By Mark Pribish, Director of Identity Theft Management Services, Merchants Information Solutions, Inc.
Since February 2005 – when the watershed ChoicePoints data breach event took place – there have been over 450 data breaches (that we know of) affecting over 140 million records containing sensitive customer and employee information.
In the beginning, the electronic and print media has communicated these data breach events with major headlines and leading radio and television news stories. However, because of the high frequency of data breaches, it appears as though the media has relegated such news stories to a paragraph or two away from the major headlines or as a second or third news story on the radio or television.
Since you are more likely to become a victim of identity theft (1 in 23) than you are to be in an auto accident (1 in 130), this is a great time to remind ourselves of the challenges and definitions of identity theft. The following is a list of tactics and scams used by thieves that you need to be aware of:
Cyber-Crime – committed by using a computer and the internet to steal a person’s identity, sell contraband, stalk victims, and/or disrupt operations with malevolent programs.
Dumpster Diving – going through trash bins, office or public – for loan applications, bank and credit documents, and social security numbers.
Insider Crime – where current and former employees, business partners, vendors, and organized crime break through internal controls to steal information.
Mail-Theft – mining mailboxes for information relating to new credit cards, pre-approved credit offers, insurance statements, employee benefits, taxes, etc.
Mules – where fraudsters recruit unsuspecting individuals to act as a middle man (mule) and by having the mule accept transfers of money from compromised accounts. The mules are then asked to transfer the money from their accounts in the form of cash and forward it, minus their commission, to the fraudsters using an international money transfer agency.
Pharming – the process of redirecting internet domain name requests to false websites to collect personal information.
Phishing – a scam that uses an authentic looking fraudulent email to solicit confidential customer information in response.
Physical Records – are the physical and electronic documents including PC hard drives. Typical physical records include your information that is stored by your current and former home/auto insurance agent, life insurance agent, employer group including health insurance provider, doctor, dentist, local hospital, division of motor vehicles, financial institution, educational institutions, and more.
Pre-texting – where the thief poses as a legitimate representative of a company, bank, employer, landlord, business owner, internet service provider, or anyone else that contacts you and attempts to get you to reveal your confidential information – usually by asking you to verify some data.
Retail Theft – stealing files, hacking into records, bribing, or conning employees at local stores, financial institutions, medical groups, hospitals, government agencies, etc.
Security/Data Breach – unauthorized access to and acquisition of data containing sensitive personal information.
Shoulder Surfing – where thieves view ATMs, phone booths, or laptops to visually steal PINs, credit/phone card numbers, passwords, etc.
Skimming – stealing credit/debit card numbers by swiping the card to a portable data storage device; or by attaching to an ATM or card reader.
Spoofing – where fraudsters create fraudulent websites to look just like an actual website via phishing or pharming schemes.
Spyware – where information is collected from a computer user without his or her knowledge/informed consent that reports information to a third party. This is used by legitimate business as well as identity thieves.
Vishing or Voice Phishing – sending an e-mail hoping to get victims to telephone a voice mail box to disclose sensitive financial and personal information.
So the next time you read or listen to another story about identity theft, you may want to pay closer attention – no matter how small the story – as you never know how any of the above identity theft related acts could be impacting you and your family.