Identity theft

How do thieves steal an identity?

Identity theft starts with the misuse of your personally identifying information such as your name and credit card numbers, or other financial account information. For identity thieves, this information is as good as gold.
Skilled identity thieves may use a variety of methods to get hold of your information, including:

1. Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information on it.
2. Skimming. They steal credit/debit card numbers by using a special storage device when processing your card.
3. Phishing. They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information.
4. Changing Your Address. They divert your billing statements to another location by completing a change of address form.
5. Old-Fashioned Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records, or bribe employees who have access.
6. Pretexting. They use false pretenses to obtain your personal information from financial institutions, telephone companies, and other sources.

What do thieves do with a stolen identity?

Once they have your personal information, identity thieves use it in a variety of ways.

Credit card fraud:

• They may open new credit card accounts in your name. When they use the cards and don’t pay the bills, the delinquent accounts appear on your credit report.
• They may change the billing address on your credit card so that you no longer receive bills, and then run up charges on your account. Because your bills are now sent to a different address, it may be some time before you realize there’s a problem.

Phone or utilities fraud:

• They may open a new phone or wireless account in your name, or run up charges on your existing account.
• They may use your name to get utility services like electricity, heating, or cable TV.

Bank/finance fraud:

• They may create counterfeit checks using your name or account number.
• They may open a bank account in your name and write bad checks.
• They may clone your ATM or debit card and make electronic withdrawals your name, draining your accounts.
• They may take out a loan in your name.

Government documents fraud:

• They may get a driver’s license or official ID card issued in your name but with their picture.
• They may file a fraudulent tax return using your information.

Other fraud:

• They may rent a house or get medical services using your name.
• They may give your personal information to police during an arrest. If they don’t show up for their court date, a warrant for arrest is issued in your name.

What can you do to help fight identity theft?

Awareness is an effective weapon against many forms identity theft. Be aware of how information is stolen and what you can do to protect yours, monitor your personal information to uncover any problems quickly, and know what to do when you suspect your identity has been stolen.

Securing Your Wireless Network-Precautionary Steps

1. Use encryption. The most effective way to secure your wireless network from intruders is to encrypt, or scramble, communications over the network. Most wireless routers, access points, and base stations have a built-in encryption mechanism. If your wireless router doesn’t have an encryption feature, consider getting one that does.

Two main types of encryption are available: Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP). Your computer, router, and other equipment must use the same encryption. WPA is stronger; use it if you have a choice. It should protect you against most hackers.

Some older routers use only WEP encryption, which is better than no encryption. It should protect your wireless network against accidental intrusions by neighbors or attacks by less-sophisticated hackers. If you use WEP encryption, set it to the highest security level available.

2. Use anti-virus and anti-spyware software, and a firewall

3. Turn off identifier broadcasting

4. Change the identifier on your router from the default. The identifier for your router is likely to be a standard, default ID assigned by the manufacturer to all hardware of that model. Even if your router is not broadcasting its identifier to the world, hackers know the default IDs and can use them to try to access your network. Change your identifier to something only you know, and remember to configure the same unique ID into your wireless router and your computer so they can communicate. Use a password that’s at least 10 characters long: The longer your password, the harder it is for hackers to break.

5. Change your router’s pre-set password for administration. The manufacturer of your wireless router probably assigned it a standard default password that allows you to set up and operate the router. Hackers know these default passwords, so change it to something only you know. The longer the password, the tougher it is to crack.

6. Allow only specific computers to access your wireless network. Every computer that is able to communicate with a network is assigned its own unique Media Access Control (MAC) address. Wireless routers usually have a mechanism to allow only devices with particular MAC addresses access to the network. Some hackers have mimicked MAC addresses, so don’t rely on this step alone.

7. Turn off your wireless network when you know you won’t use it. Hackers cannot access a wireless router when it is shut down. If you turn the router off when you’re not using it, you limit the amount of time that it is susceptible to a hack.

