“If it sounds too good to be true, it probably is.”
If more consumers made this their mantra when faced with online identity concerns or financial decisions, there would be very few successful scams and rip-offs in this world. Unfortunately, that is not the case. Thanks to the Internet and quick and easy banking options, fraud and scams have been increasing exponentially around the globe in recent years.
I’d recently sat down with our IT Security Manager, Russell Nielsen, and asked him what he felt were the largest personal identity threats we face today and what he would suggest our clients do in order to keep their identities safe.
Rick Munster: If you were to reach out to our clients or potential clients and be able to offer pointers and suggestions regarding preventing identity theft what would they be?
Russell Nielsen: First, I would say if you are using wireless internet, don’t connect to hotspots that you aren’t familiar with or don’t know. A lot of times they can be used as man-in-the-middle attacks to steal your information. So, always be aware of that. Also be leery of the emails you receive and if you aren’t sure of where they came from or weren’t expecting them be sure to double check them before you actually send out any information or give them information that can be used, because a lot of times they’ll send out fake banking information or other various account information in order to get you to respond and send back personal information which in turn they can use to access your account.
Rick Munster: I see, it sounds like these attempts get more sophisticated every day. You mentioned man-in-the-middle attacks, what are they and how do they work?
Russell Nielsen: Basically, someone sets up a fake wireless network using a real wireless network. Usually, they call the network the same thing as customers would be used to at a particular location they may frequent or are passing through. For example, say you are at a Target or a local coffee shop that offers free WiFi, and as a customer you are familiar with seeing the names of their WiFi connections, the hacker will use something identical or very similarly named in order to trick you into believe you are connecting to a legitimate WiFi network, when in all actuality you are connecting to their network which in turn is operating off of the free WiFi, hence the name, man-in-the-middle.
Rick Munster: The danger of connecting to the hacker’s network would be?
Russell Nielsen: Anything that you type in, they’d probably use software to record your key entries, or just steal any of the traffic going between their networks and the legitimate network and access it unencrypted (unsecured) so that they could steal passwords, usernames or anything else that you’ve put into a site such as your bank account, credit card site, etc.
Rick Munster: So basically, if you go to a website and enter your username and password combination, they would not only know the site that you went to but the credentials you used to access it.
Russell Nielsen: That is correct, the hacker can essentially grab any information you’ve put on their network and use it against you.
Rick Munster: Any other last minute tips you can think of to help our clients avoid identity theft?
Russell Nielsen: Always be conscious of what you are doing online. There are very sophisticated ways a hacker can get your information. Be sure to second guess items that you receive in your email, when you search on the internet make sure you are visiting the page you want to be visiting by verifying the domain name is spelled properly (if not this can be a website geared at stealing your info) and always be certain the WiFi spot you are connected to is legitimate.
That concluded our discussion regarding what our IT Security Manager felt where some of the key areas for our clients to be mindful of when it comes to protecting their personal identity and information online.
We’ve included much more information as far as other ways an identity can be stolen as well as some warning signs to look for that may point to an identity being stolen and what can be done to fix it should it happen.
Scams and Rip-Offs
Here is a list of various types of scammers, with descriptions of what they attempt to do, as well as a few basics suggestions to help you avoid becoming their latest victim:
Pickpockets take your wallet or purse, not just for the money it may contain but to use credit cards and to steal your identity.
Tip: Minimize the credit cards and ID cards you carry on your person. NEVER keep your social security card in your purse or wallet.
Dumpster Divers rummage through outdoor trash bins to collect account numbers from bank and credit card statements, as well as any other personally identifying information they could use to open new accounts.
Tip: A good paper shredder is your best friend.
Shoulder Surfers spy on you at ATM machines and cashier stands to steal the PIN to your debit, ATM, or credit card.
Tip: Make sure others are not standing too close to you when you enter your PIN. Consider covering the keypad with your free hand. Never leave receipts in the machine or in the trash.
Skimmers use hand-held card readers to steal credit card data from stores, shops or restaurants.
Tip: Keep an eye on your card and on the cashier or server. Paying with cash is one sure way to avoid your credit card information being stolen.
Phishers call or send emails using some pretext to ask for your account information. Whether it’s to “confirm” your account information or to “notify you” that you’ve been approved for a credit limit increase, these scammers are good at getting us to divulge vital financial and identifying information.
