Copyright © 1995-2008. |
Search Our Site: |
|
|
| Coping with Identity Theft: Note:
The crime of identity theft It can happen to anyone. The phone rings and a collection agency demands that you pay past-due accounts for goods you never ordered. The supermarket refuses your checks because you have a history of bouncing them. But you have always paid bills on time. What has happened? The crime of identity theft is on the rise.
Using a variety of methods, criminals steal Social Security numbers, driver's licenses, credit card numbers, ATM cards, telephone calling cards, and other pieces of individuals' identities such as date of birth. They use this information to impersonate their victims, spending as much money as they can in as short a time as possible before moving on to someone else's name and identifying information.
Even though victims are usually not saddled with paying their imposters' bills, they are often left with a bad credit report and must spend months and even years regaining their financial health. In the meantime, they have difficulty getting credit, obtaining loans, renting apartments, and even getting hired. Victims of identity theft find little help from the authorities as they attempt to untangle the web of deception that has allowed another person to impersonate them. Stealing wallets used to be the best way identity thieves obtained SSNs, driver's licenses, credit card numbers and other pieces of identification. While still employed, identity thieves now use a variety of means:
Take these steps to reduce your risk of becoming a victim of identity theft: You cannot prevent identity theft. Criminals can commit identity theft relatively easily because of lax credit industry practices, careless information-handling practices in the workplace, and the ease of obtaining SSNs. But you can reduce your risk of fraud by following the tips in this guide. The most important advice we can give you is to check your credit report at least once a year. If you are a victim of identity theft, you will catch it early by checking your credit report regularly. Credit cards, debit cards, and credit reports: 1. Reduce the number of credit and debit cards you carry in your wallet. We recommend that you do not use debit cards because of the potential for losses to your checking account (see above). Instead, carry one or two credit cards and your ATM card in your wallet. Nonetheless, debit cards are popular. If you do use them, take advantage of online access to your bank account to monitor account activity frequently. Report evidence of fraud to your financial institution immediately. 3. Do not use debit cards when shopping online. Use a credit card because you are better protected in case of fraud. See our online shopping guide, www.privacyrights.org/fs/fs23-shopping.htm. 4. Keep a list or photocopy of all your credit cards, debit cards, bank accounts, and investments -- the account numbers, expiration dates and telephone numbers of the customer service and fraud departments -- in a secure place (not your wallet or purse) so you can quickly contact these companies in case your credit cards have been stolen or accounts are being used fraudulently. 5. Never give out your SSN, credit or debit card number or other personal information over the phone, by mail, or on the Internet unless you have a trusted business relationship with the company and you have initiated the call. Identity thieves have been known to call their victims with a fake story that goes something like this. "Today is your lucky day! You have been chosen by the Publishers Consolidated Sweepstakes to receive a free trip to the Bahamas. All we need is your Social Security number, credit card number and expiration date to verify you as the lucky winner." 6. Always take credit card receipts with you. Never toss them in a public trash container. When shopping, put receipts in your wallet rather than in the shopping bag. 7. Never permit your credit card number to be written onto your checks. It's a violation of California law (Civil Code sec. 1725) and laws in many other states, and puts you at risk for fraud. 8. Watch the mail when you expect a new or reissued credit card to arrive. Contact the issuer if the card does not arrive. 9. Order your credit report at least once a year. Federal law gives you the right to one free credit report each year from the three credit bureaus: Equifax, Experian, and TransUnion. If you are a victim of identity theft, your credit report will contain the tell-tale signs – inquiries that were not generated by you, as well as credit accounts that you did not open. The earlier you detect fraud, the easier and quicker it will be to clean up your credit files and regain your financial health. We recommend that you stagger your requests and obtain one report each four months. That way, you can monitor your credit reports on an ongoing basis. But if you are in the market for credit or are a victim of identity theft, order all three at one time. For more information on your free credit reports, visit the Federal Trade Commission web site at www.ftc.gov/bcp/conline/pubs/credit/freereports.htm. How to order your free annual credit report:
10. Residents in seven states can obtain free annual credit reports under state law, in addition to the free reports available under federal law. These states are: Colorado, Maine, Massachusetts, Maryland, New Jersey, Vermont, and Georgia (two free reports per year in Georgia). If you live in one of these states, be sure to order both your free reports under federal law as well as state law each year – enabling you to even more effectively monitor your credit files on an ongoing basis. 11. As of November 2007, individuals nationwide are able to "freeze" their credit reports with Equifax, Experian, and TransUnion. By freezing your credit reports, you can prevent credit issuers from accessing your credit files except when you give permission. This effectively prevents thieves from opening up new credit card and loan accounts. In most states, security freezes are available at no charge to identity theft victims and for a relatively small fee for non-victims.
