Identity Theft: Criminal Behavior Meets the Information Age
2004-08-20 - informit.com
There was a time when your name meant everything. In some cultures, your name reflected your lineage: If you were David, John's son, your name was David Johnson. In other cultures, your last name might reflect your occupation (Carpenter, Smith, Mason). As our societies have evolved, names have become a way of identifying who we are.
Enter population explosion.
Today, your name is probably not unique. Even those of us blessed with uncommon names still run the risk of bumping into another John Jacob Jingleheimer Schmidt—after all, his name is my name, too.
So how do we differentiate ourselves in the Information Age? Identification numbers? If you were born (or work) in the United States, you have a social security number (SSN). This magical nine-digit number serves as a way of uniquely identifying you, so that you get the benefit of your good name, so to speak, when it comes to credit and financial information.
But what happens if that number falls into the wrong hands? With your SSN, someone could falsify other basic forms of identification, and cash in on your good name, your line of credit, your bank account balance, and more. Unfortunately, such identity theft is on the rise.
Disclaimer: The content of this article is provided for informational purposes only. The author of this article is not a lawyer, and nothing here should be construed as legal advice. For all questions regarding legal matters, you should consult an attorney, not the World Wide Web.
The keystone of American identification is that all-important social security number. Because you can't (legally) work in the U.S. without one, it has been adopted as the de facto identifier for all matters financial. It's used by the government to identify you for tax and retirement purposes, by your employer, and by national credit agencies that assess your creditworthiness.
At the heart of keeping your identity safe is keeping your SSN safe. Here are a few tips to help make sure that your SSN doesn't fall into the wrong hands:
Don't carry your Social Security card. Only your employer and a few government agencies will ever need to see your actual Social Security card, so don't keep it in your wallet. Keep it at home, in a safe place. Should you ever lose your wallet or purse, you won't have to worry about replacing your actual Social Security card or having it fall into the wrong hands.
Don't give out your social security number. Very few organizations need to know your SSN. You must provide it to your employer, and some government agencies, or if you are applying for credit (because credit agencies use it to track you). However, if some other business, such as a health insurance company, asks for your SSN, ask that they use your driver's license number or another nine-digit number instead.
With life insurance, however, you might be need or want to use your SSN on your policy, to simplify processing for your estate or executor(s).
Don't put your SSN on your driver's license. At one time, most states used SSNs on driver's licenses. Now, most don't, and even those that do will usually allow you to use an alternative number. Take them up on it.
Don't print your SSN on your checks. Never preprint your checks with your SSN or your driver's license number. Your ID number can be written down if necessary, but preprinting it allows anyone who handles your checks—from the clerk at the store through the bank processing chain—to view your identifying numbers.
Remember, your SSN is like identity currency. Don't give it away—be stingy with it.
Speaking of Checks
Now you know that you shouldn't preprint your SSN or driver's license number on your checks. But did you know that checks are one of the most common sources of identity theft? Because your checks contain information about your identity as well as your bank account, there are some things you should do to make sure your checks are working for you, not against you.
First, don't put your full name on your checks. Just use your initial. Why does this matter? Because J. Johnson could be John. Or Jack. Or Jamal. Or Joan. Someone who steals your checks won't necessarily know your name, and, more importantly, they won't know how you sign your checks. But your bank will; that's why they keep signature cards for all of their accountholders.
Second, use your work phone number and address—or, better yet, a post office box. Again, this strategy helps to distance you from your checks a bit, and provides potential thieves with a "false lead" should they try to use the information on your checks to steal your identity.
Finally, consider online bill payment. Many of the utilities you pay monthly will accept electronic payments (via ACH) through your bank's online bill payment program. This technique eliminates a lot of the paper trail out there, and limits the number of parties who have access to your financial information. You still should be careful with your bank account information: Know your bank's policies on reversing fraudulent charges, and how they handle account access. And always be sure to update your browser and keep it current with security patches.
