1/7/2011 2:35 PM ET|
How thieves will steal your identity
Protect yourself by knowing where you're vulnerable and where crooks look for the personal information they need to take over your identity.
Trying to protect yourself from identity thieves these days feels like a full-time job.
You don't just have to worry about bad guys stealing your mail or hacking into your bank accounts. Your computer, your phone and even your Facebook account can provide identity thieves the entrée they need to mess with your financial life. Organized-crime syndicates, individual hackers and common criminals are all working overtime to exploit our weaknesses with new gambits and fresh twists on old scams.
Far from thwarting their efforts, though, many of us make ourselves easy targets -- which is why serious identity theft will continue to thrive in the new year.
After talking with some identity-theft experts, including Linda Foley, a co-founder of the Identity Theft Resource Center, and James Van Dyke, the founder of Javelin Strategy and Research, here are my predictions for 2011:
Prediction No. 1: You, or one of your idiot friends, will reveal too much on Facebook.
Foley says scammers comb social-media sites to find out details about their victims that they can then use to figure out passwords and crack the "challenge" questions financial institutions pose, such as "What is your mother's maiden name?" or "Where did you go to elementary school?"
You shouldn't use the name of a spouse, child or pet in your passwords, but many people do, and then they or their friends make reference to the names on Facebook. Or the bad guys take over accounts and then put out distress calls for money. Posing as you, for example, they might say they're stranded overseas and need to be wired money immediately.
Or they'll take over a friend's account, because he clicked on a malicious link and revealed his password, then send messages to you and all his contacts, saying, "I can't believe you did that in this video!" Click on the link, and you could be tricked into revealing information, or have malware surreptitiously installed on your computer.
That's just the tip of the iceberg of ways social media can be exploited, and the trend will just gather steam in 2011, Van Dyke predicts. To protect yourself, you should:
- Bulk up your privacy settings. On Facebook, go to the Account link, click on Privacy Settings, and set everything to Friends Only.
- Don't give away the store. Don't include your phone number, physical address, e-mail address or birth year on your profile, and consider not using your birthday at all, even if it means forgoing birthday wishes. Your full date of birth is one of the keys to your identity, and not including the year is kind of pointless if you then join the "Central High School 1992 reunion" group.
- When in doubt, don't. If you get a message or post directing you to a video or picture, be extremely cautious. Try to contact the friend who sent it via some other medium (like the phone) to make sure it's legit. If you can't confirm that it is, don't click on it.
- Change your password. Don't use the same password for social media, e-mail and financial accounts, and if your social-media account is compromised in any way, change your password immediately. Change your passwords regularly anyway -- every few months is good. It's a little extra work, but it makes your world safer.
Prediction No. 2: You will click on a link and expose yourself to fraud.
Sites like bit.ly and TinyURL are great for shortening long URLs, which makes them perfect tools for texting, Twitter -- and scammers. You can't tell where you're going when you click on one of these shortened links, so you could wind up in a scammer's lap.
Treat links in texts and tweets just like you would a link in an e-mail: Be extremely suspicious if you don't recognize the source and very suspicious even when you do (because of account takeover). If you click and are sent to a site that asks for e-mail, password or any other identifying information, or that asks you to reset your password -- even if it looks exactly like Twitter or whatever other site you were using -- bail immediately.
Prediction No. 3: Someone will try to use your health insurance.
The lousy economy and high unemployment will increase the chances someone who doesn't have health coverage will try to use yours, Van Dyke warns. Hackers are also after coverage information they can sell (including Social Security numbers) or use to bill insurers for care at crooked clinics.
The number of health care fraud cases doubled from 2008 and 2009, as I wrote in "Thieves are stealing health care," and that trend is likely to continue. The crime can be especially dangerous when other people's health information is mixed in with your own.
Complicating matters is the trend toward making medical records electronic, if providers don't take sufficient care to make sure the data is secure, Van Dyke says.
Protect yourself by:
- Checking every "explanation of benefits" form you get from your insurer to make sure you recognize the provider and the treatment.
- Ask for a year-end "list of benefits" from your insurer, in case a scam artist has changed your address and the EOB forms have gone missing.
- Be stingy with your Social Security number. Most providers ask for it because it makes collecting on past-due accounts easier, not because it's necessary for insurance coverage or treatment.
Prediction No. 4: You'll be the victim of a database breach, and you won't take it seriously enough.
