IDENTITY THEFT - includes detailed discussion of crafting longer passwords and techniques to remember passwords

see also  witiger.com/ecommerce/hackers.htm
see also  witiger.com/ecommerce/hackersvideo.htm
see also  witiger.com/ecommerce/SocialEngineering.htm
see also  witiger.com/ecommerce/scams.htm
see also  witiger.com/ecommerce/domainnamephishing.htm
 

.	This page used in the following courses taught by Prof. Richardson . MGT D06 BCS 555 FSM 620 GNED 136 MRK 410, 610, 619 MGD 415

.

Before reading through this unit, you might be interested in listening to the CBC Radio interview that I gave in March 2006 about aspects of Identity Theft. It provides a good overview of the situation. The interview runs about 9 minutes. There are 3 file sizes you can download, depending on how fast your internet connect is.     o IdentityTheft64kbps.mp3    o IdentityTheft96kbps.mp3    o IdentityTheft128kbps.mp3 WTGR

.

Prof. Richardson discussing Identity Theft in a 2008 documentary on the iChannel Part 1 youtube.com/watch?v=tF8YAMod0XM (uploaded Jan 14th 2011)

xxx

YES THIS PAGE IS USEFUL Nov 2011 - former UTSC student (MGTD06 in 2008) Hasan Shahzad stopped by to talk about his work in Mutual Funds at Royal Bank and mentioned that frequently he references material from this page in order to educate clients as to some risk and threat situations they should be careful about regarding identity theft and hacking.  youtube.com/watch?v=Ia5LN0rBgrI  Thanks Hasan for mentioning this. WTGR

 
 

LEARNING OBJECTIVES

After completing reading this unit, and listening to the lecture in class, student will have information about:     o How to fight identity theft- Cdn Govt Resources     o RCMP The Royal Canadian Mounted Police list of scams     o Toronto Star Article "Identity Thieves Prey on Slack Mail Security"     o Toronto Star Article "Leave Identity Thieves Nary a Shred of Info"     o How to protect yourself from identity theft. Forbes article                "Make Your Identity Useless To Thieves"                        - includes signs your identity is being used fraudulently:     o Tips To Avoid Identity Theft     o What to do when you think your identity has been stolen.     o Protecting your passwords     o Real life story how people stole other people's identity and got caught     o Toronto Star Article, how quickly Identity Theft is growing     o Identity theft from job posting sites     o How a company's loss of data during a theft has created risk for Identity Theft in Canada

.

INTRODUCTION

Identity theft is not a new problem - it has been around before the WWWeb became popular in the late 1990's and early 2000's - but since the advent of many activities on the Web requiring people to sign up, log in, register to view, etc, - there has been an explosion in the number of situations where such personal profile information is stolen and abused. The circumstances of using the Web on a personal basis have resulted in many people surrendering identity information to companies and organizations in a way which is not secure and what is more problematic - the surrendering is done to people to whom they have no recourse to complain.    Warning Identity Theft is not just a "technical hack" - in a large number of identity theft cases, the victim knows the perpetrator, it often is a distant family member, casual friend, someone who has access to your home, etc. Many cases of identity theft have been reported by women who had an ex-boyfriend use their credit card fraudulently, or husbands who had their ex-wive continue to use their credit card number. It is difficult to prevent identity theft. Lax credit industry practices (caused in part by outsourcing) and the ease of obtaining personal profile information, make it possible for "bad guys" to obtain the information necessary to assume your identity. What you can do is make it difficult for them to have all the information - so they will target someone else.  A basic principle of security is that you do not have to be perfect in your defense "tactics", just better than a person who has no defense, so the bad guys will target them instead of you. WTGR

.

