Feature Article
Mark Pribish
Consumer Risk Management: Protecting You and Your Family
from ID Theft in 2009
By Mark Pribish
Vice President and ID Theft Practice Leader

Whenever I speak or write about ID Theft trends and scams, I talk about how targeted attacks from professional thieves, organized crime, current and former employees, and/or current and former vendors break through internal controls to steal and sell sensitive employee and customer information.

I also talk about consumer risk management and how increasing your knowledge and education on current ID Theft trends, scams and data breach events can help prevent your risk of becoming a victim of ID Theft. That said I have listed below some of the past and current ID Theft scams that continue to challenge all of our personal and private information security:

  • Cyber Crime - from spyware to new viruses to using a computer and the internet to steal an individual's Personally Identifying Information (PII). Cyber Crime has also expanded into stalking / targeting victims - which has become more prevalent with the popularity of social networking groups like MySpace and Facebook (see http://myspace.com/safety - http://www.facebook.com/security for more information).
  • Pharming - the process of redirecting internet domain name requests to false websites to collect personal information.
  • Phishing - a scam that uses an authentic looking fraudulent email to solicit confidential customer information in response. If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this.
  • Pre-texting - where the thief poses as a legitimate representative of a company, bank, employer, landlord, business owner, internet service provider, or anyone else that contacts you and attempts to get you to reveal your confidential information - usually by asking you to verify some data.
  • Skimming - stealing credit/debit card numbers by swiping the card to a portable data storage device; or by attaching to an ATM or card reader.
  • Spoofing - where fraudsters create fraudulent websites to look just like an actual website via phishing or pharming schemes.
  • Spyware - where information is collected from a computer user without his or her knowledge/informed consent that reports information to a third party. This is used by legitimate business as well as identity thieves.
  • Vishing or Voice Phishing - sending an e-mail hoping to get victims to telephone a voice mail box to disclose sensitive financial and personal information.

Consumer risk management also includes your being aware of how your driver license number, health insurance identification number, student identification number, employee identification number, and public records information (e.g. wedding license, divorce agreement, property ownership, criminal record, etc.) are being used and how this information is being secured.

To conclude, I have highlighted three common ID Theft scams that will continue into the New Year including:

Antivirus 2009 - which is still a relatively new threat from last year that gives the computer user the impression that your valid security software is asking you to take action and update your computer software. Instead of locating and removing malware, Antivirus 2009 will install a Trojan on your current computer. In the end, this virus is more of an inconvenience as its primary purpose is to have you pay for a worthless program that is ripping people off. Click here for removal instructions and additional information.

Phone Scammers - are taking advantage of your area code which can be misleading. In this instance, ID Theft scammers are sending what appears to be a legitimate email from a legitimate business and request you to call what appears to be a legitimate phone number. The purpose of your call is to update your account. Since these ID Theft scammers are using Voice Over Internet Protocol technology, the area code that you are calling is in reality a far away, secret location hosted by ID Theft scammers. You should always confirm the phone number of your bank or any organization that you do business with by contacting the number on your bank, retirement, and other financial statements or on the back of your credit/debit card.

Job Search Update/Warning - individuals applying for jobs online need to take extra caution when providing personal and confidential information. If you are applying online or you receive news that you are a finalists for a position from where you applied online - DO NOT complete an application which includes a request for your social security number and/or bank account number (for direct deposit) until you have made personal contact and completed you due diligence of said potential employer.

So my advice for the New Year is to take your consumer risk management to a new level by increasing your knowledge, education and self-awareness of ID Theft and Data Breach events to protect you and your family from ID Theft.