Information Security & Identity Theft

Slides:



Advertisements
Similar presentations
Prepared for: Presented by: Risky Business 2012 Conference Tony La Rosa, Manager Mid-Iowa Credit Counseling Park Fair Mall 100 E. Euclid Ave., Ste. 157.
Advertisements

MoneyWi$e: ID THEFT & ACCOUNT FRAUD ID Theft & Account Fraud Prevention and Clean Up.
Fighting Back Against Identity Theft A Presentation for CSM564 – Dr. Price By Matt Poole.
Identity Theft “When Bad Things Happen To Your Good Name” Federal Trade Commission.
Presented By Drexel and FMFCU.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Identity Theft Solutions. ©SHRM Introduction Identification theft became the number one criminal activity issue in 2004 and has remained at the.
Deter, Detect, Defend: The FTC’s Program on Identity Theft.
Identity Theft “When Bad Things Happen To Your Good Name” El Camino Community College Police Department Sgt. Kirk Johnston Josh Armstrong.
Kimberly Castner-Scott. What is Identity Theft I Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully.
1 Identity Theft and Phishing: What You Need to Know.
Protecting Yourself Against Identity Theft TSCPA Member Name, CPA Firm/Company Name.
Identity Theft. MIS Training Institute, Inc.Section X - Slide 2CS1 053 ©Network Security Services, LLC Outline n Definitions n Methods used n Ways to.
National Association of Student Financial Aid Administrators The following is a presentation prepared for NASFAA’s 2007 Conference in Washington, DC July.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
Presented By The Plano Police Department Crime Prevention Unit.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Identity Theft “When Bad Things Happen To Your Good Name” Federal Trade Commission.
Information Security – Creating Awareness, Educating Staff, and Protecting Information Session 46 Chris Aidan, CISSP Information Security Manager Pearson.
Felicia Cervantes. Using someone's personal identifying data for unlawful purpose. (This is a SERIOUS crime.) More than 8 million American Adults fell.
OCPA NEIGHBORHOOD WATCH PROGRAM THE OHIO CRIME PREVENTION ASSOCIATION IDENTITY THEFT.
A ID Theft & ACCOUNT FRAUD Welcome to MoneyWI$E A CONSUMER ACTION AND CAPITAL ONE PARTNERSHIP Prevention & Clean Up © 2011.
Identity Theft Statistics Identity Theft – “Fastest Growing Financial Crime in the United States.” (1) 9.3 million U.S. Adults were Victims of ID Theft.
7.3.1.G1. © Family Economics & Financial Education – September 2010– The Essentials to Take Charge of Your Finances– Identity Theft Essentials – Slide.
Have You Lost Your Identity? By Sierra Bowland. Deter Detect Defend.
Who Is This?! By Bailey Hoover. Foreword Deter Detect Defend Deter, Detect, Defend Brochure ID Theft: What It’s All About.
Discussion Topics What is Identity Theft? Ways to Commit Identity Theft How Identity Thieves uses Victim’s Information Guarding your personal Information.
3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,
ESCCO Data Security Training David Dixon September 2014.
1 Information Security Creating Awareness, Educating Staff, & Identity Theft Protection Chris Aidan IT Security Manager Pearson Technology Session #40.
Security Awareness Identity Theft October Security Awareness. Identity Theft Someone acquires enough information about you to pose as you and.
Identity theft: Real or Virtual? By: Alex Metzler.
Identity Theft  IDENTITY THEFT occurs when someone wrongfully acquires and uses a consumer’s personal identification, credit, or account information.
Welcome to the world of Identity Theft and Identity Fraud. Will YOU be the next victim? “Once considered primarily an economic crime or a juvenile pastime,
Protecting Yourself Against Identity Theft By Sierra Monif Next.
7.3.1.G1 According to The federal Trade Commission, Identity theft Affects Approximately 12.6Million People Every year.
Be Cautious of Identity Theft By: Sydney Langley.
PRIVACY IN COMPUTING BY: Engin and Will. WHY IS PRIVACY IMPORTANT? They can use your computer to attack others (money, revenge) They can use your computer.
Protecting Your Identity Anders Olson Computers III September 18, 2008.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
By: Asfa Khan and Huda Mukhtar
Presented By Plano Police Department Crime Prevention Unit.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Protecting Your Assets By Preventing Identity Theft 1.
Identity Theft PD Identity Theft Identity theft is a serious crime which can: Cost you time and money Destroy your.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
Preventing Identity Theft. PREVENTING IDENTITY THEFT 2 Agenda Introduction What Is Identity Theft? Tips to Protect Yourself What to Do if You Have Been.
IDENTITY THEFT Nicholas Michalak. Agenda What is Identity Theft? Background of Identity Theft Legislation Against it Different types and Examples What.
Identity Theft The fastest growing type of fraud..
Protecting Yourself Against Identity Theft A Financial Literacy Presentation by.
By Amanda Cowan.  When another person steals your information and uses it to commit fraud or other crimes  The information stolen can be:  Credit Card.
Identity Theft. What Is Identity Theft? – Acquiring someone’s identifying information and impersonating them for gain.
WHAT YOU NEED TO KNOW Chevron Federal Credit Union Great Rates. Personal Service. chevronfcu.org  
Identity Theft How bad people get good credit. Lindsey Bertugli.
IDENTITY THEFT.
Robert Leonard Information Security Manager Hamilton
Protecting Your Identity:
Presented (insert date) By (insert organization’s name)
Presented (insert date) By (insert organization’s name)
Presented (insert date) By (insert organization’s name)
Protecting Yourself from Fraud including Identity Theft
Protecting Your Identity
Protecting Yourself from Fraud including Identity Theft
Protecting Your Credit Identity
Information Security – Creating Awareness, Educating Staff, and Protecting Information Session 46 Chris Aidan, CISSP Information Security Manager Pearson.
Protecting Yourself from Fraud including Identity Theft
Identity Theft and Credit Safety
Presentation transcript:

