Identity Theft

Identity theft is the fraudulent use of a person’s personal identifying information. An identity thief will use another person’s personal information such as social security number, date of birth, mother’s maiden name, or account numbers to open fraudulent new accounts. They will open new credit card or checking accounts, write drafts on existing checking accounts, charge on existing credit card accounts, or obtain new loans.

An identity thief can obtain this information by:

• Stealing wallets
• Stealing credit union statements from the mail
• Diverting mail from its intended recipients by submitting a change of address form
• Rummaging through trash for personal data
• Stealing personal identification information from workplace records
• Intercepting or otherwise obtaining information transmitted electronically

STOP IDENTITY THEFT

There is a type of identity theft using the Internet called “phishing.” Pronounced “fishing,” that’s exactly what thieves are doing, fishing for your personal financial information. They want your account numbers, passwords, Social Security numbers, and other confidential information so they can use your financial accounts or run up bills on your credit cards.

In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even a driver’s license in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.

HOW PHISHING WORKS

Typically, you’ll receive an e-mail that appears to come from a reputable company that you recognize and may do business with, such as your financial institution. In some cases, the e-mail may appear to come from a government agency, perhaps a federal financial institution regulatory agency.

The e-mail will probably warn you of a serious problem that requires your immediate attention. It may use phrases such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail may also state that unless you provide certain confidential information your account will be deactivated or closed. The e-mail will encourage you to click a link to go to the institution’s Website.

In a phishing scam, you could be redirected to a phony Website that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual Website. In those cases, a pop-up window will quickly appear for the purpose of collecting your financial information.

You may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to your financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself a victim of identity theft.

HOW TO PROTECT YOURSELF

Never provide your personal information in response to an unsolicited request, whether it is over the phone or on the Internet. E-mails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, do not provide any information.

If you are unsure whether a contact is legitimate, contact the financial institution. You can find phone numbers and Websites on the monthly statements you receive from your financial institution, or you can look up the company in a phone book or on the Internet. The key is that you should be the one to initiate the contact, using information that you have verified yourself.

Never provide your account information and/or password over the phone or in response to an unsolicited Internet request. A financial institution would never ask you to verify your account information or confirm a password online. Thieves armed with this information and your account number can help themselves to your money.

Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving or does not arrive, call your financial institution to find out why. If your financial institution offers electronic account access, check your account activity online regularly to catch suspicious activity.

STORE PERSONAL INFORMATION IN A SAFE PLACE and tear up old credit cards receipts, ATM receipts, old account statements, and unused credit card offers before throwing them away

PROTECT YOUR PINs AND OTHER PASSWORDS. Avoid using easily available information such as your mother’s name, your birth date, the last four digits of your social security number, your telephone number, etc.

CARRY ONLY THE MINIMUM AMOUNT OF IDENTIFYING INFORMATION and number of credit cards that you need.

GUARD YOUR MAIL FROM THEFT. If you have the type of mailbox with a flag to signal mail pick up, do not leave bill payment envelopes in your mailbox, drop them at the Post Office.  Promptly remove delivered mail.

ORDER COPIES OF YOUR CREDIT REPORT from each of the three major credit bureaus once a year to ensure that they are accurate.  The law permits the credit bureaus to charge $8.50 for a copy of the report (unless you live in a state that requires the credit bureaus to provide you with one free copy of your report annually).

IF YOU PREFER NOT TO RECEIVE PRE-APPROVED OFFERS OF CREDIT, you can opt out of such offers by calling: (800)353-0809.

IF YOU WANT TO REMOVE YOUR NAME FROM MANY NATIONAL DIRECT MAIL LISTS, send your name and address to:

DMA Mail Preference Service
P.O. Box 9008
Farmingdale, NY 11735-9008

IF YOU WANT TO REDUCE THE NUMBER OF TELEPHONE SOLICITATIONS from many national marketers, send your name, address, and telephone number to:

DMA Telephone Preference Service
P.O. Box 9014
Farmingdale, NY 11735-9014

If you believe that someone has stolen your identity, or you disclose sensitive information in a phishing attack, you should:

Contact the fraud department of each of the three major credit bureaus listed below to report the identity theft or possible phishing attack and request that the credit bureaus place a fraud alert and a victim’s statement in your file. The fraud alert puts creditors on notice that you have been the victim of fraud, and the victim’s statement asks them not to open additional accounts without first contacting you.

The following are the telephone numbers for the fraud departments of the three national credit bureaus:

Equifax
www.equifax.com
800-525-6285 – P.O. BOX 740250, Atlanta, GA 30374

Experian
www.experian.com
888-397-3742 – P.O. BOX 1017, Allen, TX 75013

TransUnion
www.transunion.com
800-680-7289 – P.O. BOX 6790, Fullerton, CA 92634

Contact any credit union or other creditor where you have an account that you think may be the subject of identity theft.  Advise them of the identity theft in writing. Send your letters by certified mail, return receipt requested so you can document when and what the company received. Keep copies of your correspondence and enclosures. Request that they restrict access to your account, change your account password, or close your account, if there is evidence that your account has been the target of criminal activity. If your credit union closes your account, ask them to issue you a new credit card, ATM card, debit card, or share drafts, as appropriate.

File a report with your local police department.

Contact the Federal Trade Commission through the Internet at: https://reportfraud.ftc.gov/#/, or by calling 1-877-IDTHEFT (1-877-438-4338).

Check with your state Attorney General’s office to find out if state law requires the police to take reports for identity theft. Check the Blue Pages of your telephone directory for the phone numbers, or check www.naag.org for a list of state Attorneys General.

If possible, file a report with local police or police in the community where the identity theft took place. Obtain a copy of the police report or the report number. It can help you deal with creditors who need proof of the crime. If the police are reluctant to take your report, ask to file a  “Miscellaneous Incidents” report.

Never provide personal financial information, including your Social Security number, account numbers or passwords over the phone or the Internet, if you did not initiate the contact.

Never click on the link provided in an e-mail you think is fraudulent. In addition to stealing your personal information, the link may contain a virus that can contaminate your computer.

Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide verify financial information.

If you are unsure whether a contact is legitimate, go to the company’s Website by typing in the site address or using a page you have previously bookmarked, instead of using a link provided by the e-mail.

If you fall victim to identity theft, act immediately to protect yourself. Alert your financial institution. Place fraud alerts on your credit files. Monitor your credit files and account statements closely.

Report suspicious e-mails or calls to the Federal Trade Commission through the Internet at https://reportfraud.ftc.gov/#/, or by calling 1-877-IDTHEFT (1-877-438-4338).

To learn more about keeping your money safe, visit https://www.mymoney.gov/.