• HOME

• World/U.S.
  • U.S./National
  • U.S./Cities
  • India
  • International
• Alabama
  • Around Town
  • News Makers
• Health
  • Right Food
  • Holistic Med
  • MD Perspective
  • Health Links
• Family
  • Kids Corner
  • Parents
  • Recipes
  • Youth Forum
• Features
  • Feature Articles
  • In The Spotlight
  • Legal Matters
• Living
  • Spiritual Angle
  • MoneyWise
  • College Views
  • Bollywood
  • Indian Music
  • Religion/Festivals
  • Sports
  • Indian Calendar
  • Weddings
• Sci/Tech
• Bus. Dir
  • AL - Indian
  • AL - Other
  • Add Your Bus.
• Classified
  • Employment
  • For Sale
  • Housing
  • Misc
• Opinion
  • Editorial
  • Readers Say
  • Readers Share
• Orgs
  • Organizations
  • Useful Links
  • Indian Charities
• Pravasi Herald
  • About us
  • Contact us
  • Advertise
  • Req. Publicity
  • Archives

Thursday, February 11, 2010

Who are you? Identity Theft in the Age of Information - A Security Officer’s Perspective

By Terrell Herzig

Terrell Herzig is the Information Security Officer for the University of Alabama at Birmingham (UAB) Health System and HIPAA Security Officer for UAB. He holds a faculty appointment of Adjunct Professor for the UAB School of Health Professions – Health Informatics program. Terrell is also a Certified Information Systems Security Professional.  He is the primary author and editor of a new Health Information Systems Society (HIMSS) book to be published this fall entitled: “Information Security in Health Care: A Prescription for Success”.

Do you receive calls from collection agencies regarding accounts you don’t have or thought were up to date? Do bills and statements not arrive when they are supposed to? Do your bank account statements or credit card statements show withdrawals, transfers or charges you didn’t make? Have you received calls from creditors notifying you that you have been approved or denied credit?  If you answered yes to these questions, you may be an unwitting victim of identity theft.

What is identity theft? The Federal Trade Commission’s (FTC) website[1]  defines identity theft as when someone uses your personal information, such as name, social security number or credit card information to commit fraud or other crimes. The FTC estimates more than 9 million Americans have their identity stolen each year.

Identity theft can take many forms. Someone can use your identity to open a credit account, rent an apartment or open utilities in your name. In the past two years, a disturbing trend is emerging where individuals are presenting false identities to gain medical treatment and services.  Fraudulent use of identities to gain medical treatment can drive up healthcare costs for all individuals and introduce dangerous inaccuracies in your medical records. Most consumers may not realize they have become victims of identity theft until they start receiving collection calls or apply for credit and are subsequently declined.

How does identity theft occur? Popular press would have you think the majority of identity theft occurs from online credit transactions or company data breaches. The truth is there is not a substantial body of research (at this time) to conclusively determine the key source of identity theft. However, when you continue to read about data loss incidents in the media, some percentage of identity theft should be expected. Take two recent examples: 130 million records were exposed by Heartland payment systems, one of the largest credit card processors in the United States.[2]  TJX companies, parent company of TJMaxx, exposed credit card data on 94 million individuals resulting from organized hacking of its credit transactions.[3] 

You may be astonished to learn that most identity theft will often start near your home. Consider the amount of pre-approved credit offers you receive in the mail. You probably received paper copies of credit card bills and statements that contain a lot of sensitive information, including account numbers and social security numbers. Your bank statements may arrive each month, with bank account information and account numbers prominently printed on their pages.

A skilled identity thief can use a variety of tactics to gain access to your personal information. A determined identity thief may study the mail delivery habits of your local neighborhood. It is easy to determine mail delivery schedules and neighborhood travel habits.

Another common method of gaining access to your personal information is through dumpster diving or “garbage theft.” Consider how you dispose of your monthly statements, tax records, expired credit cards and other sensitive information. Use a cross cut shredder, and don’t include all of your shredded material in one garbage pickup.

A lot of businesses still dispose of sensitive customer data without shredding. This can lead to late night dives into trash dumpsters where employee records with sensitive information may be readily retrieved.

Remember not to leave your personal belongings lying about, especially in a parked vehicle.  Breaking a passenger window to gain access to a purse or wallet is simple, fast and doesn’t get noticed as often as you would think. Theft of personal information from purses and wallets is thought to be one of the most common methods of obtaining personal information. As a safeguard, have your social security number removed from your driver license, insurance cards and other personal identification. Lock your social security card in a bank lock box and never carry it in your purse or wallet.

