So Some facts • About 43% of all reported identity thefts in the U.S. in 2013 were medical-related, according to a study released last month by Identity Theft Resource Center (ITRC). • 1 in 3 people report a problem after their identity is compromised in after a security breach • The longer you go without a problem the better off you are. Some information naturally ages and becomes obsolete
Two Basic Type of f Id Identity Theft • Compromise of an Existing Account – usually card fraud • New (Unauthorized) Account(s) taken out in your name
There is no panacea : Fixing ID theft crimes fall into two distinct buckets: Hassle and heinous. Hassle: Card fraud, where someone steals your credit card or debit card number ¡and ¡uses ¡it ¡to ¡make ¡purchases, ¡is ¡the ¡first. ¡It’s ¡a ¡pain, ¡but ¡ you can shut it down and even if money was pulled out of your checking ¡account, ¡you’ll ¡get ¡it ¡back. ¡
There is no panacea : Heinous: New account fraud, where someone uses your identifying info to take out a loan, is the second. Unfortunately, Javelin research found that victims are three times as likely to take a year or more to discover ¡what’s ¡going ¡on. ¡That ¡opens ¡the ¡door ¡for ¡the ¡fraudster ¡to ¡ use the identity for other illicit purposes – like applying for a job (as you) or filing for your tax refund.
Personal Id Identifiable In Information (P (PII) • Sensitive PII is information which, when disclosed, could result in harm to the individual whose privacy has been breached. Such information includes biometric information, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport or Social Security numbers.
Pre Prevention is the key • Passwords – Yeah I know or as I call them Pain in the Ass Words • Shredder • Computer hygiene • On-Line • The Cloud • Other suggestions
Think Pass Phrases not Words • I • cannot • believe • they • made • me • change • this • 99 • X • ! • Becomes Icbtmmct99X!
Another simpler example • 3 • Blind • mice • see • how • they • run • ! • Becomes 3Bmshtr!
Prioritize your web sites that need passwords • Critical Ones • Banks, Investments, Credit Cards, Medical – those with Sensitive PII • Medium • Water bill, electric bill – those that might contain some PII • Meaningless • Newspapers, subscriptions, those that want a password for tracking
Sh Shredder
Com Computer Hygie giene • Network • Disable guest • Keep your operating system, Internet browser and all of your computer programs up to date. • Automatic updates to operating system – see how later • Driver updater • Windows 10 • Back Up!!!!! • Not just to the cloud • I use thumb drives, alternate two every couple of months • Install good antivirus and anti-spyware software programs and make sure to keep them updated. • Harden your Modem/Router/Wi-Fi
Change the Default Admin Password
Th The e Cl Clou oud Putting your documents, photos, music, and other data into the cloud lets you get your files no matter which computer or mobile device you're using. It's also a convenient way to back up. • Some Examples • Google Drive • Dropbox • Microsoft OneDrive • Apple iCloud
Th The e Cl Clou oud • Read the Terms of Service before placing any information in the cloud. If you don’t ¡understand ¡the ¡Terms ¡of ¡Service, ¡ consider using a different cloud provider. • Don’t ¡put ¡anything ¡in ¡the ¡cloud ¡you ¡ would not want the government or a private litigant to see. • Pay close attention if the cloud provider reserves rights to use, disclose, or make public your information.
Th The e Cl Clou oud • Read the privacy policy before placing your information ¡in ¡the ¡cloud. ¡If ¡you ¡don’t ¡ understand the policy, consider using a different provider. • When you remove your data from the cloud provider, does the cloud provider still retain rights to your information? If so, consider whether that makes a difference to you. • Will the cloud provider give advance notice of any change of terms in the terms of service or privacy policy?
The Cloud • Backup to the cloud pictures, music, non-specific items, generic Word documents. Encrypted! • Never: Financial information, tax returns, credit card statements, bank statements etc.