12. Several companies, including the three credit bureaus, offer credit monitoring services for an annual fee ranging from $50-$120 a year. They notify you when there is any activity on your credit report, thus alerting you to possible fraud. 13. There are many identity theft insurance products available to consumers. We do not recommend them unless they are available as a free or low-cost rider on an existing insurance policy. For more information on such insurance products, visit www.iii.org/individuals/other/insurance/identitytheft (no endorsements implied). Passwords and PINS: 14. When creating passwords and PINs (personal identification numbers), do not use the last four digits of your Social Security number, mother's mother's maiden name, your birthdate, middle name, pet's name, consecutive numbers or anything else that could easily be discovered by thieves. It's It's best to create passwords that combine letters and numbers. Here's a tip to create a password that is strong and easy to remember. Think of a favorite line of poetry, like "Mary had a little lamb." Use the first or last letters to create a password. Use numbers to make it stronger. For example, MHALL, or better yet MHA2L!. The longer the string, the harder it is to crack. 15. Ask your financial institutions to add extra security protection to your account. Most will allow you to use an additional code or password (a number or word) when accessing your account. Do not use your mother's maiden name, SSN, or date or birth, as these are easily obtained by identity thieves. If asked to create a reminder question, do not use one that is easily answered by others. 16. Memorize all your passwords. Don't record them on anything in your wallet. 17. Shield your hand when using a bank ATM machine or making long distance phone calls with your phone card. "Shoulder surfers" may be nearby with binoculars or video camera. 18. Protect your Social Security number (SSN). Release it only when absolutely necessary (like tax forms, employment records, most banking, stock and property transactions). The SSN is the key to your credit and banking accounts and is the prime target of criminals. If a business requests your SSN, ask if it has an alternative number that can be used instead. Speak to a manager or supervisor if your request is not honored. Ask to see the company's written policy on SSNs. If necessary, take your business elsewhere. If the SSN is requested by a government agency, look for the Privacy Act notice. This will tell you if your SSN is required, what will be done with it, and what happens if you refuse to provide it. If your state uses your SSN as your driver's license number, ask to substitute another number. If possible, do not provide the SSN on job applications. Offer to provide it when you are interviewed or when a background check is conducted. (Read PRC Fact Sheet 10 on SSNs, www.privacyrights.org/fs/fs10-ssn.htm and Fact Sheet 25 on online job seeking tips, www.privacyrights.org/fs/fs25-JobSeekerPriv.htm.)19. Do not have your SSN or driver's license number printed on your checks. Don't let merchants hand-write the SSN onto your checks because of the risk of fraud. 20. Do not say your SSN out loud when you are in a public place. And do not let merchants, health care providers, or others say your SSN out loud. Whisper or write it down on a piece of paper instead. Be sure to retrieve and shred that paper. 21. Examine your Social Security Personal Earnings and Benefits Estimate Statement each year to check for fraud. The Social Security Administration mails it to adult-age SSN holders about three months before the birthday. The SSA web site has additional information, www.ssa.gov/mystatement. Reach them by phone at (800) 772-1213. 22. Do not carry your SSN card in your wallet except for situations when it is required, the first day on the job, for example. If possible, do not carry wallet cards that display the SSN, such as insurance cards, except when needed to receive healthcare services. A California law places restrictions on the display and transmission of SSNs by companies. It is being phased in through 2005. For more information, read the California Office of Privacy Protection guide on SSN "recommended practices," at www.privacy.ca.gov/recommendations/ssnrecommendations.pdf. If you feel you must carry your health insurance or Medicare card with you at all times, try this. Photocopy the card and cut it down to wallet size. Then remove or cut out the last four digits of the SSN. Carry that with you rather than the actual card. But be sure to carry your original Medicare card with you the first time you visit your healthcare provider. They are likely to want to make a photocopy of it for their files. 