2Michelle Brown Case Michelle Brown worked in the banking industry Heidi Ille (not Connie) and Michelle were complete strangers and looked nothing alike.Heidi got Michelle’s info from a rental application at a property management office. Heidi was an acquaintance of the landlord.Heidi racked up $50,000 in credit card bills issued to Michelle Brown.Michelle never met Heidi.Heidi did serve time in state and federal prison, but not for identity theft—for the drug smuggling.When Heidi was booked in federal prison, she was booked under Michelle Brown’s name and wrote letters as Michelle Brown—crazy! The prison system did eventually get the name corrected.
5How identity thieves get your personal information Steal wallets/purses containing ID and credit cardsSteal your mailComplete a change of address form to divert your mail to another locationDumpster diving (gross!)Find personal information you share on the InternetPay store employees for information off your credit card applicationPhishing
6Identity Theft and Credit Card Fraud (cont.) Online Techniques used to steal personal and financial informationPhishing - fishing for personal and financial information disguised as legitimate businessPharming is a hacking technique that tampers with the domain-name server system so that traffic to a Web site is secretly redirected to a different site altogether. To help avoid pharming, make sure the Web site has a valid certificate of authority, from a service like VeriSign.
7How Identity Thieves Use Your Personal Information Call credit card issuer and change the mailing address—takes time before you realize the problemOpen new credit card accountsEstablish phone or wireless service in your nameOpen bank accounts in your name and write bad checksFile for bankruptcy under your name to avoid paying debtsCounterfeit checks or debit cards
8How do criminals obtain passwords? Obtaining PasswordsFind them written down“Social engineering”—tricking the user into revealing his/her passwordShoulder surfingHacking into system and remotely capturing informationSystem administrator—abusing privilegesPasswords only as secure as people are trustworthy
9Protect Yourself!Make all you online purchases using a credit card—not a debit card. Credit cards offer zero liability for fraudulent charges—debit cards don’t offer this protection.Get a separate credit card with a low credit limit for your online transactions.Make sure the websites are secure (https)Don’t disclose personal information over the phone. Legitimate banks/credit card companies NEVER ask for this information over the phone.
10Protect Yourself! Don’t fall for email scams. Don’t put your Social Security number or your driver’s license number on your checks.Shred or burn sensitive mail before you recycle it.Don’t carry your social security card in your wallet.Check your bills for charges you didn’t make.Report identity theft promptly—call the credit card companies, local police, Federal Trade Commission (FTC)
11Michelle Brown’s Recommendations to Congress Social security numbers should be treated as confidential information, and therefore should not be required to be part of passwords, medical identification numbers, etc.Credit issuers: all duplicate card requests should be verified by a mailer to the previous credit card address, or verified via telephone.Credit reports should be offered free to individuals at least once a year, at their request.Unusual inquiry/account opening behavior should be flagged at the credit reporting agencies and further investigated. The bureaus should take more responsibility for unusual activity as they are the first ones to be alerted of consolidated fraud on one individual's record.Fraud alerts should be CLEARLY POSTED on the first page of victims' credit reports. Further there should be fines imposed to merchants who do not properly act on these statements and fail to verify the authenticity of an application.