Facts About Identity Theft: How to Protect Yourself in 2016

Identity theft is a crime. Twenty years ago, the facts about identity theft were hardly a concern for individuals or businesses. Today, the internet has made access to information almost instantaneous. With increased data, and increased access to that data, this provides easy fodder for thieves.

Some facts about identity theft

Identity theft is broadly defined as the use of one person's identity or personally identifying information by another person without his or her permission.

On May 10, 2006, President Bush issued Executive Order 13402 which established the Identity theft Task Force. To help businesses from the effect of identity theft, the FTC has taken several steps. It has established 'Red Flags Rule' which requires certain organizations to develop and implement written identity theft protection programs. This Rule applies to all businesses that allow a consumer to pay for a product or service.

The IRS estimated that in 2013, stolen identity refund fraud amounted to over 5 million fraudulent returns being filed with the IRS. These 5 million returns netted over $30 billion in fraudulent refunds. The Treasury reported that it takes the IRS between 278 days and 312 days to resolve identity theft issues for taxpayers.**

The US Department of Justice issued a press release on September 27, 2015 indicating that an estimated 17.6 million individuals, or around 7% of the US population over age 16, were victims of identity theft in 2014. According to the U.S. Federal Trade Commission's Consumer Sentinel Network, people between the ages of 50 and 59 were most often victimized by identity thieves in 2014. This group accounted for 21% of all fraud complaints.

Examples of identity theft

1.  A fraudster uses a stolen identity to set up a business and open bank accounts. The criminal proceeds to use stolen credit cards and fraudulent checks to transfer money into the new bank account. Money is swiftly transferred or withdrawn into yet another account, making tracking difficult. By the time the authorities get involved, tracing of the money leads to the victim of the stolen identity.

2.  A criminal steals the professional identity of another person; perhaps you. Your professional licenses are generally a matter of public record. These license numbers, along with another key piece of personal information, provides the gateway for this type of fraudulent use of your identity.

3.  Business identity theft is usually accomplished by current or former employees of your business. Armed with your business logo, your FEIN and a few other details about your company, an insider can set up checking accounts and perhaps obtain loans or other credit. Use of the internet to create ghost websites to obtain your customer credit card information, through phony sales, provides further theft of customer funds through credit card fraud.

4.  Social security number theft provides thieves the opportunity to set up bank accounts, obtain consumer loans, mortgages, credit cards. This can provide theft by opening up brand new accounts, or a takeover of existing assets or money lending sources.

5.  Government benefits identity theft applies to theft of benefits such as Social Security or Medicare. The theft of a deceased person's identity for collection of benefits doesn't hurt a living person, but hurts us all in the end. The criminal obtains items such as a driver's license, a Medicare card, and a Social Security number. With some alterations, his additional crimes are set in motion.

6.  Employment fraud. A person having a stolen driver's license and Social Security card may be able to obtain employment. This stolen identity market would be good for illegal aliens who need such documentation to obtain employment.

7.  As mentioned above, filing false returns with the IRS is big business in facts of identity theft. The criminal uses a taxpayer's information to apply for refunds in the name of the victim, with the refund being sent to the thief's bank account. Since the IRS sends a refund to the first return filed, the victim will find out when their correctly filed return is rejected by the IRS. If you are victim to this type of fraud, go to the IRS website: www.irs.gov. They have three publications to assist you: Publication 4535, 4523 and 4524.

A few of the methods used to obtain information about your identity:

The oldest, yet one of the easiest ways to obtain your information, is to steal your mail. Your mail has a lot of material that the thieves can use: bank statements, credit card statements, insurance statements that all have personal identifying information. A thief can also fill out a change of address with the post office and route your mail to another address.

Another method is to simply steal your purse or wallet. This is a treasure trove of personal information: driver's license, insurance cards, credit cards, Social Security card and business cards. This information can be used by the thief or sold to a re-seller of stolen identities.

