As we continue our series on Scams Targeting Seniors and eSecurity in general, a post about identity theft seemed smart.
Protecting your identity and sensitive data is paramount. Consider David B. Dahlstrom, a Salt Lake City locksmith who lived a 17-year, identity theft nightmare. In his case, the ordeal ultimately landed the perpetrator in court, however, from 1990-2007 Dahlstrom’s world was up-ended. His credit rating was trashed and his identity was used to commit an extensive list of criminal activities, including: vandalism, burglary, leaving the scene of an accident and making a bomb threat – just to name a few.
Why bring up a nearly twenty-year-old case of identity theft? Because, by today’s standards, the level of chaos inflicted on a person’s life over the course of two decades, can now be done in the space of an hour. Since 2007 the profit in identity theft and the computer power behind this criminal enterprise has led to a 40% increase in hacking, skimming and phishing – key components in identity theft. This, per the ITRC the Identity Theft Resource Center, a non-profit organization established to support victims of identity theft.
Hacking, Skimming & Phishing – Oh, my!
For anyone reading this and wanting quick reminder of the definitions, here you go:
Hacking – As related to this discussion, hacking is the use of a computer for unauthorized access to a system and the data within. White-hat hackers use their skills to break into protected systems to assess security, test systems and identify areas of vulnerability so they can be addressed before black-hat hackers (the bad guys) have a chance to find weak points and exploit them. That’s hacking.
Skimming – When crooks capture sensitive personal data electronically via a small device (called a skimmer) that scans and retains credit card and ATM card info stored on the magnetic strip, as well as PIN numbers and other keyed-in data, retailer and bank information for fraudulent activity or identity theft. That’s skimming.
Phishing – When an email, phone call or other electronic communication appears to come from a legit business but is fraudulent and used to obtain personal information for the purpose of identity theft or other criminal activity. THAT would be phishing!
In our last post, we looked at 5 Ways to Protect Seniors from Scams and sets a solid foundation to some of the things covered in this post. If you missed it, here it is.
Personal Identifying Information – Always Guard
If asked via a phone call or in-bound email to state or verify personal info – say NO!
Even if someone claims to be from the IRS – say NO!
Ask for their name, company name and phone number. While they will likely not give it to you and pressure you to stay on the phone – hang up!
You can always call the IRS, your bank, or whatever other company back on a number that YOU know belongs to that company.
If they give you one – do NOT call back the number they give you!
Assume it’s a scam if they ask you to provide or confirm the following:
- Social Security Number
- Your full name – “name as it appears on card”
- Your nickname
- Current address
- Old addresses
- Phone number
- Email address
- Previous email addresses & phone numbers
- Date of birth
- Employers – past and present
- Your financial institutions
- Financial & medical account numbers – checking, savings, retirement, investment, debit and credit cards, and debit cards, doctor’s office portal, etc.
- Online account info – username, account numbers and passwords
- Drivers license number
- Passport number
- PIN / personal ID numbers for banking and other accounts
- Answers to standard security questions – mother’s maiden name, where born, first pet, street where you lived, elementary school, etc.
- Credit card info – account numbers, security code, expiration date and your name as it appears on the card
- Credit card billing address
- Club memberships
- Professional organizations
While some of this data may already be in the public record, you never want to confirm or verify this personal information for anyone who initiates a call or email to you!
Do This Instead
- Find a phone number to the company that contacted you. Do this via your own paperwork or online search.
- Use the number YOU find to call whatever company it was that contacted you.
- Make sure all is fine with your account and set your mind at ease.
- Ask them to place a note in your account that you called and the reason why you called!
- If things are fine with your account, ask to speak to someone in their fraud department and alert them to what occurred.
When in doubt, confer with a tech-savvy friend or relative and ask for help!
In Part 2, we look at why identity theft happens, learn who is at risk and review ways to make yourself less attractive to would-be identity thieves. How to Protect Yourself – Identity Theft – Part 2
This blog contains general information and is not meant to apply to a specific situation. Please seek advice of counsel before proceeding as each case is unique.