Social Engineering x University of Toronto (UTM) students Wyann L. and Sol. L in MGD 415 in March 2008 created a kewl video in which they describe several components of how Social Engineering tricks can lead to an Identity Theft situation. If you watch the video carefully, you can pick up on several tricky (but convincing) lies that are told. And,,, what makes it even trickier is that the tricky lines come from a friend - which makes it less likely the "victim" will be suspicious.  youtube.com/watch?v=9qKfrnXjqjc While it is sensational to talk about Identity theft happening by strangers hacking you. it is far more common for it to be committed by someone you actually know.

m

Social Engineering / Identity Theft - example of 2 techniques 1 - cross contamination re: RFID 2 - skimming Credit Cards x University of Toronto (UTM) students in MGD415 in early April 2009 Altin E, Trevor G Mark Teh-Yu H, Gianmarco R Nicholas S, Tiffany (Wutang) W. created an informative video in which they mixed in  Social Engineering tricks and Skimming which lead to an Identity Theft situation.   youtube.com/watch?v=te6ULbUpuRQ also posted at  www.bollytainment.com/tags/Witiger

m

Identity Theft - example of   - skimming Credit Cards at a gas station from Seneca students in BCS555 in 2009 video created by Mark D. It is quite a long drama the way they play it out, and very realistic to what actually happens in such a "skimming" situation, watch closely for the DOUBLE SWIPE x

m

Identity Theft  x from Seneca students in BCS555 in 2009 produced by "Warn a Brother Productions" kewl clip, uses imagery and music from "24" shows good example of "dumpster diving" to obtain confidential information.

m

The premise of the video is "friends" are not friends when they use your credit card dishonestly - it is better to be more careful with your cards and never let anybody use them.

xx

Identity Theft  - Credit Card Skimming x University of Toronto (UTM) students Bashir K., and Jawad K., and Nomaan C. in MGD 415 in March 2008 created a kewl video in which they describe several components of how Skimming a credit card can lead to an Identity Theft situation. Watch the video carefully.  youtube.com/watch?v=g0akqoBMOd4 Often skimming is done at gas stations or restaurants, since those are the places that hire people who work for minimum wage, - and many times such businesses don't bother doing background checks cause the employees are mostly part-timers.

vv

Skimming Prevention Tips 1. I (WTGR) always pay cash at gas stations, it is faster to lay down one or two twentys instead of waiting in line anyway - and with gas prices so high, nobody puts a lot of gas in anyways these days. 2. If you do use the card, don't let the attendant take it out of your hand (sometimes they just rudely grab it) and swip it on their keyboard, insist on swiping it on the terminal passed to customers. 3. At restaurants, don't put your card on the little tray they sometimes bring out, instead, walk back to the cash register and swipe it yourself, this way you can make sure it is not being swiped twice.

x

Identity Theft  - Credit Card Fraud  - description of frauds and tips to prevent this  youtube.com/watch?v=2CfM-KLuvEs xDone by students - done by students Richard L. and Steven L. in BCS 555 at Seneca College in November 2011

vmm
 
 

www.theepochtimes.com

During the 1st week of October 2007, Richardson was interviewed by Joan Delaney for the English-Canada version of the international newspaper The Epoch Times. The story was about Identity Theft and associated circumstances such as viruses, hacking and social engineering

.

Richardson was quoted saying "one of the reasons identity theft is on the rise is the ease with which intruders can hack into people's computers. Think about guns for example; … can you imagine what would happen if you're walking down the street and guns are lying on a ditch and there's an arrow that says here's the bullets and there's another little arrow that says here's how to load it? Well, this is the problem with the Internet," says Richardson. "There are many websites where people can download simple hacking software and then use it to hack people, and then [there are] instructions in chat rooms and message boards about how to do hacking, and there is no law against that." "

w

During the 2nd week in February 2007,  Richardson was a guest expert on the Bill Good Show on CKNW Radio in Vancouver.    o http://people.senecac.on.ca/tim.richardson/audio/CKNW-Bill-sinNumbersFeb2007seg1.mp3    o http://people.senecac.on.ca/tim.richardson/audio/CKNW-Bill-sinNumbersFeb2007seg2.mp3 Richardson was interviewed about Identity Theft issues in the context of the recent report of the Auditor General and the study by the Fraser Institute  www.fraserinstitute.ca.

