A Short Primer on Identity Theft

Identity theft is a major problem both in this country and around the world today. The most recent estimates indicate that in 2017 there were approximately 16.7 million victims of identity theft resulting in approximately $16.8 billion dollars lost to thieves. Traditionally, the major focus on theft had been credit cards. In contrast, last year the number of Social Security number stolen surpassed those of credit card numbers.

How can you find out if any of your information has been compromised.

One of the best things to do is to check regularly your credit reports at the three major credit reporting bureaus. Since you are allowed one free report each year you should request one a report from one of these bureaus every four months. There are also certain services which state that they are continually trolling the Internet for fraudulent uses of your social security number and other personal information.

Some telltale signs that your personal information has been compromised:

1. You get a copy of your tax return from the Internal Revenue Service when you had not requested it

2. You have filed your annual federal tax return and find that it has been rejected because someone else had filed it previously. Similarly, you get a tax refund from a return that you have not yet filed.

3. If you do not receive bills or mail that you have been used to receiving in the past. This could be an indication that thieves may have used your personal information to change your address

4. If you should apply for credit and find that you are rejected or when you check your FICO score you find that it has gotten much lower.

5. You note that you are getting bills for purchases you did not make and that your credit card account(s) may have unauthorized transactions on the monthly bill.

6. In accounts where you have implemented two-factor authentication (which you should do) you find that you are getting alerts from the bank. This could mean that someone is attempting to access your account because they may have some of your personal information.

7. You may find a number of very small charges on your credit card. This could be because someone has stolen this information and is checking to make sure the card is still active before they make a number of very large purchases.

What you should do after you have had your identity stolen.

There are some very specific things to do. These include:

–  Filing a crime report with your local police department.

–  Filing a report with the Federal Trade Commission.

–  Placing a fraud alert on all your credit reports (also see where I have indicated applying a credit freeze below)

–  Making sure that your rigorously review your credit card statements every month for erroneous charges

–  Consider opening new credit card accounts and bank accounts

–  Making certain that you utilize strong passwords on all of your online accounts 

–  Purchasing a micro-cut shredder and use it regularly to destroy all financial records

–  Filing an identity theft affidavit with the Internal Revenue Service

–  Not carrying your Social Security card with you.

–  Not placing any personal information on social media sites or use inaccurate information (Do you really need to list your birthday for everyone to see?)

What can you do to prevent identity theft.

Here are some measures you can take with regard to:

1. Cell phone scams

One common scam is known as Vishing (voice phishing) which is the practice of using social engineering over the telephone to obtain private and financial information for financial gain. Criminals typically use automated voice synthesizers to tell consumers that their bank account has had unusual activity or their credit card has been used fraudulently. The consumer is told to dial a specific phone number with instructions to enter the credit card or bank account number. Consumers need to be very suspicious when asked to supply any credit card or bank numbers. They should never supply their PIN, card expiration date, date of birth, etc. unless they are completely sure that the number they are calling has been verified. Consumers should call only the bank phone number listed on their billing statements or the back of the credit card and not call a number received in a voice message, text or email.

2. Keeping our cell phones secure from hackers

There is the cell phone equivalent of phishing called SMiShing in which the recipient receives text message stating that a withdrawal has been made from their ATM or bank account. There is additional text in the message with language like “impending account suspension” or “fraudulent account activity suspected.” The recipient is then urged to click on a link to verify that the account is correct. The consequences of clicking on that link may be that mobile malware is downloaded to the phone, a fraudulent phone number is called and when answered it sounds like the bank has been reached and they ask for your account information and you hand over personally identifiable information or account details. The problem is that many people are less suspicious when receiving a text message (in contrast to an email) and there also appears to be an immediate need to reply so they drop their guard momentarily. The best thing to do is not reply to any text message which asks for bank or account information and instead contact the bank directly at a known phone number which you enter yourself.

In addition, people should be very careful about downloading any apps from locations other than a legitimate source. You need to make sure that you do not (with Android phones) allow an app from “unknown sources” to be downloaded. A default setting in Android phone prevents this from happening and users should not change that setting. This will keep most malware from entering the phone since virtually all apps in the Play Store have been vetted. Some apps, though not malware per se, should be avoided such as those that request permission to access your contacts, microphone, camera and so forth without a good reason. For example, there was a flashlight app which asked for these permissions. By providing them you could theoretically allow the app to send an image of a check you are depositing along with your account information to an unknown location. There are a number of cell phone antivirus apps available but the best precaution is vigilance. 

3. Purchasing online

Obviously you should never purchase anything online that is illegal. Beyond that, any online payment system can be compromised. The best way to avoid unwanted credit card charges, especially online, is to create a one-use credit card number that is used only for that transaction. The Bank of America, for example, has a service called ShopSafe which is available for online banking customers that creates this sort of card number for a specific dollar amount that you can specify and for a specific expiration date (that you can also specify). An attempt to utilize the card more than once will be rejected by the bank and your original credit card number will never be revealed. It is also possible to use this card for recurring payments with a dollar cap. If a website asks for a credit card number before letting you make a "free" purchase you can also create one for a dollar limit of $1.00 – not free, but certainly one that would limit your liability.

4. Tax return security

You should absolutely consider obtaining a PIN for your tax return submission . One of the main concerns with any cyber breach where your social security number may have been obtained is that someone can file a tax return in your stead earlier in the year than you may file. Any return that the crook has filed is likely to be eligible for a refund (why else would they file?) which they will then pace in their own account. If, however, you have the six-digit PIN from the IRS they would need to know that before filing. You will need to complete an identity theft affidavit (IRS Form 14039) before the IRS can supply this PIN.

5. Preventing someone from profiting from stealing your identity

One way is to place a freeze on all of your credit accounts. This means that no one will be apply to apply for a credit card or any sort of credit in your name without removing the freeze. I understand that some people might find this inconvenient but the freeze can be easily removed temporarily for a short period of time if you should have the need to apply for a loan or a new credit card and a small amount of inconvenience, in my opinion, is minor when compared to resolving the consequences of identity theft and having large credit cards bills in your name.

****************************

About Steve Hausman

I’m a top-ranked professional speaker and futurist who specializes in emerging technologies that include robotics, 3D printing, nanotechnology, cybersecurity, bionics (artificial limbs and organs), brain-machine interactions, future trends, the Internet of Things, innovation and biomedical topics such as aging and nutrition.

If there is a topic you would like me to write about or if you would like me to speak at your event please contact me via LinkedIn or through the "Book Me Now" button my website at www.HausmanTech.com