1 / 37

Identity Theft

Identity Theft. One of the Fasting Growing Crimes in America and Beyond. Objectives. Ability to define the term “identity theft” Ability to determine if someone has been a victim of identity theft and if so actions to be taken Ability to identify methods to prevent identity theft

yannis
Download Presentation

Identity Theft

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Theft One of the Fasting Growing Crimes in America and Beyond

  2. Objectives • Ability to define the term “identity theft” • Ability to determine if someone has been a victim of identity theft and if so actions to be taken • Ability to identify methods to prevent identity theft • Ability to identify resources for more information on identity theft

  3. Introduction – What is Identity Theft? • According to the Federal Trade Commission, Identity Theft is the fastest growing crime in America • Stealing someone’s personal information and using it to assume someone’s identity • The fraudulent use of personal information to open new accounts and/or purchase items using existing accounts

  4. Identity Theft – No Little Problem • Identity theft is one of the fastest growing crimes in America • "Identity theft is a big-ticket item in terms of money and time according to Howard Beales, director of the FTC's Bureau of Consumer Protection.” • Cost to consumers in 2002 • $5 billion in expenses • Cost to businesses in 2002 • $50 million [1] http://www.washingtontimes.com/functions/print.php?StoryID=20030903-095305-3951r 06/7/2004

  5. Identity Theft – A Federal Crime • The Identity Theft and Assumption Deterrence Act of 1998 made Identity Theft a federal crime. • Identity theft occurs when someone knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of the Federal law.

  6. How Personal Information is Gathered • Dumpster diving • Personal information, when stolen from your property either through dumpster diving or theft, provide a criminal with a wealth of information with which to open new accounts or use existing accounts

  7. Shredder – Necessary Equipment • To minimize your risk of identity theft, be sure to shred all unused convenience checks, credit card offers, credit card receipts, bank statements, pre-approved loan offers, and canceled checks

  8. How Personal Information is Collected Through Legitimate Business Records • Recently personal medical files for hundreds of patients were found discarded outside a medical clinic. Identity thieves could have used these files • Businesses are required by law to protect their client's personally identifying information and to discard these files safely • Thieves steal valuable personal information from customer files and personnel files

  9. Phishing • Creation of a phony web site pretending to be a legitimate company • Sending email to the victim impersonating (spoofing) a legitimate company • The criminal collects personal and financial information such as credit card and Social Security numbers

  10. Phishing Example • One recent phishing ploy spoofed an AOL web page. • The perpetrator had used authentic AOL logos and other genuine hyperlinks in the email message sent to the victims. • He told the victims that there had been a billing error. • It directed the victims to click on an embedded hyperlink, which when clicked took the unsuspecting user to a phony web page, that had been created to look much like the company's authentic web site, and from which the thief collected personal and financial information

  11. The Phony AOL Web Form http://www.millersmiles.co.uk/identitytheft/AOL-email-scam-1115521443a.htm

  12. Federal Laws Concerning Phishing • Identity theft - 18 U.S.C. § 1028 (a)(7) • Wire fraud - 18 U.S.C. § 1343 • Credit card or access device fraud 18 U.S.C. § 1029 • Bank fraud 18 U.S.C. § 1344 • Computer fraud 18 U.S.C. § 1030 (a)(4) • CAN-SPAM Act 18 U.S.C. § 1037

  13. Bank and wire fraud - up to 30 years in prison Identity theft and credit card fraud - up to 15 years in prison CAN-SPAM Act violations - up to 5 years in prison According to the U.S. Department of Justice, individuals convicted of these crimes may also face substantial fines and forfeiture of his/her property Federal Crime & Punishment

  14. Social Engineering • Con Game - tricking a person into revealing information • Memorizing access codes and passwords by shoulder surfing (looking over someone's shoulder as they log in ) • Pretending to be an employer, loan officer or landlord to fraudulently obtain your credit report

  15. Education Coalition on Online Identity Theft Padlock your credit file Check your credit report annually Share personal information only with people and companies you trust Make online purchases only with companies having secure connections Never give out your personal information over the phone unless you initiated the call. Never have your Social Security number printed on your checks How to Prevent Identity Theft

  16. Never leave personal information on your computer without having a firewall in place. After opening your mail, shred all unused credit card offers, unused convenience checks, and any other pieces of mail that include personally identifying information. Never keep passwords to financial data on your computer. Likewise never keep your ATM or credit card pin numbers in your wallet or your car. If either are stolen, the thieves have instant access to your accounts. How to Prevent Identity Theft Part Two

  17. Never use your mother's maiden name, the last four digits of your Social Security number, your birth date, your pet's name, or any other easily recognized letters and numbers as your pin number or passwords. If the amount of mail you normally receive drops suddenly; contact your post office to make sure no one has fraudulently filed a change of address card for your address. How to Prevent Identity TheftPart Three

  18. Review all credit card transactions each month when you receive your credit card statement. Shred all expired credit cards before putting them in the trash. How to Prevent Identity TheftPart Four

  19. How to Prevent Identity TheftPart Five • Install a locking mailbox to ensure the security of mail delivered to your home. • Mail all payments and other documents with personal or financial information from the post office or at a postal drop box, never from your mailbox. • Thieves may take your checks from unsecured mailboxes and bleach them so they may be used again.

  20. Prevention of Identity Theft by Education • People must be educated as to the value of information • They must be trained to protect information (even if the information they have access to appears to be of relatively low value) • People must be made aware of what social engineering is and how social engineers operate.