.

WTGR explained that companies recognize that mass marketing to new customers is not as effective as focusing on building a business by selling more to existing customers. Compaines then focus more on gathering detailed profile information on existing customers in order to up-sell and cross-sell products, and by collecting such information (birthdates, credit card numbers, home addresses etc.), put customers in a position of vulnerability when such databases become compromised. CKNW is part of the CORUS radio network.

.

Fraser Institute  www.fraserinstitute.ca. It has been discovered that there is a lot of management and fraud within Canada's Social Insurance Number systems and this is leading to speculation about how fraudulent identities are costing the government and private sector.  "... reports by the Auditor General show there are 2.4 million more social insurance numbers than actual Canadians,”  Niels Veldhuis, Senior Research Economist for The Fraser Institute.

.

Identity Theft Risks from Insiders

"Forecast: ID Theft by Insiders to Grow Dramatically in '06" written by Gene J. Koprowski in November 2005 Koprowski writes "...even as companies implement more IT security to prevent Internet  hackers from tapping their networks, there will be increased theft of secure data by insiders, like employees." Koprowski quotes Joseph Ansanelli, chief executive officer of the data security firm Vontu. Ansanelli says "Many retailers have not educated their employees on the value of customer information to the company, nor have they educated them on employee responsibilities towards protecting and correctly handling this information." permission to quote from ecommercetimes.com given by publisher Richard Kern in an email Dec 10th, 2004. Prof. Richardson is also a contributing writer to ecommercetimes.com. Copies of emails kept on file in the permissions binder.

.

William Y. in MRK 410,  found this site about identity theft, March 2004 Identity Theft Resource Center www.idtheftcenter.org/index.shtml A huge resource site about identity theft "Identity theft is a crime in which an imposter obtains key pieces of information such as Social Security and driver's license numbers and uses it for their own personal gain. Identity theft takes many forms. Almost all cases, victims are left with a ruined credit or criminal history and the complicated task of regaining their good names. Identity theft is an evolving crime and criminals are finding new and more sophisticated ways to steal and use information. " William Yau says - "the site is a huge resource centre about identity theft. It has things from current laws to victim's resources. This site pretty much tells you what you need to know, what to do if you are a victim, or even just wanting to learn more about the topic."

.
 

.KEY POINTS

The Canadian federal government considers Identity Theft a serious and growing problem and has devoted resources to educating the public and providing information to help people understand their risk.

.
.

click on this screen capture to go to the government website that describes this In 2003 Prof. Richardson was in touch with the Privacy Commissioner's office and they welcomed him to use this material in class, and educate the students about this issue.

.
from the Privacy Commissioner
 

How to fight identity theft

• Minimize the risk. Be careful about sharing personal information or letting it circulate freely.
• When you are asked to provide personal  information, ask how it will be used, why it is  needed, who will be sharing it and how it will be  safeguarded.
• Give out no more than the minimum, and carry the  least possible with you.
• Be particularly careful about your SIN; it is an important key to your identity, especially in credit reports and computer databases.
• Don't give your credit card number on the telephone, by electronic mail, or to a voice mailbox,  unless you know the person with whom you're communicating or you initiated the communication  yourself, and you know that the communication  channel is secure.
• Take advantage of technologies that enhance your security and privacy when you use the Internet, such as digital signatures, data encryption, and "anonymizing" services.
• Pay attention to your billing cycle. If credit card or utility bills fail to arrive, contact the companies to ensure that they have not been illicitly redirected.
• Notify creditors immediately if your identification or credit cards are lost or stolen.
• Access your credit report from a credit reporting agency once a year to ensure it's accurate and  doesn't include debts or activities you haven't authorized or incurred.
• Ask that your accounts require passwords before  any inquiries or changes can be made, whenever  possible.
• Choose difficult passwords – not your mother's  maiden name. Memorize them, change them often. Don't write them down and leave them in your wallet, or some equally obvious place.
• Key in personal identification numbers privately  when you use direct purchase terminals, bank  machines, or telephones.
• Find out if your cardholder agreement offers  protection from credit card fraud; you may be able to avoid taking on the identity thief's debts.
• Be careful what you throw out. Burn or shred  personal financial information such as statements, credit card offers, receipts, insurance forms, etc.