23. It is a violation of federal law for state motor vehicles departments to use the Social Security number as the driver’s license (DL) number. (Intelligence Reform and Terrorism Prevention Act of 2004, implemented December 17, 2005) If you are carrying an older driver’s license containing your SSN that is not yet ready for renewal, contact the motor vehicles agency in your state and request to have your DL replaced before the actual renewal date. This way, you are not carrying a document in your wallet that contains your SSN. Internet and computer safeguards: 24. Install a firewall on your home computer to prevent hackers from obtaining personal identifying and financial data from your hard drive. This is especially important if you connect to the Internet by DSL or cable modem. 25. Install and update virus protection software to prevent a worm or virus from causing your computer to send out files or other stored information. 26. Password-protect files that contain sensitive personal data, such as financial account information. Create passwords that combine 6-8 numbers and letters, upper and lower case. In addition, encrypt sensitive files. 27. When shopping online, do business with companies that provide transaction security protection, and that have strong privacy and security policies. For more online shopping tips, read PRC Fact Sheet 23, www.privacyrights.org/fs/fs23-shopping.htm. 28. Before disposing of your computer, remove data by using a strong "wipe" utility program. Do not rely on the "delete" function to remove files containing sensitive information. 29. Never respond to "phishing" email messages. These appear to be from your bank, eBay, or PayPal. They instruct you to visit their web site, which looks just like the real thing. There, you are told to confirm your account information, provide your SSN, date of birth and other personal information. Legitimate financial companies never email their customers with such requests. These messages are the work of fraudsters attempting to obtain personal information in order to commit identity theft. Visit www.antiphishing.org. 30. Be aware that file-sharing and file-swapping programs expose your computer to illegitimate access by hackers and fraudsters. If you use such programs, make sure you comply with the law and know what you are doing. Install and update strong firewall and virus protection. Many file-sharing programs are downloaded by youngsters without the knowledge of their parents. There are software programs available that identify file sharing software and locate shared files on home computers. For more information on safe surfing for families, visit www.getnetwise.org. Reducing access to your personal data: 31. To minimize the amount of information a thief can steal, do not carry extra credit cards, debit cards, your Social Security card, birth certificate or passport in your wallet or purse, except when needed. At work, store your wallet in a safe place. 32. If possible, do not carry other cards in your wallet that contain the Social Security number (SSN), except on days when you need them. 33. To reduce the amount of personal information that is "out there," take these steps:
34. Install a locked mailbox at your residence to deter mail theft. Or use a post office box or a commercial mailbox service. When you are away from home for an extended time, have your mail held at the Post Office, or ask a trusted neighbor to pick it up. 35. When ordering new checks, pick them up at the bank. Don't have them mailed to your home. If you have a post office box, use that address on your checks rather than your home address so thieves will not know where you live. 36. When you pay bills, do not leave the envelopes containing your checks at your mailbox for the postal carrier to pick up, or in open boxes at the receptionist's desk in your workplace. If stolen, your checks can be altered and then cashed by the imposter. It is best to mail bills and other sensitive items at the drop boxes inside the post office rather than neighborhood drop boxes. If you use a neighborhood drop box, always deposit the mail before the last pick-up of the day. Responsible information handling: 37. Each month, carefully review your credit card, bank and phone statements, including cellular phone bills, for unauthorized use. (For more information on cell phone fraud, see PRC Fact Sheet 2, www.privacyrights.org/fs/fs2-wire.htm.) 38. Convert as much bill-paying as you can to automatic deductions from your checking account and/or credit account Consider using the Internet for banking and paying bills. With fewer account statements and bills mailed to your home, you will reduce the risk of mail theft and identity theft. 