Protecting Your Credit Cards
We often trade security for the sake of convenience, and credit cards are a perfect example. Credit cards have become so commonplace that many people today use a single card that acts as an ATM card, a debit card for purchases, and a credit card. Unfortunately, all that convenience makes credit cards a high priority for identity theft. A clever thief can take your credit card information and go on quite a spending spree before the average Joe will catch on. That's why you should stay on top of your plastic.
One of the first steps to protecting your credit cards is to find out your card's policies on identity theft. If your credit card company doesn't offer protection in the event of identity theft, there's a clear solution: Close that account, destroy the card, and get a new credit card company. Today's larger and more reputable card companies offer a high degree of protection against identity theft, and there is really no reason to do business with a company that won't offer you some protection.
Online purchases have also become a target for identity thieves. To limit your exposure to possible hackers online, have a single card you only use online. This step also allows you to keep a closer eye on activity on the account: Be sure to carefully review the statement for that card each month, and if you see any suspicious purchases, act immediately.
Similarly, in the real world, don't carry all your cards at once. Keep the online card at home, and keep a single credit card and/or your debit card on your person. You can always rotate the cards you carry, but limiting the number of cards limits your exposure if your wallet is lost or stolen.
Don't sign the back of your credit card. In fact, in the space where you would normally sign your credit card, write in big bold capital letters the words SEE ID. It takes a little more time at the register, but any clerk inspecting the back of the card (which they're all supposed to do when you use it for a purchase) will ask to see your identification before allowing you to use the card for purchases.
Don't leave the signature line blank. Most stores won't accept a card with a blank signature line; if the store accepts an unsigned card, the store (not the card company) is liable for any losses.
Finally, never throw away credit card receipts, and always take your carbons from purchases. Most card terminals today don't print full card numbers, but they do contain other information about the transaction that can aid savvy and unscrupulous individuals. Don't take a chance; just take the receipt, and before you toss it at home, run it through your cross-cut shredder. Don't have a cross-cut shredder? Get one. They're relatively cheap these days, and that little expenditure can buy you a lot of peace of mind.
Of course, there is another option: Use cash. Cash has the advantage of being nicely untraceable and completely private.
Protecting Your Identity Online
The convenience of online shopping and online bill payment has led many people to start performing a number of financial transactions online. Online transactions aren't necessarily less safe than other types of transactions (such as purchases by phone), but there are some special precautions you should take.
Have one credit card to use online. As mentioned before, have a single card that you only use for online purchases, and don't use other cards online.
Use only secure sites. Make sure that your browser reflects that the site you're using is encrypted. If you get any warnings about bad information or expired security certificates, do not use that site.
Update your browser regularly. The secure page is only as good as your browser's security. Keep up with the latest versions and security patches for your web browser. Otherwise, you might be the chump that hackers are waiting for.
Never count on a link in an email message to be trustworthy. Links can be forged. One common trick used by identity thieves is to send you a link that looks good in the email, but actually points to a different site. Be safe—type the link by hand.
NEVER send info via email. Unless you're using encrypted email—and chances are overwhelming that you're not—nothing you send in email is secure. Period. Email is plain text, and can easily be intercepted. Never send sensitive financial information to anyone via email.
Oh, and did I mention that email is not secure, and that you should never send anything sensitive via email? Good.
Keeping Good Records
One of the keys to keeping on top of identity theft is to stay one step ahead of the cretins who are after your good name. The best way to do this is by keeping good records:
Photocopy everything in your wallet. If your wallet is lost or stolen, you can easily contact the credit card companies and alert them. Don't forget to copy both sides of each card, and copy other important documents such as your passport or travel visas. Oh, and don't keep the photocopies in the wallet! Keep them in a safe place.
Check credit card statements carefully each month. Review your credit card statements carefully each month, and immediately report any suspicious activity or purchases.