Insist that businesses you deal with do the same..
• safely discard computer equipment (destroy all floppy disks, CDs   and DVDs with personal information in them. when throwing an old computer away remove all information and use a "white space wiper" application.  A "white space wiper" applications writes's over all the deleted files rendering them completely inaccessible)
• remember to always sign-out of online accounts

.

RCMP	The Royal Canadian Mounted Police have an extensive website which discusses many aspects of Identity Theft security and risk situations.   http://www.rcmp-grc.gc.ca/scams/index_e.htm

.

Identity Theft - government resources

click on this screen capture to go to the RCMP government website see http://www.rcmp-grc.gc.ca/scams/identity_theft_e.htm

Contact was made May 17th, 2005 with Michelle Corrigan, and May 19th w Constable P. Flood,  of the Public Affairs branch and June 6th with Constable Cyndy Henry of the Intellectual Property office of the RCMP HQ in Ottawa regarding permission to link, and use this screen capture. Copies of emails kept on file in the permissions binder.

Identity Theft - problems raised by government jurisdictional issues

While nobody would accuse the government of aiding Identity Theft, and there is lots of ways the government is trying to inform people of Identity Theft risk and threat situations, one fact remains that governments are based on political borders -and therefore law enforcement agencies are based on political borders: - cybercrime is borderless. Sometimes, matters of jurisdictional issues make it difficult for law enforcement officials to track identity theft cases and red tape between jurisdictions makes it difficult to trace leads quickly enough to catch "bad guys" Nicole Stampatori, national practice leader of security, identity and privacy at IBM Canada was quoted in ComputerWorld Canada in May 2006 saying "Canada may have the right laws and regulations in place to combat cybercrime within its borders but many of the viruses and threats are coming from countries that don't have this legal infrastructure in place". Rene Hamel, ex-RCMP officer said cooperation between different law enforcement agencies isn't easy, even within Canada's borders. Hamel explained "... if an identity theft of a Toronto resident is perpretrated by a thief in Vancouver, it is unclear whether the crime should be investigated by the Toronto or Vancouver police. Stampatori and Hamel quoted May 26th, 2006 by Rosie Lombardi for ITworldcanada.com - publisher of ComputerWorld Canada

,

Identity Theft - problems raised by government jurisdictional issues

Rene Hamel, ex-RCMP officer  "Time consuming jurisdictional issues can become very troublesome in cases of international crime. International investigations are governed by the MLAT - Mutual Legal Assistance Treaty which is an agreement between two countries to exhange information, enforce criminal laws and apprehend criminals." Hamel explains "if information is stolen from a Canadian database by someone in China, you have to go through this long process to get information". Stampatori and Hamel quoted May 26th, 2006 by Rosie Lombardi for ITworldcanada.com - publisher of ComputerWorld Canada

,

This 2002 article by Ellen Roseman, in the Toronto Star, outlines the main points for consideration and you are encouraged to read it through thoroughly. It applies just as easily in 2006 as in 2002. One of the key points is that Identity theft is not, strictly speaking, an internet / e-commerce crime but it is increasingly perpetrated by people using the internet and gathering information through e-commerce situations which are fraudulent.

.

Story About  How Identity Theft Happened to one Victim

"Identity Thieves Prey on Slack Mail Security" article by Ellen Roseman 2002 April 20th "IDENTITY THEFT occurs when someone appropriates your personal information without your knowledge to commit fraud. Criminals may steal your credit card number, driver's license number, social insurance number and other key pieces of  your identity. They use this information to impersonate you, spending as much money as they can in as short a time as possible before  moving on to someone else's name and account information."

