Cyber Security: How safe are we from identity theft?
Identity theft, a complex and ever-changing phenomenon, is one of the fastest-growing crimes in America. Identity theft is what happens when someone steals another person’s personal information, usually including his or her Social Security number, and uses that information to pass as that person. The information can be obtained from stolen mail, a stolen wallet, from messages left unattended on fax machines, or by hacking into computer databases, reading other people’s e-mail, intercepting cell phone conversations, or perusing the Internet. Twenty-five percent of identity theft cases involve telecommunications and the Internet. There are even Web sites (www.infoseekers.com, for example) that sell individuals’ Social Security numbers. Consumers must know how to use Internet technology safely to avoid falling victim to scam artists who often entrap their victims with legitimate-looking e-mails and Web sites.
Identity theft victims get little to no help from those who issued the stolen information in the first place. These include the Social Security Administra-tion, the Department of Motor Vehicles, credit grantors, banks and especially the credit bureaus. Local police departments are just beginning to expand their financial fraud divisions to respond to identity theft cases.
The Identity Theft and Assumption Deterrence Act of 1998 (18 USC 1028) makes identity theft a federal felony and provides for restitution for victims. Violations of this law are investigated by such agencies as the U.S. Secret Service, the FBI and the U.S. Postal Inspection Services. Crimes are prosecuted by the U.S. Department of Justice, which has established an identity theft clearinghouse within the Federal Trade Commission.
Contributors to Identify Theft
Automation is a major contributor to the problem. Almost everyone uses a computer for one purpose or another, including paying bills and shopping on the Internet. Identity thieves use the same medium to pilfer information from unsuspecting sites. Businesses’ automated answering systems that require callers to repeat their identity information over and over also leave room for “eavesdroppers” to intercept that information online. Ironically, after the caller talks to these devices, a human operator will come online and ask for the information to be repeated.
Poorly trained customer associates also contribute to the problem. Such associates will ask for your life history under the pretext that they want to identify you, only to inform you afterward that “we don’t handle such matters in this department but I will transfer you to the right department where you can talk to an associate. Invariably, the new associate will ask for the same information you supplied before, providing an opening for eavesdroppers. Entering your PIN multiple times at an ATM to conduct different transactions can aid an attacker bent on capturing your PIN number online. A good Single Sign-On (SSO), several of which currently are in use, would do the same job more efficiently.
Preapproved credit offers are another source of information for identity thieves. Credit grantors do not adequately check the identities of applicants before giving them credit, making it easy for the thief to get away with the crime.
While identity theft cannot be totally prevented, safe information handling practices go a long way. Steps you can take to reduce your risk include:
1. Once a year, check your credit report from all three credit-reporting agencies.
2. Guard your Social Security number. Try not to carry it with you.
3. Don’t write your Social Security number or driver’s license number on your checks or give them to anyone unless there is a valid reason to do so.
4. Properly destroy papers with identifying information before discarding them. Remove mailing labels from newspapers and magazines before recycling them.
5. Be suspicious of telephone solicitors. Never provide information unless you initiated the call.
6. Delete any suspicious e-mail requests without replying to them.
7. Use a locked mailbox to receive and send all post.
8. Reduce the number of preapproved credit card offers you receive by calling 888-5OPTOUT. (They will ask for your Social Security number).
9. If you live in a state that allows “Credit Freeze,” you may choose this option.
Sikiru Fadairo, Ph.D., is a CIS professor at Medgar Evers College (CUNY) in Brooklyn, N.Y. He may be reached at firstname.lastname@example.org