Phishing is still successfully used through fraudulent emails. The email will arrive in your inbox. It will appear to be a real email from a bank you use, or from a retailer that you have purchased something from. This email will request personal information such as a Social Security number or a bank account number, under the guise of correcting some made-up problem. Have you received that phone call scam from 'Microsoft' wanting to confirm your computer information? This type of fraud is called Vishing. These folks are trying to obtain your personal information for their fraudulent identity theft scheme over the telephone.

Another method of identity theft comes through something called Pharming. The thief places a malicious piece of software, or virus, on your computer, which in turn hijacks your web browser. When you type in a website address, you are re-routed to a fictitious copy of the intended website. Any personal information that you provide is then stolen by the thieves. Public places can be particularly easy prey for identity thieves. Besides the unsecured network issue, wherein nearby hackers lay in wait to steal your passwords entered over this network, there can be 'Shoulder Surfing' going on. Criminals just simply stand nearby and watch what you type for passwords and credit card numbers.

Other methods may include:

• Social Media Data Mining. There is a lot of information on Facebook, for example, for even an amateur thief to glean: names, date of birth, relative's names, friend's names, employer, and so forth. Combined with the information that a thief may have from another source, the data found on social media can help fill in the blanks for a more complete picture of the victim.

• Credit or Debit card skimming occurs at ATMs and credit card transaction machines. The retailer, Target, comes to mind. Thousands of credit card numbers were stolen over a busy holiday sale's season.
• Hacking is big business. Your business is susceptible, as well as all government systems. Thieves want what you are so desperately trying to protect. Data breaches of your HR department can provide the thieves with Social Security numbers, dates of birth, names and addresses of your employees.
• Dumpster diving can provide thieves with as much information as a stolen mail. Throwing away bank statements, credit card statements, and other personal information, without shredding, allows your data to live on until those pieces of paper disintegrate. Thieves know what days are 'trash days' in wealthy neighborhoods.
• Cell phone cloning sounds frightening. And it is. It is yet another in the long list of sad facts about identity theft. There are devices that can allow a criminal to clone your smart phone. The criminal gets within 3 feet of you, and makes a copy of all the information contained on your cell phone.

Some ways of preventing identity theft - personally:

1. Never give out personal information to someone you do not know.
2. Do not reply to emails or click on links in emails from unknown or questionable sources.
3. Never click on a link to a bank or credit card company within an email. Use your address bar to enter website addresses manually.
4. The IRS will never ask for personal information in an email or over the phone. Does the IRS even have your email address or telephone number? Perhaps not. Most communication from the IRS is still done via US mail.
5. Shred all financial information such as bank statements, credit card statements or loan statements, before discarding.
6. Never provide your PIN number. Credible companies will not ask for this piece of information.
7. Do not carry your Social Security card in your purse or wallet.
8. Cover the keypad with your hand while entering passwords or PIN numbers.
9. Install a firewall on your computer.
10. Install anti-virus software on your computer.
11. Encrypt your home and office wireless networks.
12. Do not send personal information over public Wi-Fi networks.
13. Password protect your smart phone.
14. Check URLs before providing credit card or other personal information. The website address should begin with https:// (The 's' stands for 'secure'.)
15. Enroll in a backup or wiping program for your smart phone and one that will allow you to remotely erase the information on your phone.

Additional ways of preventing Identity Theft - Businesses:

1. Conduct a background check on employees who will have access to sensitive company information.
2. Use micro-shredders to dispose of any documents with personal information, such as in the HR or financial offices.
3. Conduct regular training for employees on how to protect personal information.
4. Keep all printed files that contain personal information in locked drawers.
5. Encrypt all computer files with sensitive data.
6. Require a user ID and password to access all systems.
7. Firewall and virus protection installed; regular IT maintenance of all systems performed.
8. Do not use full Social Security numbers to identify customers or employees.

The facts about identity theft are not pretty, but you can do a lot to protect yourself and your company from this crime. Contact your Smolin advisor. We can and will help with ideas and solutions about your identity theft concerns.