Identity Theft For Business Don’t Let Bad Things Happen to Your Company’s Good Name

ID Theft -- A Major Problem 27.3 Americans victimized over 5 years; 9.9 million over the past year; $48 billion in losses to business; $5 billion in out-of-pocket losses to consumers. Source: Federal Trade Commission

27.3 Americans victimized over 5 years;

9.9 million over the past year;

$48 billion in losses to business;

$5 billion in out-of-pocket losses to consumers.

Source: Federal Trade Commission

ID Theft – Case Histories An employee of Prudential Insurance was accused of selling the personal information of 60,000 customers; A man installed “keylogging” software in 14 Kinko stores in the New York area to steal customer’s data; An Israeli man hacked into a U.S. company’s system to steal the data of 80,000 customers; An employee of a communications firm stole the credit histories of thousands of people; An employee of a Florida restaurant stole the credit card numbers of at least 18 customers.

An employee of Prudential Insurance was accused of selling the personal information of 60,000 customers;

A man installed “keylogging” software in 14 Kinko stores in the New York area to steal customer’s data;

An Israeli man hacked into a U.S. company’s system to steal the data of 80,000 customers;

An employee of a communications firm stole the credit histories of thousands of people;

An employee of a Florida restaurant stole the credit card numbers of at least 18 customers.

ID Theft -- Defined ID Theft – a wholesale takeover of someone’s identity for financial gain. ID Fraud – creating a brand new identity from several different sources to commit crimes and evade detection.

ID Theft – a wholesale takeover of someone’s identity for financial gain.

ID Fraud – creating a brand new identity from several different sources to commit crimes and evade detection.

Victims May Not Know Until: They are contacted by a collection agency; Credit charges show up that they never made; A lender tries to repossess a car they never purchased; They are contacted by police about a crime they didn’t commit.

They are contacted by a collection agency;

Credit charges show up that they never made;

A lender tries to repossess a car they never purchased;

They are contacted by police about a crime they didn’t commit.

What Does the Thief Want? A Social Security Number A Driver’s License Account Numbers

A Social Security Number

A Driver’s License

Account Numbers

Where Does the Thief Get These? A Wallet or Purse Your Mail Your Trash Your Computer You

A Wallet or Purse

Your Mail

Your Trash

Your Computer

You

How Is This Information Used? Use credit cards to go on buying spree; Open new accounts in their name; Change mailing address on their accounts; Buy a car, with loan in their name; Get phone service in their name; Drain their bank accounts; Apply for a job in their name; Use their name if arrested for a crime.

Use credit cards to go on buying spree;

Open new accounts in their name;

Change mailing address on their accounts;

Buy a car, with loan in their name;

Get phone service in their name;

Drain their bank accounts;

Apply for a job in their name;

Use their name if arrested for a crime.

Basic Rules To Protect Your Customers and Employees If you don’t need it, don’t collect it; If you need it once, don’t save it longer; If you don’t need to save it, dispose of it carefully; If you have to keep it, think security; Don’t broadcast personal information;

If you don’t need it, don’t collect it;

If you need it once, don’t save it longer;

If you don’t need to save it, dispose of it carefully;

If you have to keep it, think security;

Don’t broadcast personal information;

Basic Rules To Protect Your Customers and Employees Don’t use social security number as customer account numbers; Don’t give out personal information without positive confirmation; Locks are a real deterrent.

Don’t use social security number as customer account numbers;

Don’t give out personal information without positive confirmation;

Locks are a real deterrent.

Technology and Information Security Limit Access: Servers in a secure location; Access limited to trusted employees; Critical data only available on a “need-no-know” basis, password protected and encrypted, if possible.

Limit Access:

Servers in a secure location;

Access limited to trusted employees;

Critical data only available on a “need-no-know” basis, password protected and encrypted, if possible.

Technology and Information Security Passwords: Use a password protection system for network and PC logins; Avoid simple passwords: This “th%d4get” Not this “password” or “bob” Change passwords regularly.

Passwords:

Use a password protection system for network and PC logins;

Avoid simple passwords:

This “th%d4get”

Not this “password” or “bob”

Change passwords regularly.

Technology and Information Security Virus Protection: Install anti-virus software; Scan your system regularly of often; Subscribe to “automatic updates” of anti-virus software; Never disable anti-virus protection.

Virus Protection:

Install anti-virus software;

Scan your system regularly of often;

Subscribe to “automatic updates” of anti-virus software;

Never disable anti-virus protection.

Technology and Information Security Install a “firewall” – a gatekeeper to protect your system from outsiders; Download and install security “patches”; Back up data regularly; Check for suspicious activity; Understand file sharing risks.

Install a “firewall” – a gatekeeper to protect your system from outsiders;

Download and install security “patches”;

Back up data regularly;

Check for suspicious activity;

Understand file sharing risks.

Technology and Information Security Educate your employees: Not to open e-mail from unknown sources; What to do when they receive suspicious e-mails; To disconnect from the Internet when not online; To consider the risks of file-sharing; How to perform data back-up procedures; Actions to take if their computers become infected. When an employee leaves, remove system access immediately

Educate your employees:

Not to open e-mail from unknown sources;

What to do when they receive suspicious e-mails;

To disconnect from the Internet when not online;

To consider the risks of file-sharing;

How to perform data back-up procedures;

Actions to take if their computers become infected.

When an employee leaves, remove system access immediately

When Things Go Wrong Mitigate the damage; Notify the police; Notify your insurance carrier; Notify those whose records have been compromised.

Mitigate the damage;

Notify the police;

Notify your insurance carrier;

Notify those whose records have been compromised.

Your BBB – A Source for Information and Help Telephone – (Your Telephone) Web Site – (Your URL) ID Theft Web Site – www.bbb.org/idtheft Video – www.bbbvideo.com

Telephone – (Your Telephone)

Web Site – (Your URL)

ID Theft Web Site – www.bbb.org/idtheft

Video – www.bbbvideo.com

Join Our Campaign

Identity Theft Don’t Let Bad Things Happen to Your Company’s Good Name

Don’t Let Bad Things Happen to Your Company’s Good Name