phishing scams

The Federal Trade Commission (FTC) estimates that as many as 9.9 million Americans become victims of identity theft each year. These crimes involve personally identifying information (PII):

  • Name and address
  • Social Security number
  • Credit card numbers
  • Email or other passwords

Many people associate such crimes with online scams like phishing emails. However, most identities are stolen using low-tech methods. There are many ways thieves obtain your personal information:

  1. Phishing/spam: They send an email or pop-up message that looks like it came from a real bank or credit card company asking for identifying information. (This is called phishing.)
  2. Social engineering/pretexting: They pose as a legitimate business or government officials to obtain your personal information from financial institutions, telephone companies, and other sources.
  3. Shoulder surfing: They watch you from a nearby location as you type in your password or credit card number, or listen in on your telephone conversation.
  4. Hacking: They gain unauthorized access into computer networks where information is stored.
  5. Old-fashioned stealing: They steal wallets and purses; mail, computers not protected with passwords, mailed bank and credit card statements, pre-approved credit offers, and new checks or tax information sent through the U.S. Mail.
  6. Dumpster diving or trash rips: They rummage through communal or business trash to obtain copies of your checks, credit card or bank statements, or other records that typically bear your name, address, or telephone number.

What do thieves do with your personal information?

Thieves can use illegally obtained personal identity information in various ways:

  • Credit card or other financial/bank fraud
  • Phone or utilities fraud
  • Government documents fraud (obtain a drivers license, try to get government benefits, etc).
  • They may get a job using your Social Security number.
  • They may rent a house or get medical services using your name.
  • They may give your personal information to police during an arrest. If they don't show up for their court date, a warrant for arrest is issued in your name.
  • Guarding yourself against identity theft

Prevention is the best defense. Try following the suggested precautions below:

Securing data and electronic information

  • Don't give out personal information on the phone, through websites, or in email unless you are sure you know whom you are dealing with.
  • Never click on links sent in unsolicited emails.
  • Use one credit card for Internet purchases with a low maximum limit amount.
  • Do not give out your real name or other personal information in Internet chat rooms. Use a screen name.
  • Use strong passwords, and change your important passwords annually.

Securing physical documents

  • Don't carry your Social Security card or write your Social Security number on a check. Provide your Social Security number only if absolutely necessary; you can always ask to use another identifier like a Connecticut driver's license number.
  • Minimize the ID information and number of credit cards you carry.
  • Keep your personal information in a secure place at home.
  • Do not authorize others to use your credit cards.
  • Protect areas where your mail can be stolen. Secure mail receptacles and promptly remove your mail. Deposit outgoing mail in post office mail boxes.
  • Never leave receipts at bank machines, bank windows, trash receptacles, or gasoline pumps.
  • Sign all new credit cards with "Photo Identification Required."
  • Shred documents like pre-approved credit applications, receipts, bills, and other financial information.

"Phishing" schemes and protecting your identity

"Phishing" is when the sender of an email tries to trick recipients into volunteering personal or credential-related information. That information can then be used to commit identity theft, or enter password-protected sites using your account.

Always be suspicious of requests for personal information that come via email, particularly requests for passwords, banking information, or wire transfers of money, even if the request seems to come from a good friend.

What to do about phishing or other suspicious email messages

  • Delete suspicious messages immediately.
  • DON'T click on any links in the message.
  • Never supply your passwords via an email message.
  • Never supply personal information requested by an email, even if the messages looks real.

ITS will NEVER ask you to send information about your account like passwords or other sensitive personal information via email. When ITS does send messages on behalf of the University, we provide a link at the bottom that confirms the authenticity of the message by taking you to the official Yale Messages website: An official message from Yale University.

Official Yale University Messages

You can navigate to the official Yale University Message page to locate and verify the authenticity of official messages.

You can certify that the webpage to which you are directed is authentic by clicking on the "VeriSign Secured " logo on the top right corner of the screen.

Resources if you think your identity may be compromised

If you think your Yale University NetID password may be compromised, you can change your NetID password at any time. Contact Yale's Information Security Office if you have questions about a possible identity compromise or theft involving your personal or business information.
Report a Security Incident or a Lost or Stolen Device.

  • Trans Union – 800-680-7289
  • Experian (formerly TRW) – 888-397-3742
  • Equifax – 800-525-6285

The agency you call will automatically share the alert with the other national credit reporting agencies. This alert typically lasts 90 days, after which time you can review your credit report to determine if any other fraud has occurred.

You can also request a security freeze to block anyone from accessing your credit history. You must use a PIN to unblock the freeze prior to any application for credit.

When you send a complaint to the Federal Trade Commission (FTC) they will enter the Internet, telemarketing, identity theft and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies worldwide. The FTC maintains a site you can use as a starting point for identity theft information.

NOTE: I you would like to PROMOTE link in this article, please let me know.

If you liked this article, please like DM Spot FB page, Twitter or LinkedIn and be notified when a new article is published.


Welcome

Hello Everyone :)

Thank you for visiting Sci & Tech Portal. It contains articles about Information technologies, Lifestyle...

You will surely find something to read in between the lines too, namely, my love and effort invested into making my communication with you original, useful, and attractive, as well as a promise of continuous improvement.

If you've found the site helpful or useful then please consider throwing a coffee my way to help support my work

Recommended