Identity Theft is a form of stealing someone's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name.
Types of Identity Theft
- Dumpster Diving – Thieves rummage through trash cans for pieces of personal information that they can use or sell.
- Mail Theft – Thieves steal from unattended/unlocked mailboxes to obtain pre-approved credit offers, bank statements, tax forms, and/or convenience checks.
- ATM Theft, Skimming – Thieves secretly attach electronic devices on an ATM to capture numbers when customers swipe their cards. This may include a tiny camera to record the PIN number a customer enters for the transaction.
- Spyware/Malware – Cyber-thieves use a software application that can be remotely installed on your computer without you knowing. This special snoop ware lets the thief access everything you do online. Be wary of email attachments and websites you don't know.
- Online Data – Thieves have purchased sensitive personal information about someone (e.g., name, address, phone numbers, Social Security Number, birth date, etc.) from an online broker.
- Email Fraud and Phishing Scams – Emails in which identity thieves want you to "verify" information or otherwise divulge personal data.
Tips to Avoid Identity Theft
When creating passwords and PINs (personal identification numbers) do not use any part of your Social Security number, birth date, middle name, wife's name, child's name, pet's name, mother's maiden name, address, consecutive numbers, or anything that a thief could easily deduce or discover.
Store personal information in a safe place and shred or tear up documents you don't need. Destroy charge receipts, copies of credit applications, insurance forms, bank checks and statements, expired charge cards and credit offers you get in the mail before you put them out in the trash.
Order a copy of your credit report from the three credit reporting agencies every year and make sure all the information is correct especially your name, address, and Social Security number. Look for indications of fraud, such as unauthorized applications, unfamiliar credit accounts, credit inquiries and defaults and delinquencies that you did not cause.
Never give your credit card number or personal information over the phone unless you have initiated the call and trust that business.
Shred all old bank and credit statements and "junk mail" credit card offers before trashing them. Use a crosscut shredder. Crosscut shredders cost more than regular shredders but are superior.
Emails requesting personal information, or to verify an account, is usually a scam. Do not open an email that is offering a prize or respond to an email that states your bank needs to verify/re-open a service within a specific time or close your account.
Make sure your computer has virus and spyware protection programs installed, and keep up with software updates. Before entering username and password information, make sure the website's URL begins with "https" rather than "http". (It's okay if a site's homepage begins with "http", but "https" should be present on pages where you log on.)
Identity Theft Repair Process
A fraud alert lets creditors know to contact you before they open any new accounts or change your existing accounts. Contact any one of the three major credit bureaus using the information listed below; the company you contact is required to notify the other two, which will place an alert on their versions of your credit report as well.
If you do find suspicious activity on your credit reports, call your local police or sheriff's office and file a police report of identity theft. Get a copy of the police report. You may need to give copies of the police report to creditors to clear up your records. You may also wish to file a complaint online with the FTC or 1-877-ID-THEFT (438-4338). Your complaint will be added to the FTC's Identity Theft Data Clearinghouse, where it will be accessible to law enforcers for their investigations.
Print and complete the Affidavit found here.
Contact other Agencies you may need to advise of your identity theft. Some of these organizations include Insurance Carrier, Postal Inspection Service, Department of Motor Vehicles, Social Security Administration, Utility Service, and U.S. Department of State.
Once you have completed the steps above, be attentive in checking your credit reports and monitoring your account statements.
Social Engineering is the practice of deceiving someone, either in person, over the phone, or using a computer, with the express intent of breaching some level of security either personal or professional. Social engineering techniques are considered con games which are performed by con artists. The targets of social engineering may never realize they have been victimized.
Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about personal or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly
- If you need to update your information online, use the normal process you've used before, or open a new browser window and type in the website address of the legitimate company's account maintenance page.
- If you've been victimized by a spoofed e-mail or web site, you should contact your local police or sheriff's department, and file a complaint with the FBI's Internet Fraud Complaint Center.