My thanks this month to Vistage/TEC member Stan Stahl, president of Citadel Information Group. I can only scratch the surface of his expertise in the area of identity theft, but hopefully this article will get you thinking very seriously that it can happen to you.
What thieves want
Cyber thieves want virtually anything about you that can be used to assume your identity, like Social Security, bank account and credit card numbers. They also have rogue programs that can control your computer with the intention of stealing anything you store or type, especially passwords that would open your company’s HR information and financial data.
And, get this. These criminals will park themselves outside your home or business, or next to your room in a hotel or airplane terminal, and use special software to tap into unencrypted traffic.
Stahl says they tap into your computer three basic ways:
- They attack your system based upon software weaknesses or improperly set security settings.
- They see websites you visit and install malware on your computer. This is even a danger with sites like Facebook and MySpace.
- They deliver malware to you in emails, instant messages, or innocent-looking “pop-ups.”
Some recommendations:
Set Microsoft Windows and Office to automatically update security patches and service packs.
In the Control Panel, create separate accounts for all family members. If possible, set account type to “limited.”
Consider “Blink.” Better than most virus software, it’s available free for personal use for one year at http://www.eeye.com.
Avoid running “peer-to-peer,” or file-sharing programs such as Kazaa, Limewire, or BitTorrent.
If you use wireless, consider encrypting it with WAP2 encryption.
Never click on a website offering to scan your computer for free. I just received a pop-up from “Privacy Services” saying that my computer was seriously infected, and that for a license fee renewal of $100, my problems could be fixed. It was a complete scam.
Don’t open an unexpected email from a friend or anyone else. It could contain a virus on the sending computer that has been resent to everyone in your address book.
Never provide personal information to anyone, unless you can verify its source and use by phone or personal contact.
So, here are some general defense guidelines:
Only buy from merchants whose URL begins with https://.
Subscribe to a basic credit monitoring service (AAA, for example), and review your bank and credit card balances regularly.
Never leave your laptop in your car. Turn off Wi-Fi and Bluetooth when you’re done using them. Consider encrypting your laptop’s hard drive – if you lose it, information on it is still safe (see http://www.truecrypt.org/). And never use public computers for online banking or shopping.
Don’t sign the back of any credit card. Instead, write, “Photo I.D. required.”
If you pay credit card bills by check, only write the last four digits of the credit card on the check.
When having checks printed, do not include your Social Security number, home phone number, or home address. If it’s required, use work information in place of personal information.
Copy the front and back of every card in your wallet or purse, including your license. If they’re stolen, you have immediate access to the information required to suspend the accounts.
Always file a police report if you suspect identity theft or if your wallet or purse has been stolen.
If you suspect fraud, call the national credit reporting agencies to place a fraud alert on your credit. They are Equifax at 800-525-6285, Experian at 888-397-3742 and TransUnion at 800-680-7289. Also, if you suspect your Social Security number has been compromised, contact the Federal Trade Commission ID Theft Line at 877-438-4338.
Personal identity theft costs Americans and American businesses billions of dollars each year. The problem, many say, has reached near-crisis levels. It’s so bad, that the U.S. Air Force has created a well-financed effort to deal with threats to our nation’s air defense.
We can protect ourselves. But we must accept the responsibility to do so and not become victimized in the ways I’ve described above. Start with your own personal assessment.
As Allstate asks in its commercials, “Are you in good hands?” Until next month, here’s to you and your business defeating this beast.
