Your SlideShare is downloading. ×
0
ID Theft And What You Can Do About It Barry Caplin Chief Information Security Officer Minnesota Department of Human Servic...
What we will cover <ul><li>What is ID Theft? </li></ul><ul><li>How does it happen? </li></ul><ul><li>Facts, more facts </l...
<ul><li>Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtain...
How Is It Done <ul><li>Shoulder Surfing - observation </li></ul><ul><li>Dumpster Diving </li></ul><ul><li>Mis-delivered or...
<ul><li>ID Theft was not a federal crime until 1998 </li></ul><ul><li>Not a high-tech crime - but technology helps </li></...
What Do “They” Want? <ul><li>Social Security number </li></ul><ul><li>Full Name </li></ul><ul><li>Bank Acct numbers </li><...
<ul><li>12/20/03 Associated Press </li></ul><ul><li>Cancer Patient Accused Of Stealing Identities </li></ul><ul><li>Man Ap...
Facts <ul><li>9.9M victims in 2008 (up after 3 yr down-trend) </li></ul><ul><li>Total fraud costs up ($48B US) </li></ul><...
More Facts <ul><li>But… faster use of stolen info </li></ul><ul><li>Still more offline than online </li></ul><ul><ul><li>4...
More Facts <ul><li>How your ID is being used: </li></ul><ul><ul><li>New Account Fraud – credit cards, loans </li></ul></ul...
What If... <ul><li>If you think your Identity has been stolen… </li></ul><ul><li>Contact one of the three major credit bur...
MN Law <ul><li>Identity Theft Law – § 609.527, 2006-07 </li></ul><ul><li>Defines penalties, restitution, reporting </li></...
What Can You Do?
What Can You Do? <ul><li>Get your Credit Report </li></ul><ul><li>Look for, and correct, incorrect information </li></ul><...
Credit Reports <ul><li>Fair Credit Reporting Act (FCRA) provides for 1 free report from each of the 3 reporting agencies e...
Credit Reports <ul><li>You are also entitled to a free copy of your credit report if you: </li></ul><ul><li>Are unemployed...
Credit Reports <ul><li>You are also entitled to a free copy of your credit report if you: </li></ul><ul><li>Believe your f...
What Can You Do? <ul><li>Look at your bills </li></ul><ul><ul><li>Does the statement make sense? </li></ul></ul><ul><ul><l...
What Can You Do? <ul><li>Care with Credit Cards </li></ul><ul><li>Separate credit cards </li></ul><ul><ul><li>one just for...
What Can You Do? <ul><li>Be Stingy with Personal Information </li></ul><ul><li>“ need to know” </li></ul><ul><li>don’t put...
What Can You Do? <ul><li>Shred it! </li></ul><ul><li>Credit card receipts </li></ul><ul><li>Utility and other bills </li><...
What Can You Do? <ul><li>Weigh your Wallet (or Purse) </li></ul><ul><li>Don’t carry SS card or Birth Certificate except wh...
Do This! <ul><li>Make a copy of, or write down the info from all the personal identifiers in your wallet/purse and put it ...
What Can You Do? <ul><li>Report Theft </li></ul><ul><li>If something gets stolen, report it! </li></ul><ul><ul><li>You nee...
What Can You Do? <ul><li>Use care online </li></ul><ul><li>Don’t email personal information </li></ul><ul><li>Choose passw...
Phishing
Phishing <ul><li>Looks real, but rarely is </li></ul><ul><li>From a familiar business (not) </li></ul><ul><li>May threaten...
Phishing
 
Phishing <ul><li><IMG src=&quot;http://pics.ebaystatic.com/aw/pics/x.gif&quot;> </li></ul><ul><li><P>Please sign in to you...
 
 
 
Phishing <ul><li><a href=&quot; http://update.llimited-service.com/images/SignOn.htm &quot;> </li></ul><ul><li>https://hb....
What Can You Do? <ul><li>ID Theft Insurance </li></ul><ul><li>Does not prevent ID Theft! </li></ul><ul><li>Does not cover ...
What Can You Do? <ul><li>Be stingy with personal information </li></ul><ul><li>Online personal info can be removed by requ...
What Can You Do? <ul><li>Watch your Postal mail </li></ul><ul><li>Pick up new checks at the bank, don’t have them mailed. ...
What Can You Do? <ul><li>Know who’s listening or watching when... </li></ul><ul><li>Providing personal info over the phone...
What Can You Do? <ul><li>Don’t fall to Social Engineering </li></ul><ul><li>Email/phishing scams </li></ul><ul><li>Phone c...
What Can You Do? <ul><li>You’ve done all that you can </li></ul><ul><li>but... </li></ul>
<ul><li>Hackers breach Heartland Payment credit card system </li></ul><ul><li>By Byron Acohido, USA TODAY, Feb. 2009 </li>...
What Can You Do? <ul><li>Reduce – your Identity Exposure </li></ul><ul><li>Record – monitor bills and credit reports </li>...
<ul><li>Discussion? </li></ul>
Upcoming SlideShare
Loading in...5
×

