Identiy Theft - Reducing Your Risk

There is a modern plague affecting millions of Americans each year - identity theft!   Personal information is easier to obtain than ever, and many are falling victim to America's fastest-growing crime.  The IT Compliance Institute claims that Cybercrime has become a $105 billion business, which surpasses the illegal drug trade, but people still don’t understand what a serious threat cybercrime can be. 

What is identity theft?
Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.

The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft.
The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not find out about the theft until you review your credit report or a credit card statement and notice charges you didn’t make—or until you’re contacted by a debt collector.

Identity theft is serious. While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record.  Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit.

Frances Green, a beautician from Jamaica, N.Y., discovered that the house she was about to buy had already been sold--to an ID thief posing as Green who, with a phony seller and fake lawyers, defrauded the mortgage company and ruined Green’s credit

Identity fraud has become a major element in crimes ranging from international drug trafficking to terrorism; Al Qaeda operatives in Spain used stolen credit and telephone cards and false passports and travel documents to open bank accounts and pay for travel and communication abroad, an FBI agent testified before a congressional subcommittee last year.

Many victims don’t learn of the crime for a year or more, only after something goes terribly wrong, because thieves often shield their actions by using a different address when they open new accounts in the victim’s name. Typically, federal laws cap monetary losses to consumers, but even in routine cases, it takes victims two years on average to clear their names, according to the Privacy Rights Clearinghouse, a nonprofit advocacy group. Some victims say that during that time, they haven’t been able to get a car loan or a mortgage; they couldn’t even use their cell phone.

How do identity thieves get personal info?
Cyber criminals have a host of tools that they use to get your personal info.  With a little common sense and diligence these attacks are easy to thwart.

Phishing:  Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to protect yourself from phishing is to learn how to recognize a phish.

Phishing emails usually appear to come from a well-known organization and ask for your personal information — such as credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account.

In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.

Computer spyware, viruses and rootkits – Computer spyware can be installed on your computer without you even knowing it. When this occurs, every word you type and website you visit can be recorded and transmitted to a thief

How to protect yourself online

There are many simple ways to protect yourself while online.  While there is no “silver bullet” when it comes to online security the following are steps that will make it harder for the criminals to get your data and they will then move on to easier targets.  Here are 12 easy and cheap ways to protect yourself and reduce your online risks.

1.  Keep your computer updated

Keeping your computer up to date is the easiest and most significant way to protect yourself and your PC.  Everyday new software flaw and exploited are discovered.  Hackers can then use these flaws to take control of your system.   Software makers such as Microsoft regularly release patches that fix these flaws.  Having you PC up to date will prevent the majority of exploits taking advantage of your system.  Set your operating system and security software to update automatically.  If you are running windows and am not sure that windows is up to date you can go to http://update.microsoft.com and click express.  This will update you system for you.

2. Activate protection

   If you OS has a firewall,  spam blocker, or other building security software then make sure it’s turned on.  Vista has an adequate firewall built in.  For windows XP users ZoneAlarm make a great free personal firewall.  You can download it http://download.zonealarm.com.  Also activate any spam filtering or online protection offered by your ISP.  For example if you use optimum online they offer free Internet Security Package for subscribers.  You can go to www.optonline.net to get it.

3. Update your browser

   If you are using Internet Explorer 6 or earlier consider upgrading to IE 7.  IE 7 is more secure, better supported and Microsoft is not patching certain known security flaws with IE6.  You can download IE 7 at http://www.microsoft.com/windows/downloads/ie/getitnow.mspx.  Also consider installing and using another browser such as Firefox or Opera.  You may not be able to use them at all sites such as Stratus but they sites you do visit with them will have a much harder time installing spyware to your system.  IE 7 and Firefox notify you about known forged, or “phished” web site.  You can download Firefox at http://www.getfirefox.com