.

Story About  How Identity Theft Happened to one Victim

Roseman write "The Toronto woman (who asked us not to use her name) wrote to Equifax Canada Inc. in early January, asking to see her credit record. It never arrived. A month later, Equifax wrote to say her credit record had been sent out on Jan. 14. Had she received it? "When I called on Feb. 25," the woman recalls, "they confirmed that some Equifax credit reports had been intercepted fraudulently, that they were investigating the problem and had put a note on my credit file that said `protecting my information.'" When the second credit report hadn't arrived by March 21, she called and found it had been stolen again. Then, on March 24, her credit card was declined when she tried to pay for a $20  purchase in a drug store. She later found out the issuer had decided to change the credit card account because of security concerns, but hadn't told her in advance. She had to wait a week for a replacement card. Today, the woman still hasn't seen her credit report and wonders whether it's safe to ask for it again. "Consumers should be alerted to the fraud and should be advised not to request credit reports from Equifax until the problem is resolved," she told On Your Side."

.

Story About  How Identity Theft Happened to one Victim

Good Advice Roseman write "... if you're not receiving bills from credit granters as you normally would, find out what's happening. Fraud artists may call your credit card issuer and, pretending to be you, change the mailing address on your account and run up charges. Because your bills are being sent to the new address, you may not immediately realize there's a problem." permission to quote from the Toronto Star given  by Ellen Roseman (writer) and Joanne MacDonald (TORSTAR SYNDICATE SALES) in emails in 2004. Copies of emails kept on file in the permissions binder.

.

This 2004 article by Ellen Roseman, in the Toronto Star, outlines the main points for protecting yourself from identity theft, including credit card theft. While it is impossible to prefectly protect yourself from all crime  - the main point is to make yourself a "difficult target" and encourage the bad guys to hit on easier opportunities. Roseman's article contains some obvious points based on making sure bad guys, who are looking for personal information, will find it difficult to find information about you.

.
.

Protecting yourself from Identity Theft - be alert

Roseman suggests there are signs your identity is being used fraudulently: 1. You hear from a creditor that a credit card application was received in your name and address. But you didn't apply for it. 2. You get calls or letters saying you're approved for credit you didn't apply for. Or maybe you're told your request for credit was denied. 3. You no longer receive your credit card statements on a regular basis. Or you notice that not all your mail is delivered. 4. You find out that a collection agency is looking for money owed on a delinquent account established in your identity. But you never applied for it. Roseman recommends "To prevent crooks from getting hold of data that lets them pretend to be you, you should pay attention to your billing cycles. Follow up with creditors when bills don't arrive on time." permission to quote from the Toronto Star given  by Ellen Roseman (writer) and Joanne MacDonald (TORSTAR SYNDICATE SALES) in emails in 2004. Copies of emails kept on file in the permissions binder.

.

William Y. in MRK 410,  found this article about how to make your identity more difficult to hijack, March 2004 "Make Your Identity Useless To Thieves" Article by David Simons; June 12th 2003  Link:was www.forbes.com/2003/06/12/cx_ds_0612simons.html David Simons says "No matter how carefully you guard your identity, it is vulnerable to theft. There's just too much about you floating around out there; and you routinely expose pieces of it. Your credit card number allows sales clerks and waiters access to your address. Show your driver's license and you disclose your date of birth and DMV number. ... The best defense is to make your ID useless to thieves"  Yau says  "The article suggest that one of the best way to protect yourself from identity theft is to make it useless to thieves. You can try to do this by creating a profile which allows you to place on your credit files a notice telling prospective creditors to confirm with you by phone applications for new credit made in your name."

. 