Identity Fraud and How to Protect Yourself

1,064

Published on

Published in: Economy & Finance, Business
1 Comment
1 Like
Statistics
Notes
  • it was a nice effort. it helped me alot... than
    ks
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
1,064
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
53
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Identity Fraud and How to Protect Yourself"

  1. 1. ID Theft And What You Can Do About It Barry Caplin Chief Information Security Officer Minnesota Department of Human Services [email_address] Slides on InfoLink
  2. 2. What we will cover <ul><li>What is ID Theft? </li></ul><ul><li>How does it happen? </li></ul><ul><li>Facts, more facts </li></ul><ul><li>What to do if you are a victim? </li></ul><ul><li>How to protect yourself. </li></ul><ul><li>Questions. </li></ul>
  3. 3. <ul><li>Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain. </li></ul>
  4. 4. How Is It Done <ul><li>Shoulder Surfing - observation </li></ul><ul><li>Dumpster Diving </li></ul><ul><li>Mis-delivered or “public access” mail </li></ul><ul><li>Mailbox theft </li></ul><ul><li>Stolen purse, wallet, PDA, laptop </li></ul><ul><li>Social Engineering </li></ul><ul><li>Internet </li></ul><ul><li>By known or unknown thieves! </li></ul>
  5. 5. <ul><li>ID Theft was not a federal crime until 1998 </li></ul><ul><li>Not a high-tech crime - but technology helps </li></ul><ul><li>Not a new crime </li></ul><ul><li>Check Fraud </li></ul>
  6. 6. What Do “They” Want? <ul><li>Social Security number </li></ul><ul><li>Full Name </li></ul><ul><li>Bank Acct numbers </li></ul><ul><li>Credit Card numbers </li></ul><ul><li>Phone Calling Card numbers </li></ul><ul><li>Pre-approved Credit applications </li></ul><ul><li>Blank Checks </li></ul><ul><li>Other Identifying numbers or info </li></ul>
  7. 7. <ul><li>12/20/03 Associated Press </li></ul><ul><li>Cancer Patient Accused Of Stealing Identities </li></ul><ul><li>Man Apparently Used Identities To Purchase Phones </li></ul><ul><li>LANSING, Mich. -- A cancer patient was charged December 18 with stealing the identities of other patients at a Detroit hospital, the Associated Press reports. </li></ul><ul><li>The Michigan attorney general's office charged Frank James Horton, 36, with one count of obtaining the personal identity information with the intent to unlawfully use the information, and one count of obtaining phone services with the intent to avoid charges. </li></ul><ul><li>Horton, who has been a patient at Karmanos Cancer Institute in Detroit, is accused of taking the identities between August 2002 and July 2003 and using them to obtain cell phones and telephone land lines. There were nine victims; some had their identities stolen, and Horton attempted to steal others, authorities said. </li></ul><ul><li>The investigation is ongoing and may result in further charges. </li></ul><ul><li>The attorney general's office received a complaint from a family member of one of the victims sometime in late summer or early fall after the person noticed bills that seemed out of the ordinary. The hospital's security staff was then able to determine how the information was being taken once they knew the name of the patient involved. </li></ul><ul><li>The facility put new security measures in place to prevent future identity thefts, but a hospital spokesman wouldn't provide details. The attorney general's office spokesman said he didn't know what information Horton obtained from the other patients, but it was enough to establish a phone account. </li></ul>
  8. 8. Facts <ul><li>9.9M victims in 2008 (up after 3 yr down-trend) </li></ul><ul><li>Total fraud costs up ($48B US) </li></ul><ul><li>$496 consumer cost per incident (down 31%) </li></ul><ul><ul><li>Faster detection, lower fraud amount, quicker resolution </li></ul></ul><ul><li>$4849 mean fraud loss per victim </li></ul>
