Identity Information Theft and Fraud: How to Protect Yourself!
By David Wood, Security Analyst
You hear about it all the time. A virus has infected a computer at some institute and has now exposed potentially thousands of social security numbers. You get a sinking feeling as you realize you may be one of the victims. It is often at this time you ask yourself, "What really happens when my information is exposed and what can I do to protect myself"?
Identity theft is a multi-million dollar industry that can range from someone buying a flat screen television with your identity, to potentially funding terrorist organizations worldwide. Whatever the money may be used for, it all comes down to the same thing: as a victim, you are wondering how and why it happened!
A lot of identity theft is no longer committed by the shady character rummaging through trash cans to find your credit card or bank account information. Most identity theft is now a result of a computer compromise. The compromise is often achieved by automated malicious code known as a virus. When executed, this code searches the Internet for computers that have either outdated anti-virus programs or no anti-virus programs at all. They also may scan the Internet for any computers that do not have the latest software patches, which leave them vulnerable to an attack. Some malicious code can be attached to programs - such as free software or programs also known as freeware or software - that are downloaded from the Internet by the computer user.
However, not all viruses are intended to collect sensitive information about you. Some may be used to turn your computer into a file server where your computer is used to store illegal content such as copyrighted music, movies or pornography. These files are often hidden to the average computer user and may never be discovered, but can be shared from your computer with potentially thousands of other persons who have now been granted access.
There is hope! There are a few things that you can do to be more proactive, thus lessening the impact if identity theft happens to you.
- Be more aware! Reviewing bank statements regularly and paying close attention to any "mystery" transactions can potentially thwart would-be thieves from draining your bank account. Even better call the bank and find out a way to check your bank account activity every week, if not every day!
- Know who you are sharing your information with and why they need so much information about you. Some businesses will ask for more information than needed. Ask them if they really need all of the information they are asking for and what they are planning to do with it. Oftentimes, you can choose not to provide certain information and still receive services.
- Be sure any transactions made over the Internet are as secure as possible. Make certain the computer you are using has a good anti-virus program installed and updated regularly. Check to see that the web page you are using has "https" in the address bar. The "s" indicates that it is a secure Web site; a lock should also appear in the bottom frame of the window. If it is a public machine, beware of spyware such as keyloggers, which are used to record your keystrokes. It is generally a good idea to avoid performing any financial transactions over the Internet from a public computer or kiosk.
- Know your credit and bank cards! Go through your cards and make a list of the names and contact numbers for each. Keep this list in a safe place. That way, if you ever receive a letter indicating your identity may have been stolen, you will have the information you need to quickly cancel the cards and notify the issuers of the potential threat against your identity.
- If you ever suspect that you may be a victim of identity theft, or just want to be extra cautious, you can place a temporary (90-day) initial fraud alert on your credit report and, if necessary, re-issue the alert every 90 days by contacting one of three credit reporting agencies (TransUnion 800-680-7289, Experian 888-397- 3742, Equifax 800-525-6285). You should receive letters from all three within two weeks saying an initial 90-day alert has been added to your credit report. Keep these letters on file so that if there is an issue with a creditor you have proof of the alert.
Remember that having an alert on your account means you may have to temporarily remove the alert anytime you want to check your credit report or obtain a line of credit. Do this by contacting the reporting agency with whom you filed the alert. It is general practice for one agency to notify the others when you request an alert.
- Protect your computer at home and at work! UT Arlington has a software site license agreement with Symantec AntiVirus. The site license makes the software available free for installation on any inventoried UT Arlington computers, and provides a generous discount of seven dollars per license for personal-owned computers. If you do not already have Symantec on your computer, please visit http://www.uta.edu/antivirus for software download and installation instructions. Visit www.uta.edu/oit/computerstore for more information on how to obtain a license for your home computer.
- UT Arlington has taken precautions to guard sensitive information by following guidelines that are outlined in the UT System Policy UTS165 (formerly known as BPM66) reducing the collection, use or disclosure of all social security numbers contained in any medium, including paper records. By following this policy, all UT Arlington faculty and staff can help prevent the accidental disclosure of sensitive information that might lead to identity theft and fraud. If you are UT Arlington Faculty or Staff, please become familiar with UTS165. UT Arlington has also implemented a unique identifier to replace SSNs called the UT Arlington ID Number that is generated for students when applying for admission to UT Arlington and for employees by their administrative assistants once they are hired.
By taking these few easy steps you can help prevent identity theft and fraud. Don´t wait; start taking precautions today! Visit the UT Arlington Information Security Office Web site www.uta.edu/security to learn more on how to secure sensitive information at UT Arlington from potential threats.