Tip: NEVER give information about your credit card, bank account, social security, driver’s license or any other such records to someone who contacts you. Even if they already know your credit card number, that doesn’t mean they are actually from your credit card company. Always ask for their name and offer to call them back through the company’s customer service department.
Hackers get your information by monitoring your transactions with unsecured sites on the Internet.
Tip: Make sure that any site asking for credit card or bank account information is secured. There are two ways of knowing that you are on a secured site. First, if the site’s URL (the address usually found at the top of your browser) starts with https (and not just HTTP), then the “s” indicates it’s a secure page. Otherwise, look for a small “lock” icon at the bottom of your browser, next to the Internet icon of the world. The icon looks like a padlock or key lock. If both the secure URL and the secure icon are missing, do not submit any financial or personal information to the website.
Flaggers steal your mail, looking for bank and credit card checks, statements and even credit card offers to use. They can “wash” your ink from outgoing checks and then rewrite their own information to cash in. They can also use card offers to open accounts with your personal information but at another address.
Tip: NEVER put checks in your mailbox unless it can be locked. Putting the red flag up can literally an indication to these scammers to take what’s in your mailbox. If you don’t have a locking mailbox, drop your outgoing mail in a US Postal Service blue mailbox. Or, better yet, make your payments online directly with the creditor (just read the Hackers paragraph above first).
Directors complete and submit a change-of-address form with the US Postal Service to redirect your mail or their bills.
Tip: If you notice that bills are missing, check with your creditor to verify the address. Notify your local post office if you suspect that your mail has been fraudulently redirected.
Posers introduce themselves to you (at the door, online or otherwise) as your landlord or someone else who has a lawful right to certain information or even to enter your home.
Tip: If you don’t know them, don’t let them in, especially if their visit is unexpected. You should certainly never give personal or financial information to someone knocking at your door or chatting with you online. Call their main office to confirm what they are saying. If you’re still uncertain, ask them to set an appointment and take the time to investigate their claims.
Insiders buy information from an inside source or get it from your personnel records at work.
Tip: While you can’t do much about preventing many types of insiders, you can minimize the possibility of being one of their victims. Many “insiders” turn out to be neighbors or even family members. Don’t leave financial information in places where visitors or family members may easily find it. There is a disturbing and growing trend of both parents and adolescent or young adult children using the personal information of family members to open credit cards and other accounts for their own personal use.
UNIVERSAL ANTI-FRAUD TIP:
Check your credit report regularly by visiting www.AnnualCreditReport.com every four months or so to get a free, no-strings-attached credit report from one of the three main nationwide credit bureaus. Dispute directly with the credit bureau any item that you don’t recognize or that may be in error.
If you become a victim of identity theft, see the Federal Trade Commission’s site on fighting back at IdentityTheft.Gov.
Possible Warning Signs of ID Theft:
- Change of Name or Address on an Account
- Missing Bills or Statements
- Change of Account Terms
- Unrecognized Accounts on Credit Report
- Unexpected Credit Denial
How Can I Protect My Identity?
An ounce of ID theft prevention is worth a pound of ID theft cure:
- Remove mail from your box promptly and mail items at the post office or from secured letter boxes.
- Guard your credit cards. Sign with permanent ink. Leave in a secure place at home.
- Pay attention to billing cycles. Call a creditor immediately if you notice a change.
- Safeguard personal information (including passwords and PIN’s) in your home.
- Request fraud alerts if necessary.
- Check your credit report for errors regularly at AnnualCreditReport.com.
- Shred documents going into trash or recycling.
- Be careful about giving out personal information.
- Consider opting out of pre-approved credit card offers at 1-888-567-8688 or by visiting OptOutPrescreen.com.
Check out our post entitled How to Identify and Avoid Phishing Emails for more information on keeping your identity safe online.
Also, read How to Avoid ATM Skimming for information about protecting your banking information.
Do You Have Questions About How You Can Protect Your Identity?
Comment Below and We’ll Answer as Quick as We Can!
We actively check our articles and blog posts for new comments and make it a priority to respond quickly.
So if you need more information on how to keep your identity safe or have any other questions about your personal finances, please feel free to comment below and we’ll get back on and answer as fast as we can!