  9. 9. More Facts <ul><li>But… faster use of stolen info </li></ul><ul><li>Still more offline than online </li></ul><ul><ul><li>43% lost/stolen wallets </li></ul></ul><ul><ul><li>11% online </li></ul></ul><ul><ul><li>13% “friendly theft” </li></ul></ul>
  10. 10. More Facts <ul><li>How your ID is being used: </li></ul><ul><ul><li>New Account Fraud – credit cards, loans </li></ul></ul><ul><ul><li>Account Theft </li></ul></ul><ul><ul><li>ID misuse </li></ul></ul>
  11. 11. What If... <ul><li>If you think your Identity has been stolen… </li></ul><ul><li>Contact one of the three major credit bureaus </li></ul><ul><li>Close suspect accounts </li></ul><ul><li>File a police report </li></ul><ul><li>File a complaint with the FTC </li></ul><ul><li>by phone and in writing! </li></ul><ul><li>(from the FTC website) </li></ul>
  12. 12. MN Law <ul><li>Identity Theft Law – § 609.527, 2006-07 </li></ul><ul><li>Defines penalties, restitution, reporting </li></ul><ul><li>Credit Freeze Law – SB 2002 </li></ul><ul><li>No fees if report filed </li></ul><ul><li>Others $5 to place or change freeze </li></ul><ul><li>www.consumersunion.org/pdf/security/securityMN.pdf </li></ul>
  13. 13. What Can You Do?
  14. 14. What Can You Do? <ul><li>Get your Credit Report </li></ul><ul><li>Look for, and correct, incorrect information </li></ul><ul><li>Three Credit Reporting Agencies: </li></ul><ul><ul><li>Equifax </li></ul></ul><ul><ul><li>Experian </li></ul></ul><ul><ul><li>TransUnion </li></ul></ul><ul><li>Other Credit alert services </li></ul>
  15. 15. Credit Reports <ul><li>Fair Credit Reporting Act (FCRA) provides for 1 free report from each of the 3 reporting agencies each 12 months. </li></ul><ul><li>https://www.annualcreditreport.com/ </li></ul>
  16. 16. Credit Reports <ul><li>You are also entitled to a free copy of your credit report if you: </li></ul><ul><li>Are unemployed and intend to apply for employment within 60 days. </li></ul><ul><li>Are receiving public welfare assistance. </li></ul>
  17. 17. Credit Reports <ul><li>You are also entitled to a free copy of your credit report if you: </li></ul><ul><li>Believe your file contains inaccurate information due to fraud. </li></ul><ul><li>Have had a denial of credit or insurance, within the past 60 days. </li></ul>
  18. 18. What Can You Do? <ul><li>Look at your bills </li></ul><ul><ul><li>Does the statement make sense? </li></ul></ul><ul><ul><li>Did you buy that? Did you shop there? </li></ul></ul><ul><ul><li>Did you not receive a bill for a card you own? </li></ul></ul><ul><ul><li>Did you receive a bill for a card you don’t own? </li></ul></ul><ul><li>Question it if something seems wrong. </li></ul>
  19. 19. What Can You Do? <ul><li>Care with Credit Cards </li></ul><ul><li>Separate credit cards </li></ul><ul><ul><li>one just for use online </li></ul></ul><ul><li>Cut up old cards </li></ul><ul><li>??? Don’t sign your cards - instead write “please ask for picture ID” </li></ul>
  20. 20. What Can You Do? <ul><li>Be Stingy with Personal Information </li></ul><ul><li>“ need to know” </li></ul><ul><li>don’t put SSN or other ID numbers on checks </li></ul><ul><li>phone or online request for your info - did you make the call? </li></ul>
  21. 21. What Can You Do? <ul><li>Shred it! </li></ul><ul><li>Credit card receipts </li></ul><ul><li>Utility and other bills </li></ul><ul><li>Unneeded medical forms </li></ul><ul><li>Pre-approved credit offers </li></ul><ul><li>anything else with ID numbers or personal info </li></ul>
  22. 22. What Can You Do? <ul><li>Weigh your Wallet (or Purse) </li></ul><ul><li>Don’t carry SS card or Birth Certificate except when needed. </li></ul><ul><li>Carry only the cards you need. </li></ul><ul><li>Try to minimize the personal info - but use common sense. </li></ul><ul><li>Know what’s in there </li></ul>
  23. 23. Do This! <ul><li>Make a copy of, or write down the info from all the personal identifiers in your wallet/purse and put it in a safe place at home. If your wallet is stolen you’ll know who to contact. </li></ul>