  21. Checking a Web Site’s Security Certificate • Check the security certificates for web sites from which you purchase products or do other financial transactions • Go to the web site and click on the VeriSign Secure Site link to verify that the security certificate is in the same name as the company. • If the company name listed there doesn't match the company owning the site, be wary of submitting financial information. Security certificates are sometimes held in the parent company’s name.

  22. Checking for Secure Web Sites • Check the URL (the web address) of the web site you are doing business with • Whenever you are entering your credit card information or other financial information when ordering online, the address should display https, rather than http, if you are connecting to a secure web site; ex. https://amazon.com/cgi-bin

  23. Checking Security Features When Using Netscape Navigator • To check the security in Netscape, look at the padlock in the lower right corner. • unlocked = not secure • locked = secure • To check the level of encryption, left click the lock in the lower right-hand corner of the page. A pop up window will appear and tell you whether or not the page you are viewing is encrypted and what type of encryption is being used.

  24. Checking Security Features When Using Internet Explorer • When using Internet Explorer as your browser, open the page whose security you want to check. • Right click on the page and then go to properties. • When you click properties, a pop up window will appear with information on the site's security.

  25. Call the Federal Trade Commission’s Identity Theft Toll-free Hotline (877 – IDTHEFT) Call all three of the major credit bureaus Experian - 1-888-397-3742 EquiFax - 1-800-525-6285 TransUnion - 1-800-680-7289 For identity theft involving student information or federal education funds, contact U.S. Department of Education, Office of Inspector General 1-800-647-8733 What to Do If You Become a Victim of Identity Theft

  26. What to Do If You Become a Victim of Identity Theft • File a police report as soon as possible • Contact your creditors for all affected accounts • "A "fraud alert" will be automatically placed on each of your credit reports within 24 hours. This alerts creditors to call you for permission before any new accounts are opened in your name. • Not all creditors pay attention to "fraud alerts." You need to stay vigilant for any new accounts that may be opened.“ [1] • [1] http://www.bankrate.com/brm/news/credit-management/identity-theft.asp 6/22/04

  27. What to Do If You Become a Victim of Identity Theft • Also make your complaints in writing, asking each creditor to provide you and any law enforcement agencies investigating the crime(s) with copies of all documentation that shows fraudulent activity. • By making your complaint in writing, you are documenting the time and date when you became aware of the incident. This may protect you from responsibility for additional charges.

  28. Fighting Identity Theft • Federal Trade Commission • Internet Fraud Complaint Center • U.S. Department of Justice • Identity Theft Resource Center (ITRC) • Operation E-con

  29. Federal Trade Commission • This federal agency, created in 1914 to eliminate unfair methods of competition and unfair or deceptive practices concerning commerce, is now focused on the growing threat of identity theft • 2003 - 42% of the complaints received by the FTC concerned identity theft. • Training seminars are available for investigators and prosecutors on how to access the FTC's Consumer Sentinel database, an identity theft resource, which can securely access the nearly 200,000 complaints filed before June 2002.

  30. Internet Fraud Complaint Center • A joint effort between the FBI and the National White Collar Crime Center that investigates complaints of fraud perpetrated on the Internet. • This organization acts a hub for complaints and can analyze data to quickly identify new Internet crime trends. • The IFCC also can then make referrals to the appropriate law enforcement agency.

  31. Internet Fraud Complaint Center • Complaints can be made 24/7, directly to the IFCC, using the online complaint form. Directions on how to file a complaint are found at: http://www1.ifccfbi.gov/strategy/howtofile.asp • Victims have come forward from 89 countries • Auction fraud accounts for almost two-thirds of all complaints received by the IFCC • Authentic Ebay addresses • http://cgi3.ebay.com/http://arribada.ebay.com/ • Phony Ebay addresses • http://signin.ebay.com@10.19.32.4/http://signin-ebay.com/

  32. How to Identify the Source of Email

  33. Identity Theft Resources • U.S. Dept. of Justice - http://www.usdoj.gov/ • Fraud Section • Identity Theft Resource Center (ITRC) http://www.idtheftcenter.org/index.shtml • FAQ's on identity theft • Contains alerts and information on new identity theft scams • Includes a guide to organizing an identity theft case

  34. Operation E-Con • A joint effort by the FBI, the U.S. Secret Service, the Dept. of Justice, the U.S Postal Inspection Service, the Federal Trade Commission along with National White Collar Crime Center (NW3C) and local and state law enforcement agencies aimed at prosecuting world wide Cyber Crime, including Identity Theft. • Prosecution of 130 subjects • 90 investigations involving 89,000 victims with estimated losses on nearly $200 million. [1] • [1]http://www.ifccfbi.gov/strategy/ifcc-econbrief.pdf. 6/23/04

  35. New Identity Theft Laws • Fair and Accurate Credit Transactions Act (FACTA) of 2003 • Free annual credit reports for consumers • Businesses are required to hide portions of credit card and social security numbers on receipts • Created a national fraud hotline so you only have to make one call to report identity theft

  36. National Listing of Identify Theft Citations & Penalties by State • The National Conference of State Legislatures (http://www.ncsl.org/programs/lis/privacy/idt-statutes.htm) • A comprehensive listing of citations and penalties listed alphabetically by state.

  37. California’s Changing View on Identity Theft • In California, "The law making Identity Theft a crime was enacted as a misdemeanor crime in 1998. • In 1999, the law was upgraded to an alternate felony/misdemeanor crime."[1] • [1] http://www.infolinkscreening.com/InfoLink/Resources/Articles/IdentityTheft.aspx 6/23/04

More Related