Exercise caution when using bank machines and ATM devices. This is especially true of devices in shopping malls and remote locations. Another increasingly popular method to steal identity information is a technique called “skimming.”  Identity thieves install illegal hardware on bank machines and ATMs in order to capture your card data. Magnetic stripe readers are small and inexpensive and can be ordered from a variety of businesses. Thieves will install small cameras along with the skimming equipment to capture your PIN numbers as they are being typed. Later they reassemble the data to make a new card and purchase products, complete with your pin number.

Another popular trend is that of “phishing.” Phishing occurs when you respond to an email or electronic transaction that appears to be from a legitimate online site. Would-be identity thieves can easily create rogue sites that appear to be legitimate sites from banks, employers and online sales companies. With creative pop-ups, emails and online forms, such individuals can con you into giving up your personal information and passwords. This information is later retrieved and used by the thieves to pose as you on the legitimate site.

How do I find out if I am a victim of identity theft? Unfortunately, many consumers will find out their identity has been stolen after damage to their credit has occurred. Follow the steps below to monitor your identity:

• Remember and recognize the warning signs mentioned in the first paragraph of this article.
  
• Monitor your billing and financial statements closely. Question any transactions you do not recall making.
  
• Monitor your credit reports.  Federal law requires each of the major nationwide consumer reporting agencies to provide you with a free copy of your credit report, at your request, once every 12 months. If an identity thief is opening credit accounts in your name, these accounts are likely to show up on your credit report. To find out, order a copy of your credit reports. Look for suspicious inquiries or activity and visit the agency’s site to learn how to challenge the report.  The contact information for each of the credit reporting agencies is included at the end of this article.
  
• Shred your documents and expired cards prior to disposal. Use a good cross cut shredder. With a little searching, you can find one that will shred CDs and DVDs too.
  
• Securely erase your computer prior to disposal. Deleting information from your computer’s hard drive does not get rid of it. A lot of tools can be found on the Internet to retrieve information that has only been deleted. Use a reputable file shredder (many available free on the internet) to securely erase your computer’s hard drive.
  
• Encrypt your sensitive computer files, such as electronic statements, credit reports and tax records. Do not provide these passwords to computer technicians or repair companies.
  
• Backup your computer and physically destroy any old media prior to disposal.
  
• Install appropriate antivirus, antispyware and other malware detection software on your computer and keep it up to date. If you receive emails from companies soliciting personal information, do not reply.
  
• If you are leaving town for more than a couple of days, stop your mail and paper deliveries. Large piles of mail and newspapers are definite signs that no one is home.
  

What do I do if my identity is stolen? If you discover someone is fraudulently using your identity, you should take the following steps immediately:

• File a police report. A police report that records specific details of an identity theft is considered an identity theft report and provides you with certain legal rights when you present it to the three major credit reporting agencies or companies where your information may have been used. Identity theft reports can help you clean-up erroneous information in your reports, prevent companies from continuing to collect debt and can allow you to place an extended fraud alert monitor on your credit reports.
  
• To receive the protections listed above, your report must contain specific details about the theft. File an identity theft complaint with the FTC. You should make a copy of this report and take it with you when filing your police report.
  
• Obtain copies of all fraudulent documents you can collect. This information will be necessary to file the details in your report and provide evidence for criminal proceedings in the event the thief is caught.

In closing, remember, by law you are entitled to a free credit report every 12 months from each of the major credit agencies or if you are denied credit. Get a proactive start on protecting your identity. Baseline your credit reports by contacting the major credit reporting agencies. Follow the above suggestions and help fight the growing crime of identity theft.

Each of the major credit agencies can be contacted using the information listed below:

• Experian. Phone number: 1-888-397-3742. http://www.experian.com/
• Equifax. Phone number: 1-888-766-0008. http://www.equifax.com/home/
• Transunion. Phone number: 1-888-909-8872. http://www.transunion.com/

References:

• [1] FTC Website for Identity Theft. Accessed August 24, 2009. http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/about-identity-theft.html
• [2] DatalossDB.org. Accessed August 20, 2009. Largest Incidents. http://datalossdb.org/incidents/1518-malicious-software-hack-compromises-unknown-number-of-credit-cards-at-fifth-largest-credit-card-processor
• [3] DatalossDB.org. Accessed Aug 20, 2009. Largest Incidents. http://datalossdb.org/incidents/548-hack-exposes-94-million-credit-card-numbers-and-transaction-details

Related Articles

Copyright 2009-2010 Pravasi Herald All Rights Reserved