Understanding Identity Theft

Identity theft is growing at alarming rates. Typically identity theft has been more of a criminal concern than an intellectual property concern, but stealing someone’s identity is really akin to many intellectual property violations. The nature of identity theft is similar to infringement of the right of publicity, and also similar to other intellectual property wrongs in that what is being taken is not a tangible piece of property, but information that is then used to deceive and fraud. It is critical to realize, however, that there are things that you can do to protect yourself, and your number 1 asset – your good name. Like a trademark that has been damaged by scandal, repairing your good name is not easy, so prevention is the key. 

While identity theft is related in ways to hacking, it is not necessarily strictly a hacking crime. As Earthlink and PayPal have learned, identity theft can be accomplished through scams and deceptions without any need for an intrusive computer invasion. Both Earthlink and Pay Pal customers have had numerous e-mails sent to them requesting that the company has experienced computer problems and needs all of its customers to fill out a form. This technique is what is known as “phishing.”

By now virtually every financial institution has likewise been targeted. The way it works is mass bogus e-mail forms are sent to millions of e-mail addresses asking the customer for such sensitive information, such as your password, credit card number, social security information and more. You may have noticed from time to time you receive these e-mails, which claim to be from financial institutions that you have never used. That is, of course, a signal that it is a phishing e-mail, but with so many people having accounts online, it doesn’t take much of a response rate to score big for the scammers. The worst part is that these e-mails appear to come from the company itself (although they do not). Because buying bulk e-mail address is so cheap, and sending e-mails is free, phishing continues to be a growing epidemic.

As greater numbers of people become familiar with and rely upon Internet communications and electronic commerce we can only anticipate that identity theft will continue to rise. The days are not gone where identity criminals will dive through dumpsters in search of credit card bills and the like, but as criminals become more sophisticated in the use of computers and the Internet we can expect to see growing numbers of these bogus e-mails and other similar forms of electronic deception. Nevertheless, it is still wise to take every precaution possible to protect your own identity in the real world as well.

Simple Suggestions

In order to protect your identity here are some simple suggestions:

1. Do not respond to any e-mail that asks you for sensitive personal information. Reputable companies are never going to ask you for your username, password, credit card number, social security number or any other sensitive information via e-mail.

2. If you receive an e-mail from an institution where you have an account saying that they need you to provide updated information, for whatever reason, be suspicious. These e-mails will normally look official and contain a link you can click on to provide the information. You will be sent to a website that looks exactly like the institution’s website, but it will not be their website. When you get such an e-mail contact the institution to verify the message is real. Alternatively, simply go to the URL you normally use to log on to your system and update your information. Do NOT follow the e-mail links provided!

3. When you are done using a website, such as a banking website, always be sure to sign off or log out, as the case may be. You should also close the browser window you were using.

4. Do not use public computers to access an online account.

5. Do not use the same username and password for all of your accounts. If you use only one username and password, if your username and password are compromised all of your accounts could be in jeopardy.  Additionally, do not use “password” as your password. By now this is something that most people know, and few institutions will even permit. Nevertheless, many people still use “password” for personal computer access or e-mail.

   Do not use a password that is easily associated with you. Those who would steal your identity in the real world will likely know more about than you suspect. Try and pick something unique, but memorable.  Moreover, unless you absolutely have to, don’t write your username and password down, and do not keep them stored on your computer.

6. Be sure to have your computer operating system set up to require a password be entered at the welcome screen. This is essential if you have a laptop, but also strongly recommended for desktops as well. Also, for those with roommates, particularly in a college dorm, you should also consider setting the operating system up so that when the computer is inactive for a period of time it will become locked, once again requiring a password at the welcome screen. This can be done through the Screen Saver tab in the Display folder.

7. Purchase a shredder and shred sensitive real world mail, credit card checks you won’t use and unsolicited credit card offers.

8. Periodically check your credit reports to make sure that there is no unauthorized activity. To do this you can visit Experian, Equifax and TransUnion. Everyone is also eligible to receive a free copy of their credit report every 12 months. To do this, however, you must visit AnnualCreditReport.com.

9. LifeLock
   
   If you want to be extra cautious, you might find it useful to engage the services of a company such as Life Lock is a company I recently came across after hearing a radio ad. They have a system in place that puts the credit bureaus on notice that they should not authorize access to your credit report without verification from you via telephone. They also claim to be able to stop junk mail, including free credit card offers (the source of a lot of real world identity theft). They have a $1 million guarantee, and the CEO publishes his Social Security Number on the site, so he must think it works. The service costs about $10 a month. 

Identity Theft Resources

FTC Identity Theft Page – This site is maintained by the Federal Trade Commission. The site is update often, with more information added regularly as it becomes available. Information contained on this FTC page includes government reports and Congressional testimony, law enforcement updates, and links to other sites with helpful information about identity theft.

Safeguard your Social Security number – Protect yourself from identity theft by keeping a tight rein on your Social Security number. Only a few organizations have the right to demand it. Here’s how to fend off the rest.

Identity Theft and Fraud – This page is maintained by the United States Department of Justice. It contains information on what the DOJ is doing to fight identity theft, what you can do to avoid identity theft and what actions to take if you are the victim of identity theft.

When Someone Misuses Your Number – by the Social Security Administration – When someone misuses your number, it generally means they’re pretending to be you–they assume your identity. And when someone pretends to be you, they can wreak havoc with your life.

Identity Theft Resources – By Privacy Rights Clearinghouse – A comprehensive list of links to identity theft information.

Fight Identity Theft – The goal of Fight Identity Theft is to make you more aware of the risks of identity theft and to present clear steps you can take to protect yourself. In addition, I try to present all of this information with a clean, crisp site design, navigation, and writing style.

Identity Theft Resource Center – ITRC is a nationwide organization dedicated to developing and implementing a comprehensive program against identity theft -by supporting victims, broadening public awareness, disseminating information about this crime and decreasing the potential victim population.