michelle brown worked in the banking industry heidi ille (not connie) and michelle were complete...
TRANSCRIPT
Identity Theft
Michelle Brown Case
Michelle Brown worked in the banking industry Heidi Ille (not Connie) and Michelle were complete
strangers and looked nothing alike. Heidi got Michelle’s info from a rental application at a
property management office. Heidi was an acquaintance of the landlord.
Heidi racked up $50,000 in credit card bills issued to Michelle Brown.
Michelle never met Heidi. Heidi did serve time in state and federal prison, but not for
identity theft—for the drug smuggling. When Heidi was booked in federal prison, she was booked
under Michelle Brown’s name and wrote letters as Michelle Brown—crazy! The prison system did eventually get the name corrected.
Identity Theft and Children
http://www.youtube.com/watch?v=jFxfjRYpbb0
Video Questions
http://www.youtube.com/watch?v=ZU39Jo8R_TY&feature=related
How identity thieves get your personal information
Steal wallets/purses containing ID and credit cards Steal your mail Complete a change of address form to divert your
mail to another location Dumpster diving (gross!) Find personal information you share on the Internet Pay store employees for information off your credit
card application Phishing
Identity Theft and Credit Card Fraud (cont.)
Online Techniques used to steal personal and financial information Phishing - e-mail fishing for personal and
financial information disguised as legitimate business e-mail
Pharming is a hacking technique that tampers with the domain-name server system so that traffic to a Web site is secretly redirected to a different site altogether.
To help avoid pharming, make sure the Web site has a valid certificate of authority, from a service like VeriSign.
How Identity Thieves Use Your Personal Information
Call credit card issuer and change the mailing address—takes time before you realize the problem
Open new credit card accounts Establish phone or wireless service in your name Open bank accounts in your name and write bad
checks File for bankruptcy under your name to avoid paying
debts Counterfeit checks or debit cards
How do criminals obtain passwords?
Obtaining Passwords Find them written down “Social engineering”—tricking the user into
revealing his/her password Shoulder surfing Hacking into system and remotely capturing
information System administrator—abusing privileges Passwords only as secure as people are
trustworthy
Protect Yourself!
Make all you online purchases using a credit card—not a debit card. Credit cards offer zero liability for fraudulent charges—debit cards don’t offer this protection.
Get a separate credit card with a low credit limit for your online transactions.
Make sure the websites are secure (https) Don’t disclose personal information over the
phone. Legitimate banks/credit card companies NEVER ask for this information over the phone.
Protect Yourself!
Don’t fall for email scams. Don’t put your Social Security number or
your driver’s license number on your checks. Shred or burn sensitive mail before you
recycle it. Don’t carry your social security card in your
wallet. Check your bills for charges you didn’t make. Report identity theft promptly—call the credit
card companies, local police, Federal Trade Commission (FTC)
Michelle Brown’s Recommendations to Congress
Social security numbers should be treated as confidential information, and therefore should not be required to be part of passwords, medical identification numbers, etc.
Credit issuers: all duplicate card requests should be verified by a mailer to the previous credit card address, or verified via telephone.
Credit reports should be offered free to individuals at least once a year, at their request.
Unusual inquiry/account opening behavior should be flagged at the credit reporting agencies and further investigated. The bureaus should take more responsibility for unusual activity as they are the first ones to be alerted of consolidated fraud on one individual's record.
Fraud alerts should be CLEARLY POSTED on the first page of victims' credit reports. Further there should be fines imposed to merchants who do not properly act on these statements and fail to verify the authenticity of an application.