RESCUECOM Offers Advice to Stop Identity Theft

Westport(Conn.) News, July 2006:

RESCUECOM offers ID Theft tips

Avoiding Identity Theft: Part One

Identity theft is rampant these days. It's in the news all the time. Databases are being penetrated on a regular basis. And, even if you don't fall prey to full-blown identity theft, your credit or debit card number might end up being used for a few hundred dollars worth of merchandise on some Web site in Asia. It happens all the time.

While some crime still goes down the old-fashioned way, somebody gets your credit card number during a everyday transaction, much of it is the result of the Internet. Welcome to the future. Science fiction writers predicted many things but cybercrime was foreseen by very few. The Internet, it seems, is both a blessing and a curse.

Society lags technology. The Manhattan Project, for example, created the Atom Bomb before society, and probably the inventors themselves, had a chance to absorb its full ramifications. Now the world does its best to discourage countries from developing nuclear weapons.

Similarly, DARPA created a way for professors and students to share files over a distributed computer network without really knowing where it would it lead. Few could have foreseen that it would be used by hucksters, perverts, terrorists and other assorted predators and maniacs on a global scale.

What should we do? Halt progress? Become Luddites and try to turn back the clock? Unfortunately, it's impossible to put the genie back in the bottle and return to a kinder, gentler time. But we are not entirely helpless, there are things we can do. First and foremost, have your wits about you. Never divulge sensitive information, in any situation, unless you are sure of the players. Never let anyone force information out of you without first verifying their authenticity through separate channels. Any legitimate entity should expect common-sense diligence. If they don't, there's something wrong. They are either not who they say they are or their policies need updating.

Second, educate yourself. Knowledge is power.

Some of us are far too trusting. Others are naturally skeptical and have always done things like cut up old credit cards and shred sensitive documents before throwing them out. Sound paranoid? Remember, the low-tech alternative to hacking databases is dumpster diving. After all, it doesn't really matter how thieves get your information as long as they get it. We'll deal with non-computer precautions in a subsequent piece.

According to RESCUECOM, "Although 12 percent of all identity theft cases can be traced back to online activity, the truth is that almost half of all cases cannot be traced at all. With the growing popularity of Hot Spots and municipal wireless networks, those threats will surely grow in the coming weeks and months. Anyone who uses a computer must take the proper steps to ensure they are not the next victim of identity theft."

Save sensitive documents to floppy disks, CDs, DVDs are some other external storage device. Hackers can't get at them if they're not on your computer. If you do keep sensitive files on your computer, it is a good idea to encrypt them and use password protection.

Install and update virus protection software. This will help prevent a worm or virus from sending information discovered on your computer. Some experts say that an unprotected computer will be infected within a minute if you go online without protection. If you use an Apple Macintosh computer, your risk is minimal but you should still use anti-virus software.

Be wary of Wi Fi (wireless) computer networks. They are not necessarily secure. Secure networks usually require a password or key of some sort. Also, look for a "lock icon" and a URL (Web address) that begins with https:// the "s" indicates it's an SSL (Secure Sockets Layer) encrypted connection. It's not a good idea to view or enter sensitive information on standard http:// Web sites.

Don't set your computer to automatically connect to any network, don't use ad hoc mode (it lets other people connect to you) and don't leave your computer on when you're not connected. It's easier than you think for hackers to connect to your computer through the air.

Don't respond to e-mail requests for information (phishing) unless your verify authenticity and security. Obviously, if you get a request from a bank you don't use, the chances are it's bogus. Crafty crooks, however, can make e-mails and even Web sites look very much like the real thing so it's a good idea to verify ALL requests for information. Assume that all requests are bogus until you confirm otherwise. Legitimate entities do not typically ask for information in this manner.

Limit your activity in unknown Wi Fi situations. Don't send sensitive information, pay bills or engage in financial transactions.

If you must send sensitive files over the Internet it's a good idea to password protect them. File compression software usually offers password protection.

Be careful when you instant message. Unless you use some sort of encryption, instant messaging is normally unprotected. Chat rooms and class reunion and genealogy Web sites should also be treated with wariness.

Install a firewall on your computer and turn off file sharing when you don't need it. This will help prevent hackers from getting information off your computer's hard drive.

When disposing of computers, you should wipe the hard drive clean. Simply deleting files is not good enough. Ideally, you should use utility software that writes ones and zeros over and over again, obliterating meaningful traces of data.

In summary, always be conscious of protecting personal information. If someone asks for it, alarms should go off in your head. If you're suspicious, stop talking right away and start verifying.

According to the Federal Trade Commission (FTC), if you think your identity has been stolen you should contact one of the three consumer reporting companies (Equifax, Experian or TransUnion) to place a fraud alert on your credit report. You should then get a copy of your credit report and close all accounts that may have been tampered with or opened fraudulently. Use the ID Theft Affidavit to dispute new unauthorized accounts. File a report with the local police department and file a complaint with the FTC. Depending on what information has been stolen, you may need to contact other agencies; Social Security Administration, Department of Motor Vehicles, etc.

The FTC Web site has an extensive list of agencies that should be contacted, depending on the type of fraudulent activity.

The following Web sites offer a wealth if information in avoiding and reporting identity theft: the Federal Trade Commission at www.ftc.gov/bcp/conline/pubs/ credit/idtheft.htm, the U.S. Department of Justice at www.usdoj.gov/criminal/ fraud/idtheft.html and the Social Security Administration at www.ssa.gov/pubs/ idtheft.htm

Part Two, which will appear at a later date, will deal with problems that are not necessarily related to computer use.