Information Security & Identity Theft Session 6 Information Security & Identity Theft Chris Aidan Matt Wardle IT Security Manager Special Agent Pearson Technology Office of Inspector General Kristen Frias Special Agent Office of Inspector General

Topics Covered Internet Dangers Equipment Disposal Identity Theft Social Engineering Password Selection Email & Chat Services Securing Workstations Data Backups Equipment Disposal Data Disposal Administrative Accounts Physical Security Latest Threats Creating Awareness Legislation Questions

Identity Theft What it is and how to avoid it Acquisition of key personal information used to impersonate someone else One of the fastest growing crimes in the United States

Keeping Your Information Private Protect Your Information: Date of Birth Social Security Number Drivers license number Passwords and PIN’s Banking Information

Common Identity Theft Practices Obtain or take over financial accounts Open new lines of credit Take out loans for large purchases Sign lease agreements Establish services with utility companies Write fraudulent checks Purchase goods and services on the Internet

Avoiding Identity Theft Don’t carry your SSN card with you Request a drivers license number Shred sensitive information Only carry what you use Photo copy all cards in your wallet Select hard to guess PINs and passwords Don’t leave mail sitting in an unprotected box Don’t give out private information over the phone Order your credit reports Use caution when providing ANY sensitive information

Protecting Others From Identity Theft Properly handle documents Shred sensitive information Use key identifiers instead of the SSN Password protect sensitive information Audit access Review access privileges Verify who you are talking to

U.S. Department of Education Office of Inspector General

Examples of ED Identity Theft Investigations Agencies: ED, SSA, United States Secret Service Loss: $300,000 1 defendant who used approximately 50 identities of prison inmates to get financial aid Examples of additional identity theft cases

U.S. Department of Education Background ED disburses approximately $52 Billion Per Year in educational program funding. 7500 domestic and international universities/colleges participate in DoED financial aid programs. During this year, approximately 12.6 million Students will apply for Federal Student Financial Aid. 9 million will apply electronically via the internet.

Student Financial Aid Demographics Student Aid is Disbursed World Wide 58 US States and Territories 41 International Countries

ED Funds Infrastructure Students send applications via the internet Student Central Processing Center CPS processes student data The Department interfaces with the Federal Reserve U.S. Department of Education The Federal Reserve sends funds to Universities The Federal Reserve Universities disburse funds to student accounts Universities

OIG Identity Theft Program Goals Consumer Awareness Campaign Hotline Set-up Data Mining Investigate Referrals Coordination with other Agencies President Bush and Secretary Roderick Paige

Consumer Awareness Campaign Information to be posted on ED WebPages, Handbooks and Posters. Case Summaries to be sent to school e-mail-presentation to schools Prepackaged case reports to College papers Presentations to Professional Groups. Employee Awareness Efforts.

Hotline “1 800 MIS-USED” “Oig.hotline@ed.gov” ED Customer Awareness Campaign for identity theft. The website can be access at: http://www.ed.gov/misused Boston Region referrals-contact (617) 223-9301 New York Region referrals-contact (212) 264-4104

Data Mining ED/SSA Death Records Match Similar Applicant Addresses Similar SSN/DOB

What You Can Do as a Financial Aid Officer When verifying identity documents, ask to see originals (original social security cards, birth certificates, etc) If a document appears suspicious request additional forms of identity (white out, altered, original not available) Make referrals to the US Department of Education Office of Inspector General

SAR Comment Codes Pay Attention to SAR Comment Codes as a Fraud Indicator #060: Date of Birth does not match SSN #061: Name does not match SSN #062: Citizenship Status does not match #063: Date of Birth does not match SSN #064: Name does not match SSN When in doubt ask to see original documents!

Sources of Referrals Financial Aid Professionals at schools Calls from Citizens Other law enforcement agencies Proactive Projects

Liaison/ Coordination USPS SSA-OIG FTC USSS USAO

Passwords Know how to select a good one Keep passwords safe At least 7 characters Mixture of upper and lowercase characters Mixture of alpha and numeric characters Don’t use words you can find in a dictionary Keep passwords safe Change them often Don’t share or reuse them

Password Selection Tips Everyday items can make great passwords: ¼#Burger 2004EACno 0nmy30thBday Use simple sayings, poems or songs I like to go to go to the Electronic Access Conference il2g2tEAC The bus stops near my campus at half past four Tbsnmc@1/2p4 TIGER, tiger, burning bright In the forests of the night, Ttbbitfotn, Dear Prudence, wont you come out to play DP,wyco2p Passwords to Avoid: Names Computer Name Phone numbers SSN DOB Usernames Dictionary words Places Months/Dates Repeated letters (e.g. “xxxxxxx") Keyboard patterns (e.g. "qwerty", "zxcvbn", etc.)

