Identity Theft
Protection Guide

1.866.436.5461
www.idtheftsupportcentre.org
Canadian Identity Theft Support Centre
Preventing Identity Theft: A Guide
							
Page
	
• Introduction							
1
• What Is...
Introduction
Although you can never protect yourself
entirely from identity theft, you can take
steps that will minimize y...
How do identity thieves
get information about
their victims?
Identity thieves use many methods to
gather personal informat...
How do identity thieves
use this information to
commit identity fraud?
Once they have enough information to
pretend to be ...
4. Review your bank and credit card
statements carefully when they arrive and
report immediately any activity you do not
r...
pay for services. Cover the pad when
entering your PIN.
5. When selecting service providers to
whom you will be entrusting...
5. Don’t post information on your blog,
social network profile or website that
could be useful to an identity thief. See
a...
Smartphones

Finally….

1. Use the same precautions as when
using your home computer online (see
above). Install security ...
Upcoming SlideShare
Loading in …5
×

General Protection Guide - Canada

199 views

Published on

company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.

Published in: Education
2 Comments
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
199
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
2
Likes
0
Embeds 0
No embeds

No notes for slide

General Protection Guide - Canada

  1. 1. Identity Theft Protection Guide 1.866.436.5461 www.idtheftsupportcentre.org
  2. 2. Canadian Identity Theft Support Centre Preventing Identity Theft: A Guide Page • Introduction 1 • What Is Identity Theft 1 • What Do Identity Thieves Want? 1 • How Do Identity Thieves Get Information About Their Victims? 2 • How Do Identity Thieves Use This Information To Commit Identity Fraud? 3 • Who Are Identity Thieves? 3 • Reducing The Risk: How Can I Avoid Becoming A Victim? 3 • At Home 3 • Out And About 4 • Transacting With Other People And Businesses 4 • Protecting Your Computer 5 • Online Activity 5 • Online Shopping 6 • Smartphones 7 • Tell Your Friends And Family 7 Canadian Identity Theft Support Centre 1.866.436.5461 www.idtheftsupportcentre.org entity theft
  3. 3. Introduction Although you can never protect yourself entirely from identity theft, you can take steps that will minimize your chances of becoming a victim. The information below is designed to help you protect yourself from this crime. What is identity theft? We use the term “identity theft” to mean not just the stealing of personal information, but also the fraudulent use of that information to access your bank account, credit card or other account without your authorization, to obtain loans, services, government benefits, employment or other benefits in your name, or to evade authorities by assuming your identity. Both “identity theft” and “identity fraud” are criminal offences in Canada. Related activities such as redirecting mail and selling fraudulent identity documents are also criminal offences. The damage to victims of identity theft varies widely, from mere inconvenience such as having to replace a credit card, to financial and personal devastation. Victims may even be arrested for crimes committed by an impostor. Given the potential consequences of identity theft, it is worth making an effort to avoid becoming a victim. 1 What do identity thieves want? Most identity thieves want money. Some want employment or free services. Others want to evade authorities. In all cases, identity thieves pretend to be other people in order to achieve their goals. The types of information most useful to identity thieves are: 1. Full Name and Address 2. Date of birth 3. Social Insurance Number 4. Drivers Licence number 5. Passport number 6. Other government-issued ID numbers 7. Student ID numbers 8. Credit card, debit card, bank account and other financial account numbers 9. Typical passwords or security question answers – e.g., mother’s maiden name 10. Information about your family, work and personal life
  4. 4. How do identity thieves get information about their victims? Identity thieves use many methods to gather personal information about their victims that they can then use to commit identity fraud. These methods include: 10. Surreptitiously installing spyware on your computer that gathers information such as your passwords Thieves can also gather your information from other sources that you cannot control, such as: 1. The garbage of corporations with whom you do business or government agencies 1. Stealing your wallet, purse, cheques or mail 2. The computers and databases of corporations and governments 2. Gathering information from records in your home 3. Unintentional security breaches of corporations and governments 3. Sifting through your trash to find useful information such as account details 4. Websites that have information about you posted on them 4. Posing as a legitimate company by email, over the phone or at your door and asking you for your account information (this is called “pretexting”, or if done by email, “phishing”) 5. Employees of corporations or government who are fooled into providing your information to the imposter 5. Taking your credit card or debit card out of your sight and “skimming” it (i.e., capturing the information on it via a special device) 6. Employees of corporations or government who are part of a criminal ring or who are bribed to provide your information to criminals 6. Watching you enter your pin or password 7. Eavesdropping on insecure wireless communications 8. Gathering information about you from social networking sites, blogs, online ‘payday loan’ applications, and other online sources 9. Hacking into your computer via a virus or other method 2