39. Do not toss pre-approved credit offers in your trash or recycling bin without first tearing them into very small pieces or shredding them with a cross-cut shredder. They can be used by "dumpster divers" to order credit cards in your name and mail them to their address. Do the same with other sensitive information like credit card receipts, phone bills, bank account statements, investment account reports, and so on. Home shredders can be purchased in many office supply stores. We recommend cross-cut shredders. 40. Use a gel pen for writing checks. Experts say that gel ink contains tiny particles of color that are trapped in the paper, making check washing more difficult . 41. Demand that financial institutions adequately safeguard your data. Discourage your bank from using the last four digits of the SSN as the PIN number they assign to customers. If you have been given the last four SSN digits as a default PIN, change it to something else. 42. When you fill out loan or credit applications, find out how the company disposes of them. If you are not convinced that they store them in locked files and/or shred them, take your business elsewhere. Some auto dealerships, department stores, car rental agencies, and video stores have been known to be careless with customer applications. 43. Store canceled checks in a safe place. In the wrong hands, they could reveal a lot of information about you, including the account number, your phone number and driver's license number. If you rent a storage locker, take extra precautions when storing cancelled checks, tax return information, and other sensitive financial information. Storage lockers are popular targets for robbers. 44. Store personal information securely in your home, especially if you have roommates, employ outside help, or have service work done in your home. Use a locking file cabinet or safe. 45. Any entity that handles personal information should train all its employees, from top to bottom, on responsible information-handling practices. Persuade the companies, government agencies, and nonprofit agencies with which you are associated to adopt privacy policies and conduct privacy training. (Read Fact Sheet 12 on responsible information-handling, www.privacyrights.org/fs/fs12-ih2.htm and our workplace identity theft prevention tips, www.privacyrights.org/ar/PreventITWorkplace.htm) 46. Remember, if you are a victim of identity theft, or if your wallet or SSN has been lost or stolen, read our Fact Sheet 17a, "Identity Theft: What to Do if It Happens to You," on our website at www.privacyrights.org/fs/fs17a.htm. If your wallet or your Social Security number has been lost or stolen, place fraud alerts on your three credit reports right away. Instructions are provided in step one of Fact Sheet 17a. For More Information Credit Reporting Agencies (see also PRC Fact Sheet 6, www.privacyrights.org/fs/fs6-crdt.htm)
Federal Trade Commission Identity Theft Clearinghouse
Federal Agencies and Technology Industry
California Office of Privacy Protection
Identity Theft Resource Center
Privacy Rights Clearinghouse
Compilation of Identity Theft Surveys Additional web sites:
|
| Copyright © 1995-2008. Privacy Rights Clearinghouse/UCAN. This copyrighted document may be copied and distributed for nonprofit, educational purposes only. For distribution of this fact sheet, see our copyright and reprint guidelines. The text of this document may not be altered without express authorization of the Privacy Rights Clearinghouse. This fact sheet should be used as an information source and not as legal advice. PRC fact sheets contain information about federal laws as well as some California-specific information. Laws in other states may vary. Overall, our fact sheets are applicable to consumers nationwide. This publication was originally developed under the auspices of the University of San Diego. Privacy Rights Clearinghouse, 3100 - 5th Ave., Suite B, San Diego, CA 92103. Web: www.privacyrights.org |