Wh What to use On-lin line? • Credit card, whil ile lo losses fr from debit are co cover ered ed use a CC or dedicated ed debit • Re Recommend a separate small ller lin line cr credit card, monitor on on-line fr frequently. Set t parameters on th the cr credit card web sit ite. If If used on lin line you get t an email il. • Know your bill illing cy cycl cle(s) • On On Lin ine Banking • Sig ign up for text xts, emails notification when your card is is used on-lin line whe hen tr transactions exce ceed a ce certain amount when bala lance drops belo low $X.XX, whatever your bank or card is issuer le lets ts you do th that works for you. • Monitor all ll your acc ccounts fr frequently - cr credit, , ch checking, g, savin vings, in investment • Zero lia liability does not mean ZE ZERO responsibility • Tim ime lim limits
Other Suggestions • Public Wi-Fi • ATMs • EMV – new Chip cards • Smart Phones • Social Media • Emails • thr throw away em email il. Mult ltiple le ac accounts Gm Gmail il, yah ahoo, even if you ou use use Out Outlook you ou can an attach to o mult ultiple em email il acc accounts. • Kn Know who who is s sel selli ling tr trad ading, g, use use th throw away for or retail il pl places • Scams • Sno Snopes • Gu Guid idestar
EMV Cards
Zero liability on Master card, Visa, Discover • Co Compromis ise of f a curr rrent account • Master Card • Visa • Discover • Reasonable precautions – Watch your statements! Notify them if it is missing! These are true regardless of whether it is a Debit or Credit Card. As long as it carries the logo. • You sh should ld have zero li liabil ilit ity on your r checkin ing and sa savi vings ac accounts
SPAM, , SCAMS and CONS • No Nigerian Prince left you millions of dollars • Your neighbor did not lose his wallet in Puerto Rico • Your grandchild does not need bail money • Your PC is (probably) not broadcasting viruses • THE FBI does not want you • The IRS will not call you for back taxes. • Caution, Cynicism, skepticism
What to do aft fter a breach • After ¡a ¡data ¡breach, ¡make ¡sure ¡that ¡any ¡“free ¡monitoring ¡services” ¡fit ¡the ¡ crime – Not all data breaches are created equal as different types of data can be used to commit different types of fraud. Be certain that if you are offered some type of identity protection or credit monitoring product after a breach that it is designed to help protect against the types of frauds that the breach has exposed you to. If not, contact the provider and inquire as to whether or not an alternative service is available.* • Seek help as soon as fraud is detected – The more immediate a financial institution, credit card issuer, wireless carrier or other service provider is notified that fraud has occurred on an account, the sooner these organizations can act to limit the damage. Early notification can also help limit the liability of a victim in some cases, as well as allow more time for law enforcement to catch the fraudsters in the act. * * Javelin Strategy & Research
Mo Monitoring f for n new u unauthorized accounts • You are entitled to a free credit report annually but since there are three credit bureaus, if you rotate them you can check one every 4 months and see if there are any unknown accounts showing up. If there are you will have to follow the procedures to report fraudulent use. • Equifax • Transunion • Experian
Us Useful Links: • Free Credit Reports: • https://www.annualcreditreport.com/index.action • Consumer tips regarding medical ID theft • https://www.worldprivacyforum.org/2012/04/consumer-tips-medical-id-theft-what-to-do-if-you-are-a- victim • Snopes – Hoaxes and Urban Myths • http://www.snopes.com/ • Guidestar – Non-profit IRS forms • http://www.guidestar.org/Home.aspx • Mastercard Zero liability explained • https://www.mastercard.us/en-us/about-mastercard/what-we-do/terms-of-use/zero-liability-terms- conditions.html • Visa zero liability explained • http://usa.visa.com/personal/security/zero-liability.jsp
More Useful Links • Discover zero liability • https://www.discover.com/credit-cards/member-benefits/security-center/keep-secure/understand- fraud.html • 8 FAQs about EMV credit cards • http://www.creditcards.com/credit-card-news/emv-faq-chip-cards-answers-1264.php • Activate Windows updates automatically • Control Panel\System and Security\Windows Update\Change settings
Recommend
More recommend