  24. 24. What Can You Do? <ul><li>Report Theft </li></ul><ul><li>If something gets stolen, report it! </li></ul><ul><ul><li>You need to know who to call! </li></ul></ul><ul><li>Timely reporting will help you later </li></ul>
  25. 25. What Can You Do? <ul><li>Use care online </li></ul><ul><li>Don’t email personal information </li></ul><ul><li>Choose passwords without personal info </li></ul><ul><li>Use virus protection at home </li></ul><ul><li>Don’t “click here to unsubscribe” from spam - it verifies to the spammer that you exist </li></ul><ul><li>Online shopping – reputable vendors </li></ul><ul><li>Delete doesn’t really delete </li></ul>
  26. 26. Phishing
  27. 27. Phishing <ul><li>Looks real, but rarely is </li></ul><ul><li>From a familiar business (not) </li></ul><ul><li>May threaten to close account, warn of fraud or virus </li></ul><ul><li>Legitimate businesses will not ask for your private info via email </li></ul><ul><li>Vishing </li></ul>
  28. 28. Phishing
  29. 30. Phishing <ul><li><IMG src=&quot;http://pics.ebaystatic.com/aw/pics/x.gif&quot;> </li></ul><ul><li><P>Please sign in to your eBay account and update your billing information:<IMG src=&quot;http://pics.ebaystatic.com/aw/pics/x.gif&quot;> </li></ul><ul><li><A href=&quot; http://www.account-info.ne1.net /&quot;> http://signin.ebay.com/eBayISAPI.dll?SignIn&amp;ssPageName=h:h:sin:US&quot; &gt; </li></ul><ul><li>Note: ne1.net is in Denmark </li></ul>
  30. 34. Phishing <ul><li><a href=&quot; http://update.llimited-service.com/images/SignOn.htm &quot;> </li></ul><ul><li>https://hb.affinityplus.org/SignOn.html </a> </li></ul><ul><li>Note: the domain llimited-service.com has been removed from the Internet! </li></ul>
  31. 35. What Can You Do? <ul><li>ID Theft Insurance </li></ul><ul><li>Does not prevent ID Theft! </li></ul><ul><li>Does not cover theft expenses </li></ul><ul><li>Covers out of pocket credit repair expenses </li></ul><ul><li>May help with credit repair activities </li></ul><ul><li>Included in some homeowner/renter policies </li></ul><ul><li>Some consumer advocates say not worth the money </li></ul>
  32. 36. What Can You Do? <ul><li>Be stingy with personal information </li></ul><ul><li>Online personal info can be removed by request - yahoo.com, white pages, etc. </li></ul><ul><li>Facebook/Social Networking </li></ul><ul><li>IM (Instant Messaging/chat) </li></ul><ul><li>Close old, unused accounts </li></ul><ul><li>Opt-out and Do Not Call - see the info sheet </li></ul>
  33. 37. What Can You Do? <ul><li>Watch your Postal mail </li></ul><ul><li>Pick up new checks at the bank, don’t have them mailed. </li></ul><ul><li>Don’t mail checks from home mailbox. </li></ul><ul><li>Pick up your mail promptly. </li></ul>
  34. 38. What Can You Do? <ul><li>Know who’s listening or watching when... </li></ul><ul><li>Providing personal info over the phone. </li></ul><ul><li>Entering a PIN/password. </li></ul><ul><li>Writing down personal info/filling out forms. </li></ul><ul><li>You don’t need to be paranoid… just aware. </li></ul>
  35. 39. What Can You Do? <ul><li>Don’t fall to Social Engineering </li></ul><ul><li>Email/phishing scams </li></ul><ul><li>Phone call for money/donations, or join a list – check into it! </li></ul><ul><li>Letter indicating something that is too good to be true… </li></ul>
  36. 40. What Can You Do? <ul><li>You’ve done all that you can </li></ul><ul><li>but... </li></ul>
  37. 41. <ul><li>Hackers breach Heartland Payment credit card system </li></ul><ul><li>By Byron Acohido, USA TODAY, Feb. 2009 </li></ul><ul><li>Heartland Payment Systems (HPY) on Tuesday disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants. </li></ul><ul><li>Tech security experts said the breach could set a record. Retail giant TJX lost 94 million customer records to hackers in 2007. </li></ul>
  38. 42. What Can You Do? <ul><li>Reduce – your Identity Exposure </li></ul><ul><li>Record – monitor bills and credit reports </li></ul><ul><li>Report – problems or suspected fraud </li></ul>
  39. 43. <ul><li>Discussion? </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×