4. Run antivirus software

   Having an antivirus software is absolutely necessary in today’s world.  It actually works and you need it.  You also have to keep it updated and not let your subscription run out.  An AV program with definition from 2004 will not protect your PC – set it to auto update.   A single virus can ruin your day as require you PC having to be rebuilt.  Optimum offers free AV software to subscribers.   AVG also makes a great free scanner.  You can download it at   http://free.grisoft.com

5. Run 2 anti-spyware programs

Spyware is so insidious and hard to detect that it warrants double protection.  No one program can detect and remove all of it.   Windows users can download Windows Defender from Microsoft for free and set it to auto run. http://www.microsoft.com/athome/security/spyware/software/default.mspx
Adaware www.lavasoftusa.com and Spybot S&D http://www.safer-networking.org/en/index.html are also two free programs that you can use.  If you suspect that you have spyware installed then you should scan you PC with at least two of them.

6. Install a security toolbar

A toolbar is an add on to your browser.  It can be a helpful second line of defense and they provide a scam and popup blocker, spyware scan and homepage protection.  They also can let you know whether the site you are on is a phishing site.  Some good free ones are the Earthlink toolbar www.earthlink.net/software/free/toolbar, Windows Live toolbar at , www.microsoft.com,  the Google toolbar at http://toolbar.google.com/T4/index_pack.html and the Netcraft  antiphishing toolbar at http://toolbar.netcraft.com.  You should only install one in a browser.

7. Public PC and hotspots

   Use public computers with care.  Avoid using computers at libraries, hotels or airports for conducting financial of personal business.  You also need to be careful of using  your own PC on a public wireless network.  In a public wireless network a hacker can easily intercept your traffic and data.  A public PC can have keyloggers or other software which will also intercept and store your personal data.  Only use these PCs for generic tasks.

8. Be careful of what you download.

The million of free games and utilities can be useful but many are laden with spyware and viruses.  Try to download from only trusted sites.  Two great site for free software are www.download.com and www.snapfiles.com

9. Security Suite

Security suites are not a necessity but they can be nice.  A well rounded security suite will provide you will all the protection above in one software package.  The downside to them is that they cost money and might slow down your PC some.  If you have a fast PC, don’t mind the cost and like the convenience of one piece of software then  a security suite can make your life easier.  The three top rated suites are Checkpoint ZoneAlarm at  http://www.checkpoint.com,  Trend Micro at http://www.trendmicro.com and McAfee at http://www.mcafee.com.

10. Avoid using hyperlinks in email

    Hyperlinks can show you one address but take you to another.  This is how many phishing attacks work.  Before clicking on links in web pages, hover your cursor over the URL and see whether the address that appears at the bottom of your browser looks as if it’s related to the website you  expect to visit.  Also instead of clicking on a hyperlink in an email, type the address in your browser manually.  This will prevent the email from redirecting you to a malicious website.

11. To thwart spammers use a disposable email address

Say you wanted to sign up for a free account, and didn’t want to give a valid E-mail address because it would get spammed into oblivion? To prevent spammers from harvesting you email you can use a disposable address on websites you might not trust.  A disposable email account is a free service that you temporary use to check an email.  For example I can use the email justshopping@tempinbox.com.  I would then go to teminbox.com and check the email for justshopping.  I never have o use the email again.  Two free services are Temp Inbox at www.tempinbox.com and  Mailinator at www.mailinator.com

12. Use https

All secure connections should use https in the address bar instead of http.  Example – https://www.citibank.com vs http://www.citibank.com.  Https tells the browser to encrypt you data – this protects against eavesdropping on your session.  When a https (also called SSL of secured socket layer) session is active your browser will display a lock in the lower right hand corner and you address bar might turn a different color such as green in IE7 or red in Firefox.

Although there are many initiatives then may make the internet a safer place in the coming years, much of the responsibility for protecting consumers falls on the consumers themselves.  “you need to be the one who is too much work for the criminals,” says William Yurek, a senior counsel for the U.S. Department of Justice.  By following these twelve steps you will have done just that.  You will also not only be protecting you identity and credit, you will also be protecting you PC and anyone else who uses it.