Keisha J. and Samantha M. of MRK 410, March 2004  found this article about  How to Avoid Losses From Rising Number of ID Scams.  http://abcnews.go.com/sections/scitech/ZDM/id_theft_pcmag_040324.html The article explains that in North America, and more specifically the USA, Americans are very trusting and give personal information to businesses through online order forms without considering who is receiving them or whether the really need the information. In this article it discusses incidents of identity theft.  It is difficult for law enforcemnt and government agenices to to "police" the internet, so it leaves victims with little or no options in recovering their identities.

•  When buying or donating online, look for Secure Sockets Layer (SSL) protection. A padlock in the bottom right-hand corner of your browser isn't enough. Look for businesses and organizations that follow safe online and e-mail practices and feature certifications from groups such as TrustE or ScanAlert. Note, however, that this isn't foolproof.
• Ask yourself if you really need to provide your Social Security number
• Be suspicious of transactions you didn't initiate
• If you use your credit cards online, be sure to navigate directly to the retailer's site. Avoid following links in e-mails, even to donate to your favorite cause.
• Finally, keep records of all online purchases, including dates and order numbers. Keep all credit card receipts and compare them against your monthly statements. Better yet, sign up to view your account online and track it on a daily or weekly basis

Ryan M. (aka Chris Rock)  of BCS 555 in November 2005  found this article about  Coping with Identity Theft: Reducing the Risk of Fraud at www.privacyrights.org/fs/fs17-it.htm Ryan emailed the prof. and said "I did some research on Identity Theft, an  area that I was not familiar with and it's surprising to know that according to the article that 7-10 million people are affected per year by this kind of theft. This website provides information on the two types of identity theft "Account takeover" and "Application fraud",Coping with Identity Theft and Reducing the Risk of Fraud." There are about 30+ points on this page to guide you as to how to avoid being caught in an Identity theft situation.

"Application fraud"
- is what some experts call "true name fraud." The thief uses your identifying information to open new accounts in your name.

The thing that makes Identity Theft problematic is that "Victims are not likely to learn of application fraud for some time, because the monthly account statements are mailed to an address used by the imposter. In contrast, victims learn of account takeover when they receive their monthly account statement."

Their web site www.privacyrights.org says Copyright © 1995-2005. Privacy Rights Clearinghouse/UCAN. This copyrighted document may be copied and distributed for nonprofit, educational purposes only.
 

ID Theft - Acount takeover x Seneca students  o Rahul S.  o Andrew P.  o Tyler H.  o Ronald L. in BCS555 in Nov 2009 put together this scripted 8 minute video (using the theme concept from the TV series "24" - kewl) showing the sequences by which a person may end up as a victim of "Account Takeover" for their credit card. Some funny acting - but the message gets across. Includes some specific examples of techniques such as "dumpster diving".

m
What to do when you think your identity has been stolen

Shaunt Robert Jennifer Mitchell Shaunt H., Robert L., Jennifer C., Mitchell G. of MRK410 in March 2004 found information about taking action if you become a victim of identity theft This is a U.S. government site but some of the recommendation can also apply to Canadians. After reading this site,   www.consumer.gov/idtheft/ students will be more informed about identity theft. They will know what actions to take, if they become a victim of identity theft, by filing a complaint to the FTC - Federal Trade Commission (for Americans). Canadians can contact the Privacy Commissioner in Ottawa  www.privcom.gc.ca  Also, the site teaches you how to protect yourself from becoming a victim.

Tips on avoiding identity theft
 

William Y. in MRK 410,  found tips on avoiding identity theft,  March 2004 William said "The site has a huge list on how to avoid identity theft. They also have a lot of other content as well. Below is just 2 of the 38 tips they have to avoid identity theft."

Reducing the Risk of Identity Theft www.privacyrights.org/fs/fs17-it.htm#reduce
Reducing access to your personal data:

1. To minimize the amount of information a thief can steal, do not carry extra credit cards, your Social Security card, birth certificate or passport in your wallet or purse, except when needed. At work, store your wallet in a safe place.