  5. 5. How do identity thieves use this information to commit identity fraud? Once they have enough information to pretend to be you, identity thieves can do all sorts of damage to you and your financial and personal reputation. Such damage includes (but is not limited to): 1. Making charges on your credit card or debit card (bank account) 2. Using, altering, or copying your cheques and drawing money from your bank account Who are identity thieves? Just as there is no typical victim of identity theft, people who engage in this criminal activity range from family members with no criminal history to international crime organizations. Depending on the nature of the crime, the fraudster could be someone you know or an anonymous criminal operating from another part of the world. There is no typical identity thief. REDUCING THE RISK: How can I avoid becoming a victim? 3. Opening up new credit card, cell phone or other accounts in your name and running up bills without paying them There are many things you can do to minimize the risk of identity theft. The following are some of the most important: 4. Sending a change of address to creditors to divert your mail so that you don’t notice the unauthorized bills mounting up At Home 5. Obtaining loans (even mortgages!) In your name 6. Transferring title to property from you to them 7. Getting a tax refund or other benefit in your name 8. Leasing an apartment in your name 9. Getting a job in your name 10. Pretending to be you when arrested by police 3 1. Keep identification documents in a safe place at home and only take them with you when you need them. Consider storing important documents that you use infrequently in a safety deposit box at a bank. Keep copies of your passport, birth certificate and other government-issued ID in separate files (for reference if you lose the original). 2. If you have an unsecured mailbox, pick up your mail as soon as possible after delivery. If you are going away, stop delivery or arrange for someone to pick up your mail. 3. Be aware of when your bills normally arrive in the mail and if they don’t arrive, contact the bank or creditor and find out what happened.
  6. 6. 4. Review your bank and credit card statements carefully when they arrive and report immediately any activity you do not recognize as your own. 5. Keep financial records in a safe, secure place. Don’t leave them lying around the house. Shred (or burn) old records once you know that you won’t need them for tax or other purposes. Use a crossshredder to ensure that thieves cannot piece together any information from the garbage. 6. Order a copy of your credit file from the two Canadian credit bureaus (Equifax and TransUnion) annually and review it carefully to confirm that no one has been applying for credit or incurring debts in your name. Checklist of documents you should keep secure • Credit card statements • Bank and other financial statements • Insurance policies • Medical documents • Tax records • Government benefit statements • Passport • Legal documents • Wills Out and About 1. Don’t carry identification documents (e.g., birth certificate, passport, SIN card, health card) or blank cheques in your wallet, purse or otherwise with you unless you need them. 2. Don’t store unnecessary personal information on your smartphone or other handheld device. Password-protect your mobile devices with a strong password that can’t be guessed by someone else. Transacting with other people and businesses 1. Don’t give any information about yourself or your accounts to anyone over the phone, through the mail or over the Internet unless you initiated the contact. Unsolicited requests for your personal information are likely to be scams. If the caller (or message) asking you for information purports to be from your bank or another institution with which you do business, hang up and call the institution yourself using the phone number on your account statements, and ask if they were trying to contact you. 2. Don’t give your Social Insurance Number unless it is required by your employer, financial institution or the government. Other businesses don’t need it and cannot legally insist that you provide it. 3. Never use a cheque to pay someone you don’t know and trust. Instead, use cash, credit card, debit card, money order or bank draft. 4. Don’t let your debit card or credit card out of your sight when using them to 4
  7. 7. pay for services. Cover the pad when entering your PIN. 5. When selecting service providers to whom you will be entrusting your personal information, look into their privacy policies and their track records with respect to data security. Don’t do business with a company you can’t trust to keep your personal information confidential and secure. Let companies know that this is important to you. Protecting Your Computer 1. Set up your computer with a username and password that you have to enter each time the computer is turned on and after a certain period of inactivity. Only let people you trust know your password. Passwords should be at least 8 characters long and include a mix of upper- and lower-case letters, numbers, and/or non-alphabetical characters. Do not use easilyavailable information such as your mother’s maiden name or your birth date. 2. Do not store passwords on your computer. 3. Ensure that all computers you use to connect to the Internet are protected by both a firewall and anti-virus software. 