8. Don’t assume that public “hot spots” are secure. Many cafés, hotels, airports, and other public establishments offer wireless networks for their customers’ use. These “hot spots” are convenient, but they may not be secure. Ask the proprietor what security measures are in place.

Glossary

Encryption: The scrambling of data into a secret code that can be read only by software set to decode the information.

Extended Service Set Identifier (ESSID): The name a manufacturer assigns to a router. It may be a standard, default name assigned by the manufacturer to all hardware of that model. Users can improve security by changing to a unique name. Similar to a Service Set Identifier (SSID).

Firewall: Hardware or software designed to keep hackers from using your computer to send personal information without your permission. Firewalls watch for outside attempts to access your system and block communications to and from sources you don’t permit.

Media Access Control (MAC) Address: A unique number that the manufacturer assigns to each computer or other device in a network.

Router: A device that connects two or more networks. A router finds the best path for forwarding information across the networks.

Wired Equivalent Privacy (WEP): A security protocol that encrypts data sent to and from wireless devices within a network. Not as strong as WPA encryption.

Wi-Fi Protected Access (WPA): A security protocol developed to fix flaws in WEP. Encrypts data sent to and from wireless devices within a network.

Botnets and Hackers and Spam

Hackers and spammers may be using your computer right now. They invade secretly and hide software to get access to the information on your computer, including your email program. Once on your computer, they can spy on your Internet surfing, steal your personal information, and use your computer to send spam — potentially offensive or illegal — to other computers without your knowledge.

Computers that are taken over this way often become part of a robot network, known as a “botnet” for short. A botnet, also known as a “zombie army,” usually is made up of tens or hundreds of thousands of home computers sending emails by the millions. Computer security experts estimate that most spam is sent by home computers that are controlled remotely, and that millions of these home computers are part of botnets.

Spammers can install hidden software on your computer in several ways. First, they scan the Internet to find computers that are unprotected, and then install software through those “open doors.” Spammers may send you an email with attachments, links or images which, if you click on or open them, install hidden software. Sometimes just visiting a website or downloading files may cause a “drive-by download,” which installs malicious software that could turn your computer into a “bot.” The consequences can be more than just annoying: your Internet Service Provider (ISP) may shut down your account.

It can be difficult to tell if a spammer has installed hidden software on your computer, but there are some warning signs. You may receive emails accusing you of sending spam; you may find email messages in your “outbox” that you didn’t send; or your computer suddenly may operate more slowly or sluggishly.

Botnets are not inevitable. You can help reduce the chances of becoming part of a bot — including limiting access into your computer. Leaving your Internet connection on and unprotected is just like leaving your front door wide open. Secure your computer by:

Using anti-virus and anti-spyware software and keeping it up to date

Setting your operating system software to download and install security patches automatically

Being cautious about opening any attachments or downloading files from emails you receive. Don’t open an email attachment — even if it looks like it’s from a friend or coworker — unless you are expecting it or know what it contains. If you send an email with an attached file, include a text message explaining what it is.

Using a firewall to protect your computer from hacking attacks while it is connected to the Internet

Disconnecting from the Internet when you’re away from your computer. While anti-virus and anti-spyware software, along with a firewall, are critical protections when you’re connected to the Web, they’re not foolproof. Hackers just can’t get into your computer when it’s disconnected from the Internet.

Downloading free software only from sites you know and trust. It can be appealing to download free software like games, file-sharing programs, customized toolbars, and the like. But remember that many free software applications contain other software, including spyware.

Checking your “sent items” file or “outgoing” mailbox for messages you did not intend to send. If you do find unknown messages in your out box, it’s a sign that your computer may be infected with spyware, and may be part of a botnet. This isn’t foolproof: many spammers have learned to hide their unauthorized access.

Taking action immediately if your computer is infected. If your computer has been hacked or infected by a virus, disconnect from the Internet right away. Then scan your entire computer with fully updated anti-virus and anti-spyware software. Report unauthorized accesses to your ISP and to the FBI