identity theft - wsecu educators resources€¦ · identity theft is an ongoing threat as of...
TRANSCRIPT
Identity Theft When Bad Things Happen to Your Good Name
What is identity theft?
Identity Theft is defined as
someone using your personal
information without your
permission to commit fraud or
other crimes.
Identity theft is an ongoing threat
As of December 2018 (nationwide)
Over 3.4 million consumer Sentinel complaints (includes fraud and identity theft)
1.48 billion dollars in losses Takes an average victim of ID theft 600 hours to “sort it out” and restore their lives Source – Federal Trade Commission
Close to home in 2018
Washington ranks 23nd highest for ID theft Washington ranks 25rd for fraud We had $28.3 million in losses Spokane was 48th for fraud Source – Federal Trade Commission
How do I recognize identity theft?
Bills arrive for credit cards/accounts you never opened Bank account statements contain unfamiliar transfers, withdrawals or checks you didn’t write Lenders deny your request for credit, but the last time you checked your credit was great Extremely late statements or statements that don’t arrive
How do they get your information?
Mail theft
Dumpster diving
Stolen wallet or purse
Skimming
Phishing
Vishing
Smishing
Data breaches
What is skimming?
A special storage device is used to steal your
credit/debit card number when processing
your card (e.g. at the ATM or a merchant).
Portable skimmer
Most skimmers are small and portable About the size of a pager
ATM skimming
Gas pump skimming
Use debit cards as credit at pump
Check security seal Pay inside
What is phishing?
Phishing is an unsolicited e-mail that appears to come from a legitimate source, such as your financial institution. E-mails contain some form of language to trick you into believing you need to update or confirm account information to avoid account access being blocked. The fraudulent e-mail contains a link that sends users to phony websites. Thieves are after passwords, SSNs and other personal information.
Samples of phishing e-mails
From: www-data on behalf of [email protected] Sent: Thu 1/18/2007 8:28 PM To: Richard Subject: Important Notice from WSECU Valued WSECU customer, This is the official notification from Washington State Employees Credit Union. We are sorry to inform you that your online payments and transfers services are expired, and must be renewed immediately, if you intend to use this services in the future, and prevent any similarly situations you must take action at once! Click Here and proceed to the renewal of your online services. STEP 1 : Click the "Click Here" link and sign-in to your Online account STEP 2 : Review the renewal form Thank you for the privilege of serving you. Sincerely, Online Banking Department
What is vishing?
Vishing is a form of phishing which involves your phone and an 800 number for a call back. Again, it appears to be from a legitimate source, such as your financial institution. “Hi, this is Jane Doe calling from XYZ Credit Union regarding your primary account. Recently we were working with your account and found an issue we can’t seem to resolve. We need you to call us back to work this out. Please call us at 888-555-1212.” The 800 number doesn’t go to the financial institution. It is forwarded to the thief.
What is smishing?
Smishing is a form of phishing which involves text messages on your phone. Again, it appears to be from a legitimate source, such as your financial institution or major retailers.
Data breaches… the new threat of identity theft In 2018, there were over 6,500 breaches with 5 billion records compromised
Average cost to a US company $7.91 million
Average time to identify a data breach 196 days
Two distinct levels involved:
Card information (less invasive)
Personal information (greater risk)
What do they do with your information?
Open new credit accounts. Establish landline or mobile phone accounts in your name. Open new bank accounts. Take over existing accounts. Get a job using your name and personal information. File a fraudulent tax return using your name and personal information.
Take steps to protect yourself!
Prevention is key.
Minimize your risk.
Be responsible in managing and sharing your personal information.
Be aware, be proactive
Review your account and credit card statements when they arrive.
Call your financial institution or credit card company if your statement is late.
Never give out personal information over
e-mail, online, or on the phone unless you initiated the contact.
Protect your personal information
Don’t carry your SSN or PINs in your wallet or purse: Memorize them and leave them in a safe location. Shred documents with your personal information on them before disposing. Carry only the identification and credit or debit cards you will need. Leave the rest locked in a safe place. Don’t leave outgoing mail in your own mailbox.
There’s more?
Provide your SSN only when absolutely necessary. Find out why it is needed and ask if you can use a
different form of identification instead. Never provide information to an unsolicited request, unless you verify it first.
Cancel credit cards that you no longer need or use. When canceling, make sure it is noted it as “Closed at consumer’s request.” Never be intimidated.
Check your credit report
Take advantage of the FACT Act which allows you to get a free copy of your credit report each year! Get a free copy from each credit reporting agency.
Remember, it’s free!
annualcreditreport.com 877.322.8228 Annual Credit Report Request Service PO Box 105281 Atlanta, GA 30348-5281
I’m a victim! Now what?
Contact your financial institution. File a fraud report. Pull your credit reports at annualcreditreport.com. Close affected and fraudulent accounts. Start the IdentityTheft.gov recovery process File a report with the local police dept. Get a case number! Contact DMV, Social Security, IRS and Dept. of Retirement Systems, utilities, etc… Contact credit bureaus
What else should I do?
Create a log. Document everything you do in response to the identity theft.
Follow up all verbal communication with a letter or an e-mail.
Put code words on your accounts to be used for future identification purposes.
Get professional assistance!
What else should I consider?
Get step-by-step guidance and recovery plans on IdentityTheft.gov. Consider a monitoring service -Credit monitoring
-Identity theft monitoring
Identity recovery services Identity theft insurance
Credit freeze
Security features on checks
Current scams
Internet sales scams Lottery scams Telemarketing fraud Romance scams Work-at-Home scams
Current scams
IRS scams Social security scams Medicare scams Charity scams Tech support scams Caller ID spoofing
Lottery scams
Facebook scams
IQ quizzes Western Union Koobface worm Malware apps and links Fake login pages
Fake login pages
Fake login pages
Online Banking Security
Don’t click hyperlinks in emails Treat your smartphone like a computer Use online/mobile banking to your advantage Get free help
Online Banking Security
Never give out your SSN online Safely store financial/personal information Respond quickly to an attack Access your account from a secure location
Online Banking Security
Be smart with passwords Change passwords regularly Protect your computer Check for encryption Trust your gut
Resources
AARP – aarp.org Better Business Bureau – bbbonline.org/idtheft Federal Trade Commission – ftc.gov/idtheft Identity Theft Resource Center – idtheftcenter.org PC World – pcworld.com Privacy Rights Clearing House – privacyrights.org/identity.htm WSECU – wsecu.org