4. Keep your computer’s anti-virus software current: set it to update and scan regularly, and don’t let your subscription lapse. 5. Turn off your computer when it is not 5 in use. When your computer is shut off it is also disconnected from the Internet, preventing access to potential thieves. 6. If you use a wireless system to connect to the Internet, you should take extra precautions against unauthorized access. Install a Virtual Private Network (VPN) or other proven system to encrypt the data moving to and from your computer so that it is unreadable. Online Activity 1. Use strong passwords to protect your financial accounts if you access them online. 2. Do not open e-mail messages or attachments if you do not recognize the name of the sender. Delete them immediately. Even messages from people you know can be dangerous if they are caused by computer viruses. If the message seems strange, do not respond to it. Attachments are most dangerous – they can carry spyware that lodges in your computer and sends your personal data back to the criminal who can then use it to perpetrate identity theft. 3. Do not download files unless you are certain that they are safe (e.g., by running them through your anti-virus software). Other people’s computers may be infected and used to send harmful viruses and spyware to your computer through email or downloads, even if the other person is unaware of the infection. 4. Do not activate “pop-up” windows that appear unexpectedly on your computer. Just like email attachments and downloads, they may contain viruses or other malicious software.
  8. 8. 5. Don’t post information on your blog, social network profile or website that could be useful to an identity thief. See above for a list of information most useful to identity thieves. 6. If you engage in social networking online (e.g., Facebook, MySpace), set your privacy settings to the highest level; don’t just accept the default settings. Use a nickname rather than your official name. Don’t accept invitations to connect with people you don’t know. 7. Read the fine-print of Applications (“Apps”) before you install them on your computer. If the App requires access to more personal information than it needs, reconsider whether you really want to install it. 8. Connect only to wireless (Wi-Fi) networks that you absolutely trust. If/ when you use a wireless network, make sure that your communication is secure and disconnect from the network when you stop using it. 9. Limit your activities while using public Wi-Fi.  Avoid making online purchases or accessing email while using a public Wi-Fi zone.  Public Wi-Fi hotspots are targeted by hackers since they can give the hacker direct access to your mobile device. Online Shopping 1. Make purchases only from businesses that you know are legitimate. Some websites are designed for the sole purpose of stealing your personal information, especially credit card numbers. If you are unsure about the legitimacy of the business, research it via the Internet (to see what others say about it), call and ask questions to determine its legitimacy, or contact the Better Business Bureau to find out if it is a member. 2. Place orders only through secure websites. You can tell if a site is secure: if the web address begins with “https://” and the web browser displayi a locked padlock icon. https://www.paypal.co 3. Pay for online purchases only with a credit card or secure online system such as PayPal. Never pay with a cheque as cheques are easily copied and contain too much personal information. 4. Don’t store your credit card information or other personal information on shopping sites. While this makes future purchases from that site easier (because you won’t have to enter the same information each time), it puts your information at risk of being stolen from the site or exposed unintentionally through a security breach. 5. Read the fine print. Confirm that the business does not share your personal information with other businesses, or opt out of such sharing if necessary. You are legally entitled to “opt-out” of all non-essential use and sharing of your personal information. 6
  9. 9. Smartphones Finally…. 1. Use the same precautions as when using your home computer online (see above). Install security software specially designed for mobile devices and update it regularly. Double check URLs for accuracy. Don’t open suspicious links. Read the fine-print of applications before installing them. Make sure a site is secure (https) before giving any billing or personal information. Tell your friends and family about what they can do to prevent identity theft 2. Install a backup/wiping program that will back up the information on your mobile device to your home computer and “wipe” your phone if it is lost or stolen so that no data remains on the device itself. These services are available through device manufacturers and wireless service providers.  iPhones have a builtin “wipe” feature that if turned on will wipe the phone after 10 failed log-in attempts. For more information and tips on Computer/Online protection, see the companion CITSC guide entitled “Protecting Yourself from Online Identity Theft”. 7 If more people take these steps to prevent identity theft, criminals will find it more difficult to succeed and we will all benefit. Share the information in this publication with other people. Don’t be afraid to correct the habits of a friend or family member if you see they are being careless with their personal information. Your few words could save them a lot of grief.

×