Privacy advocates cheered when states began forcing companies, governments and other entities to reveal database breaches where people's personal information was compromised. No longer could these threats to our security be covered up or dismissed as unimportant, and identity theft victims -- who often don't know how their information was stolen -- would have a better idea of how they were compromised and could demand redress.
Well, that was the theory. Part of the reality is that reports of database breaches have become so common -- more than 510 million records have been reported as breached since 2005, when the Privacy Rights Clearinghouse started keeping track -- that too many people tune them out.
Many people who get a letter informing them their information has been compromised take no action, Van Dyke notes, even though they're four times more likely to become an identity theft victim than the general population.
"It's like they think just because they got the letter, some benevolent Big Brother is looking out for them," Van Dyke says. "Really, they should be afraid."
If you are notified your information has been compromised, you should:
- Put fraud alerts on your credit reports at all three bureaus. Equifax's fraud department can be reached at: 1-888-766-0008, Experian fraud department is at 1-888- EXPERIAN (1-888-397-3742), and TransUnion's fraud department is at 1-800-680-7289.
- Consider freezing your credit reports (also known as a security freeze). You can learn more at the Consumers Union site DefendYourDollars.org.
- Set up account alerts with all bank and credit accounts so you're notified of unusual activity.
- Continue monitoring your credit reports for fraudulent activity. You can one free annual look at each from AnnualCreditReport.com. After that, you can buy reports directly from the bureaus or pay for credit monitoring.
Prediction No. 5: You'll get sloppy about the basic protections.
You'll use a public Wi-Fi to check your bank account or fail to password-protect your home's wireless network. You'll be yawping on your cell phone and reveal personal information. You'll forget to update your anti-virus or anti-spyware software. You won't turn on the firewall on your home computer, or you'll remember that but forget the one for your laptop. You won't put a password on your smart phone so that if it's stolen, the thief will have access to a wealth of data.
And you'll use the same old weak password for every account -- your kid's name, or your dog's -- because you can't be bothered to think up new ones or even change it once in a while.
The site Lifehacker recently put up a fairly comprehensive guide to boosting your security. Check it out, particularly the link to the column "How I'd hack your weak passwords." Protect yourself now, before you have to learn the hard way how much chaos an identity thief can wreak in your life.
Liz Weston is the Web's most-read personal-finance writer. She is the author of several books, most recently "The 10 Commandments of Money: Survive and Thrive in the New Economy" (find it on Bing). Weston's award-winning columns appear every Monday and Thursday, exclusively on MSN Money. Join the conversation and send in your financial questions on Liz Weston's Facebook fan page.
VIDEO ON MSN MONEY
Let me put it to you this way, how many people are on payroll. The key to any unhappy situation is prevention. people aren't interested in prevention, they're only interested in a pat on the back via recognition, awards, popularity contests. i mean our local news here in my state reports petty theft amongst law enforcement for crying out loud. there is no meaning to valor, honor or integrity not even for myself although some will tell you i'm not as bad as some other people. although many bsers will freely and loosely preach about values like honor and integrity and make others feel guilty for being less than perfect. no wonder we can't get anything done in this country including protection of individual citizens. if you say that game of social politics has nothing to do with what's tying up progress in this country, you're a fool. it's a classic tale of good vs. evil. ever wonder why we still have crime and bad things keep occuring. good has not won. evil prevails and is still winning. i passed by a church sign that said evil prevails when good men do nothing. and that sums it all up. no one has done anything about what's wrong nor has anyone rectified those wrongs that have occured. there's a lot talk about what should be done. sometimes by the bad guys themselves. which is elusive and frustrating. wha'ts an ordinary citizen to do? there's a lot of people going through the motion of things and giving themselves and their projects fancy titles to give us the false idea that they are actually doing anything about anything. try giving them suggestion or constructive criticisms and you either get the standard thank your for your input followed by inaction or you get a fistful on nonsense talk and angry paranoid tirades. let us not forget to give credit to the fact that sometimes the bad guys dress themselves up in sheep's clothing. has anyone given thought to that idea? probably not. complacency. Idleness, it's the devil's workshop. Ever wonder why we have more problems, inaction, neglected duties vs. progress, responsible behavior and real meaningful results.
Until the general public gets over its apathetic state of mind and realizes that it is unhappy and have been living in a dump land and not a Tide commercial, they'll understand how we've been all ripping each other off. the safest statement that can ever and was ever said. thank you.
Copyright © 2014 Microsoft. All rights reserved.
Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.
RECENT ARTICLES ON IDENTITY THEFT
Tying the knot doesn't mean your credit will follow suit. Take a look at these common credit myths about marriage.