Save your important financial documents. When it comes to sensitive financial information, be a packrat. Keep all your bank statements and credit card receipts, especially if you're disputing any transactions. Similarly, keep good records when you speak to any customer service representatives: Note the time/date of your call, the representative's name/extension/ID and what was discussed.
Get a shredder. Never throw away anything with personal or financial information without first passing it through a cross-cut shredder.
Keeping on top of your financial records will help you in the event that someone tries to steal your identity; you'll catch on more quickly than someone who has slacked off on recordkeeping.
Stay on Your Toes
There are number of other ways in which you can stay one step ahead of those who are looking for easy prey for identity theft. One easy way is to get a locking mailbox, a simple technology that helps to prevent anyone from stealing your mail to get information about your accounts. When you pay bills via mail, though, drop the payments in the mailbox at the post office; never leave outgoing bills with checks in your home mailbox for carrier pickup.
One common scam among thieves involves calling potential victims (or sending email) requesting that the victims "verify" certain information about their accounts. Never, under any circumstances, give out info on the phone or in email to someone contacting you claiming to be an account representative. Think about it: Financial institutions invest hundreds of millions of dollars into IT systems to manage their data, including backups. Why would they need to call you to get information they already have?
Similarly, never give out password information. Period. A reputable company will never under any circumstances ask you for password information. A company that's on the level will be able to reset your password and give you the new one, not the other way around.
Stay on top of your checking and credit card accounts. Unused accounts are a godsend for identity thieves, since it's more likely that you won't be paying attention to them. Be sure to destroy all checks from old accounts, and close unused or unnecessary credit card accounts.
Finally, don't just toss "preapproved" credit applications that you get in the mail. Enterprising "dumpster divers" can use those to start getting credit in your name. Shred the applications before you throw them away; better yet, to indicate to the credit card companies that you aren't interested, call 1-888-5-OPTOUT (1-888-567-8688) to get your name on a voluntary list for creditors to check before sending out those offers.
The Best-Laid Plans...
No matter how diligent you are in protecting your identity, you may still fall victim to identity theft. You may notice strange charges on your credit cards, or start getting calls about credit you've never applied for. What should you do if you suspect your identity has been stolen?
Cancel all your credit cards immediately. If your cards have been stolen, use the photocopies you prepared. Your credit card companies should issue you new cards, and also be able to assist you with paperwork for disputing charges.
Notify your bank. Since many debit cards or check cards are linked directly to your bank accounts, let your bank know immediately if you suspect identity theft, so they can take steps to ensure that your accounts stay yours.
As embarrassing as it may feel, file a police report as soon as possible. Not only is this step important for dealing with the credit card companies and credit agencies, it will also aid in prosecution later, should the thief be caught.
Notify the three major credit agencies and the Social Security Administration at the numbers below:
Experian (formerly TRW): 1-888-397-3742
Trans Union: 1-800-680-7289
Social Security Administration (fraud line): 1-800-269-0271
The credit agencies will be able to assist you with making sure that your credit report remains intact via either a "90-Day Security Alert" or a "Seven-Year Victim Statement." To obtain new credit using your identity, a thief still will need to be able to have creditors check your credit report. With these alerts placed on your account, the thief won't be able to do so.
Going the Extra Mile
Because identity theft has become such a problem, each of the credit reporting agencies offers a program to help thwart thieves. Equifax offers "Credit Watch," Experian offers "Credit Manager," and Trans Union offers "Credit Monitoring." All of these are similar services, in which the company will watch your credit report, and if any requests are made for information, will call you to verify that you're applying for new credit before releasing any info. The price varies from company to company, but if you're uneasy and feel vulnerable, these services do offer a little more peace of mind.
The bottom line is that with a little planning and a lot of diligence, you can take many of the steps necessary to prevent identification theft for little or no cost. The key is vigilance; keep on top of developments in technology and your financial information. Like most thieves, identity thieves are looking for an easy mark. The harder you make it for them to get your identity, the less likely they are to make the effort.