Due to the hustle and bustle of the holiday season, December has been marked as National Identity Theft Prevention and Awareness Month. With most of us being a bit more preoccupied, fraudsters have the opportunity to take advantage of us. With the high amount of communication and transactions being done online, criminal activities including data breaches and scams increase during this time of year as well. But have no fear! We’re here to provide you with tips and tricks to build strong habits to protect your personal information this holiday season.
Common Methods of Identity Theft
Social Engineering
What is it? Social engineering is one method used to gain access to personal information like Social Security numbers, passwords or financial and bank account details. The goal is to trick someone into providing confidential information or to find data on public networks that help the fraudster commit a crime. This tactic is aimed at taking advantage of someone through an emotional reaction including fear, greed, urgency or the desire to help others.
How does it happen? This is done through emails, texts, phone calls and social media. The criminal uses one or more of these channels to pose as a trusted business, charity organization or even someone the victim may know such as a grandchild, friend or co-worker. Once trust is established, the criminal goes to work to get the victim to perform an act or give information that will aid the impostor’s criminal activity.
Something to think about: Facebook, Instagram and Twitter are top spots for scammers to find information to commit a crime. The public profile elements you display can be used to steal your identity or aid a criminal in getting you to trust them – your full name, date of birth, place of residency, relationship status, school locations and graduation dates, pet names, friends, business affiliations, interests and hobbies. Also, GPS-enabled phones that share your location can reveal sensitive information like your home address, work address and the places you frequently visit.
Phishing
What is it? Phishing is the act of criminals sending messages to try to trick you into revealing your personal identifiable information (PII) or account information.
How does it happen? There are three main phishing methods:
- Email – an email address can be hacked or spoofed (slightly altered, but still looks like the same address). These emails are sent asking for information and purported to be a reputable company. Some emails may ask you to click on a malicious link or attachment, which is embedded with a virus or malware, giving criminals access to your computer or device and ultimately your PII.
- Smishing – phishing through a text message. They are claiming to be from reputable companies, such as a bank, to reveal PII like passwords, debit or credit card numbers, account numbers, etc.
- Vishing – phone calls from scammers pretending to be from reputable companies in order to get individuals to reveal their private information.
Mail Theft
What is it? Mail theft occurs when someone steals, takes or removes mail from your mailbox. Not only can these mail thieves obtain your personal information to commit identity theft, but they can also mine your mail for cash or checks.
How does it happen? Your mail may contain important information about you and your financial accounts. Thieves who steal mail are looking to steal data like your name, address, social security number, email address, credit card and bank account information. Once they gather that information, identity theft is likely.
Dumpster Diving
What is it? Dumpster diving is exactly what it sounds like. And yes, scammers really will dig through trash looking for discarded documents that contain PII.
How does it happen? Scammers dive into dumpsters or root through trash cans that have been left at the curb for pick up at night when they can’t be seen as easily.
Skimming
What is it? Criminals steal debit and credit card numbers, information linked to the cards and PINs by using a special device attached to an ATM machine or a gas pump.
How does it happen? Scammers attach the skimming device to retrieve card information from customers who use their card to access the ATM or purchase gas. Once the criminals feel like they have enough card information, they will remove it and create counterfeit cards using the stolen information.
Ways to Protect Your Information
Closely monitor your accounts and credit score
- Utilize Digital Banking tools including online and mobile banking, Bill Pay and alerts to help you keep a close eye on your account activity.
- Use Credit Sense to monitor your credit score, access your full credit report and receive personalized tips to help you improve or maintain your score. Regularly checking your credit score can help identity suspicious activity.
Safely dispose of personal information
- Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, bank statements, expired charge cards, and similar documents when you no longer need them.
- Before you dispose of a computer you no longer use, be sure to remove all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.
- Before you dispose of a mobile device, check the manual or the manufacturer’s website to learn how to save, transfer information to a new device and delete information permanently. Remove the memory or subscriber identity module (SIM) card as well as the phone book, lists of calls made and received, voicemails, messages sent and received, web search history, and photos.
Be smart on social media
Follow the best practices below to protect your identity on social media so you can enjoy the benefits of the different platforms without making yourself a target. Consider what you share and who you share with:
- Never give out your social security number or driver’s license numbers.
- Use unique username and passwords for each profile and change your passwords regularly.
- Minimize the use of personal information on your profiles that may be used for password verification or phishing attacks.
- Only invite people to your network that you know or have met, as opposed to friends of friends and strangers.
Stay alert to impersonators
Don’t give out personal or financial information on the phone, through the mail or online unless you’ve initiated the contact or know the person you’re dealing with. If a company that claims to have an account with you sends an email asking you to click on links and provide personal information, don’t do it! Read our blog, “The Questions Your Bank Will Never Ask You” to make sure you don’t answer any phony questions from someone posing as a representative at your bank. Instead, type the company name into your web browser, go to their site, and contact them through customer service. Or, call the customer service number listed on your account statement to ask whether the company really sent a request.
Encrypt your data and keep it secure
Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted. Look for the lock before you send personal or financial information online.
Keep your devices secure and be wise about Wi-Fi
- Use Security Software such as anti-virus software, anti-spyware software, and a firewall.
- Avoid Phishing – don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.
- Do not send personal information or purchase items online on a public Wi-Fi network.
How do you know if your identity has been stolen?
Companies have different policies for notifying customers when they discover that someone has accessed a customer database. However, you should be aware of changes in your normal account activity. The following are examples of changes that could indicate that someone has accessed your information:
- unusual or unexplainable charges on your bills
- phone calls or bills for accounts, products, or services that you do not have
- failure to receive regular bills or mail
- new, strange accounts appearing on your credit report
- unexpected denial of your credit card
What to do if someone steals your identity
- Report an identity theft incident to the Federal Trade Commission.
- Notify your bank immediately that your identity may have been compromised. They will be able to freeze or close accounts, place warnings, create security passcodes and assist you throughout the process.
For more tips to help protect your personal information, check out our other blogs on Privacy & Cybersecurity and visit the Lakeland Bank identity theft information center. If you believe your personal information has been compromised or you think you are a victim of identity theft, we’re here to help! Contact us.
