What is Identity Theft?

Identity theft is when someone takes and uses your personal information (such as your name, Social Security or credit card number) in order to steal money from your accounts, establish fraudulent accounts in your name or borrow against your credit.

How does it happen?

• They steal mail (such as account statements, new checks and credit offers) from mailboxes, trash, or even out of your home or office.
• They take credit card and personal identification from your purse or wallet.
• They trick you into divulging personal information through phony websites or scam e-mails, often posing as your bank or Credit Card Company.
• Spoofers  - Create a replica of an existing Web page to fool a user into submitting personal, financial, or password data.
• Spammers – Send unsolicited e-mail indiscriminately to multiple mailing lists, individuals, or newsgroups. These e-mails include advertisements, viruses, and hoaxes.
• Phishers – Create and use e-mails and Web sites which are designed to look like those of well-known legitimate businesses, financial institutions, and government agencies – to deceive users into disclosing financial institution and account information or other personal data such as usernames and passwords.

How can I avoid becoming a victim?

• Completely destroy or shred all papers with personal information before throwing them out.
• Be careful who you give your information to over the phone, and only give your SSN if absolutely necessary. Try using other identifiers such as a driver’s license number.
• NEVER give out your Personal Identification Number (PIN) or passwords.
• Report lost or stolen credit cards, checks or identification immediately.
• Shop online only with reputable merchants in secured areas. Secure sites will have a URL that begins with https: or s-http:. Also, look for a padlock on the website – this signifies the use of SSL (Secure Sockets Layer)
• Never write your Social Security Number or driver’s license number on your checks.
• Never leave your mail in an unsecured mailbox, and contact the U.S. Postal service if you don’t receive mail for a few days.
• Obtain a copy of your credit report from each of the three major credit reporting agencies each year. Government regulation requires each major credit bureau provide consumers with a FREE credit report annually, but you must request it. Visit www.annualcreditreport.com to get yours.

What should I do if I become a victim?

Step 1: Contact the fraud departments of each of the three major credit bureaus. Get a copy of your credit report, which is free to ID theft victims. Ask that your file be flagged with a “fraud alert tag” and a “victim’s statement.” That will limit the thief’s ability to open new credit accounts, as new creditors will call you before granting credit, generally.

Step 2: You will need a police report to dispute unauthorized charges and for any insurance claims. Be persistent; your local police department may suggest that this isn’t necessary, because they don’t want the paperwork hassle. Also, file a complaint with the Federal Trade Commission at www.consumer.gov/idtheft or 1-877-IDTHEFT (438-4338).

Step 3: Close all accounts that have been tampered with or opened fraudulently. This includes accounts with banks, credit card companies and other lenders, and phone companies, utilities, ISPs, and other service providers. Ask the issuer to promptly clear your credit record.

Phishing Scam

Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.
According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with – for example, your Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message directs you to a Web site that looks just like a legitimate organization site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:

• If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and enter in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
• Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
• Review credit card and credit union statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or Southwest Heritage Credit Union to confirm your billing address and account balances.
• Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
  A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
• Report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Web site at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft. Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam.

Check out these great sites for updates, information, and resources. And, as always, you can contact us if you notice suspicious charges on your Southwest Heritage Credit Union account.

http://www.ftc.gov/bcp/edu/microsites/idtheft/
http://www.usdoj.gov/criminal/fraud/websites/idtheft.html