web site directly by typing in the
Web address in your browser
28
Phishing Prevention (continued)
• Avoid filling out forms in e-mail messages
that ask for personal financial information
– you should only communicate information
such as credit card numbers or account
information via a secure Web site or the
telephone
29
Phishing Prevention
• Always ensure you're using a
secure Web site when submitting
credit card or other sensitive
information via your Web browser
– to make sure you're on a secure Web
server, check the beginning of the
Web address in your browser’s
address bar - it should be "https://"
rather than just "http://"
30
Phishing Prevention (continued)
• Consider installing a Web browser tool bar
to help protect you from known phishing
fraud Web sites
31
Phishing Prevention
• Regularly log into your online accounts
– don't leave it for as long as a month before
you check each account
• Regularly check your bank, credit and
debit card statements to ensure that all
transactions are legitimate
– if anything is suspicious, contact your bank
and all card issuers
• Ensure that your browser is up to date and
security patches applied
32
Other Actions
•
•
•
•
Spam filters
Personal firewalls
Trust tool bars
Spoof protection software
33
Other Actions (continued)
• Always initiate the transaction
– even if a phishing message is
delivered, verify by logging to the
home page directly rather than
clicking the URL in the e-mail
• When in doubt always first give a
wrong password
– the legitimate URL will reject it; the
phished one will accept it
34
Cyber Bullying and Ethics
• Cyber bullying is the electronic posting of
mean-spirited messages about a person,
often done anonymously
• Cyber ethics help Internet users
understand what type of online behavior is
right and wrong
• Cyber bullying and poor cyber ethics are
threats many teens and young adults face
not from strangers, but from their own
peers
Cyber Predators
 Cyber predators are people who search online for other people in
order to use, control, or harm them in some way
 Cyber predators target teens and young adults – both male and
female – on a regular basis, regardless of whether or not the victims
are 18 or above
 Social networking sites enhance a predator’s ability to target young
Americans, especially if they share personal information in your
profile
– 91% of young adults say they are social networking “friends” with people
they don’t know well*
 You never know who is behind the screen, so protect yourself and
your personal information
 If you are being targeted or harassed online, you should notify your
family or the proper authorities
* Source: http://www.staysafeonline.org/sites/default/files/resource_documents/Cyber%20Education%205.3.11%20PDF.pdf
Cyber Bullying
• Whatever anyone posts online about
another person can be spread virally,
resulting in serious, unwarranted damage
to an individual’s reputation or personal
well-being
Cyber Bullying
• Avoid being a cyber bully and practice
good cyber ethics by:
– Following the “golden rule” online and in real
life – be nice
– Not saying or doing anything online that you
wouldn’t do in person
– Owning what you say and do online
Reducing risk
• We never know who is looking in our trash
• Shred sensitive documents
• Secure shred barrels and make sure that
proper handling procedures are in place
39