Social Engineering Social Engineering is the art of prying information out of someone else to obtain access or gain important details about a particular system through the use of deception

Email & Chat Services Email and chat are sent in clear text over the Internet Data can easily be captured and read by savvy computer users and systems administrators Safeguards should be put into place prior to using these programs for sending/receiving sensitive information like Social Security Numbers

Securing your Workstations Lock your system Shut down Run Virus Scanning Software Password Protect Files Apply Patches

Is Your Data Being Backed Up? Test your backups Securely store backup media Restrict Access

Equipment Disposal What happens to your old systems when they are replaced? Do those systems contain sensitive information? A recent MIT study displayed the importance of proper computer disposal Several programs to securely remove data from computer systems are commercially available

Dumpster Diving You never know who is looking in your trash Shred sensitive documents Secure your shred barrels, and make sure that proper handling procedures are in place. Secure all trash in secure bins when possible

Administrative Accounts Only allow access that is absolutely required Don’t grant accounts based on the fact that access “may” be required Use least privilege access policies that state access will only be granted if required, not by default. Are accounts removed and passwords changed when someone changes jobs or is terminated?

Physical Security Who has access to your computer systems when you’re not there? Are sensitive documents secured when not in use? (clean desk policy)

Latest Types of Threats Wireless Technology Memory Devices Camera phones P2P File Sharing

Creating Awareness Educate your staff Research candidates Train your staff Research candidates Perform background & credit checks Track changes Audit system access Audit system changes Create Policies: Define document and system disposal processes Define backup procedures Define clean work area policies Define computer usage policies

Legislation Identity Theft Victims Assistance Act of 2002-Bill 1742 Identity Theft Prevention Act of 2001-S.1399 Identity Theft Assumption & Deterrence Act of 1998 Privacy Act Computer Security Act of 1987 Computer Fraud And Abuse Act Electronic Communications Privacy Act of 1986 2001 USA Patriot Act Gramm-Leach Bliley Act (GLBA) (required by May 23, 2003) California SB 1386 Family Education Rights & Privacy Act (FERPA) Health Insurance Portability and Accountability Act (HIPAA)

Fraud Contact Information Office of the Inspector General 1-800 MIS-USED (647-8733) Email: Oig.hotline@ed.gov Social Security Administration, Fraud Hotline 1-800-269-0271 Federal Trade Commission 1-877-IDTHEFT (438-4338) Equifax Credit Bureau, Fraud 1-800-525-6285 Experian Information Solutions 1-888-397-3742 TransUnion Credit Bureau, Fraud 1-800-680-7289

Credit Bureau Contact Information TransUnion http://www.tuc.com P.O. Box 1000 Chester, PA 19022 Telephone: 1-800-916-8800 Experian http://www.experian.com P.O. Box 949 Allen, TX 75013-0949 Telephone: 1-800-397-3742 Equifax http://www.equifax.com P.O. Box 740241 Atlanta, GA 30374-0241 Telephone: 1-800-685-1111

Be Aware Report anything that you think is strange Don’t give private information out unless you know who you are speaking with and you initiated the call Properly dispose of sensitive information Run up to date virus protection Ask questions, don’t take anything at face value

Useful Links For additional information on the GLBA, see the FTC’s site at: http://www.ftc.gov/privacy/glbact/ National Institute of Standards and Technology: http://csrc.nist.gov/sec-cert/ Office of the Inspector General http://www.ed.gov/about/offices/list/oig/index.html A lot of Schools have great security resource pages, for example UC Davis and the University of Iowa websites: http://security.ucdavis.edu/security101.cfm http://cio.uiowa.edu/itsecurity/

New law passed before Thanksgiving adds new consumer protections: Questions? New law passed before Thanksgiving adds new consumer protections: Home mortgage applicants will automatically receive a copy of their credit score. Credit reporting agencies must fix erroneous information blamed on identity theft within four business days of receiving a police report, and must inform the creditor who generated the inaccurate information. The right for victims to get application and transaction data from firms that extended credit to identity imposters. This provision helps victims who often find they must do their own investigations before they can interest law enforcement in their case. Several measures designed to stop identity thieves from obtaining more credit using a victim’s information once a victim reports the ongoing crime to authorities. Please fill out the session evaluations & thank you for attending this session

Technical Assistance We appreciate your feedback and comments. We can be reached at: Chris Adain Phone:319- 339-6619 Email: Chris.Aidan@Pearson.com Special Agent Matt Wardle Phone: 617-223-9301 Fax: 617-223-4109 Email: Matt.Wardle@ed.gov Special Agent Kristen Frias Phone: 212-264-4104 Fax: 212-637-0603 Email: Kristen.Frias@ed.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.