It seems that the crime of impersonating victims is on the rise in Hong Kong. And why not: people have become more immersed with life online. Banks urge customers to check their account details online. E-commerce provides unique convenience and a way to avoid the crowd when buying products. Social networking sites like Facebook enable everyone to connect with long lost friends on unprecedented levels. Indeed, using the Web brings great benefits. But as it allows connection to virtually everyone else on the planet, the Web also has become a hotbed for crimes as intruders may get hold of our personal information which they can use to impersonate legitimate owners.
Lawrence Tsong of TransUnion Hong Kong, which holds credit records of 4.2 million people, confirms the increased incidence of identity theft in the city. While no statistical information was disclosed to back up the claim, it’s not hard to imagine why there is that upward trend of identity theft cases. As many of us manage accounts online, the problem stems not from how personal information is kept, but how we allow it to be accessible to others. Listing personal data like age, e-mail addresses or company information can be a good way for Facebook friends to validate identity before making a connection. But at the same time, they also provide hints to would-be offenders. E-mail addresses can be used to send spam messages or company information can be used by stalkers to track the location of victims.
People in Hong Kong normally don’t disclose their birthdates for non-privacy related reasons, but this is actually helping them avoid possible identity theft as birth dates are sometimes used to verify identity for phone or online transactions such as retrieval of lost passwords.
“We found that personal information posted on Facebook had been used in identity fraud and related deception,” Tsong said, adding that care should be taken with documents that contained personal information, such as bank statements.
Unfortunately, many people don’t seem to care abut giving away information that can eventually lead to the theft of their identity online. And this doesn’t necessarily mean wanton disregard for privacy online. The crime also happens in neighborhoods without the involvement of computers. For example, mailboxes full of letters could attract fraudsters who can easily get confidential letters that include pass codes for bank accounts or information about a recent loan application.
The criminal activity is made possible by the fact that there is already a market for such stolen information. For example, marketers may want to access that data to fine-tune their advertising.
It is of paramount importance to exercise vigilance to prevent identity theft. About.com offers 10 tips to prevent identity theft:
1. Watch for shoulder-surfers. When entering a PIN number or a credit card number in an ATM machine, at a phone booth, or even on a computer at work, be aware of who is nearby and make sure nobody is peering over your shoulder to make a note of the keys you’re pressing.
2. Require photo ID verification. Rather than signing the backs of your credit cards, you can write “See Photo ID”. In many cases, store clerks don’t even look at the signature block on the credit card, and a thief could just as easily use your credit card to make online or telephone purchases which don’t require signature verification, but for those rare cases where they do actually verify the signature, you may get some added security by directing them to also make sure you match the picture on the photo ID.
3. Shared everything. One of the ways that would-be identity thieves acquire information is through “dumpster-diving”, aka trash-picking. If you are throwing out bills and credit card statements, old credit card or ATM receipts, medical statements or even junk-mail solicitations for credit cards and mortgages, you may be leaving too much information laying about. Buy a personal shredder and shred all papers with PII on them before disposing of them.
4. Destroy digital data. When you sell, trade or otherwise dispose of a computer system, or a hard drive, or even a recordable CD, DVD or backup tape, you need to take extra steps to ensure the data is completely, utterly and irrevocably destroyed. Simply deleting the data or reformatting the hard drive is nowhere near enough. Anyone with a little tech skill can undelete files or recover data from a formatted drive. Use a product like ShredXP to make sure that data on hard drives is completely destroyed. For CD, DVD or tape media you should physically destroy it by breaking or shattering it before disposing of it. There are shredders designed specifically to shred CD / DVD media.
5. Be diligent about checking statements. This actually has two benefits. First, if you are diligent about checking your bank and credit statements each month, you will be aware if one of them doesn’t arrive and that can alert you that perhaps someone stole it from your mailbox or while it was in transit. Second, you can ensure that the charges, purchases or other entries on the statement are legitimate and match up with your records so that you can quickly identify and address any suspicious activity.
6. Pay your bills at the post office. Never leave your paid bills in your mailbox to be sent out. A thief who raids your mailbox would be able to acquire a slew of critical information in one envelope – your name, address, credit account number, your bank information including the routing number and account number from the bottom of the check, and a copy of your signature from your check for forgery purposes just for starters.
7. Limit the information on your checks. It may be convenient to have your drivers license number or social security number imprinted on your personal checks to save some time when you write one, but if it falls into the wrong hands it reveals too much information. In fact, some recommend that you only include your first initial in the name space of your check, such as “T. Bradley” rather than writing out “Tony Bradley” so that if someone did get one of your checks they would not know your full name.
8. Analyze your credit report annually. This has always been good advice, but it used to cost money, or you had to first be rejected from receiving credit so that you could get a free copy. Now it is possible to get a free look at your credit report once per year. The big three credit reporting agencies (Equifax, Experian and TransUnion) joined forces to provide free credit reports to consumers..
9. Protect your Social Security number. I don’t personally believe in Social Security or any attempts to repair or reform it. I have no illusions that it will actually be around to pay me when I retire. But, whether that comes to pass or not, the Social Security Number has become the one thing they had always promised it wouldn’t- a sort of national identification number. It is often suggested that you do not carry your Social Security in your wallet with your drivers license and other identification. For one thing, although they expect it to last your whole life, the Social Security card is issued on very flimsy cardboard that doesn’t hold up well to wear and tear. Aside from that though, knowing your full name, address and full Social Security Number, or even the last 4 digits in many cases, can let a thief assume your identity. You should never use your Social Security Number as any part of a username or password that you establish and you should never divulge it to telephone solicitors or in response to spam or phishing scam emails either.
January 6, 2010
February 16, 2010