2. If possible, do not carry other cards in your wallet that contain the Social Security number (SSN), except on days when you need them.

.

Making better passwords             Protecting your passwords

. One of the obvious aspects of curtailing or even preventing Identity Theft is to block people figuring out your password, among the many online circumstances we all regularly have to log on to during out day2day activities. Oct 2012 - Richardson was interviewed at length in the Toronto Star for an article focused on making better passwords. Richardson provided some specific tips as to how to make longer passwords, more challenging to hack, at the same time some techniques to creating passwords which are easier to remember based on Mnemonics. . Following the article in the Star Oct 9th, Richardson compiled a video explaining in more precise terms some of the techniques for writing longer, AND easier to remember passwords.. .

.

Protecting your passwords             Protecting your passwords

Lyndsey, Janine, and Alijawad of MRK 410 March 2004 found a site  that describes Protecting your passwords What makes a password strong? http://www.microsoft.com/security/articles/password.asp Password Creation Dos Do make them long (at least seven characters) Do include upper and lower case letters, numerals, and symbols Do use at least one symbol character in the second through sixth position Do use at least four different characters (don't repeat the same characters) Do use random numbers and letters Password Creation Don'ts Don't use all or part of your login name Don't use a real word in any language Don't use numbers in place of similar letters to form a word Don't use consecutive letters or numbers (e.g., "abcdefg"  Don't use adjacent keys on your keyboard (e.g., "qwerty") Improving password management Password Management Dos Do keep your password secret Do use different passwords for different web sites Do change your passwords at least every six months Password Management Don'ts Don't write it down Don't use "remember my password" features on the web Creating stronger passwords is just the beginning Microsoft explains "Creating stronger passwords can help protect you against identity theft. However, it does not guarantee that you are protected. In addition to the steps outlined here, review your monthly financial statements, and call the appropriate company or bank immediately to report issues. also, review your credit report each year. Together, these steps can help protect your identity—and your credit rating."

.
This is an article of a real life story how people stole other people's identity and got caught

Kristen A. Shamal A. Diane C. Janelyn L. Grace N. These students from MRK 410 March 2004 found some information about Identity Theft and additional information on what you can do to avoid identity theft  This article is from the "Enquirer"  Identity thief gets 7 years  Butler Co. woman also must pay fine By Janice Morse The Cincinnati Enquirer " Rachel Holmes Agee came from Texas to tell a judge why he should put a 34-year-old Butler County woman behind bars for a long time.   “Jennifer Hurley tried to ruin my life,” declared Mrs. Agee, 32, a Houston woman who says she feared losing her certified public accountant's license because of Ms. Hurley's actions.  Ms. Hurley took out loans, got credit cards, opened bank accounts, landed jobs and bought cars — all under the names of her victims.  Judge Keith Spaeth on Thursday sentenced Ms. Hurley to seven years and three months in prison.  from http://www.enquirer.com/editions/2002/01/11/loc_identity_thief_gets.html

.
 

To avoid identity theft we (Kristen, Shamal, Diane, Janelyn & Grace) found this useful information provided by Chiff.com Getting your credit report Credit Reporting Agencies: Equifax — www.equifax.com  Experian — www.experian.com  TransUnion — www.transunion.com Don't share your personal info. Identity thieves may pose as representatives of banks, Internet service providers (ISPs) and even government agencies to get you to reveal your Social Security number, mother’s maiden name, account numbers and other identifying information.  Guarding your mail and trash from theft If you’re planning to be away from home and can’t pick up your mail, call the U.S. Postal Service at 1-800-275-8777 to request a vacation hold. (or Canada Post in Canad) Don't carry your SIN card.  Carry only the identification information and the number of credit and debit cards that you’ll actually need. Things you can say when others ask for your SIN number  - Why do you need my Social Security number  - How will my Social Security number be used?   - What law requires me to give you my Social  Security number?  - What will happen if I don’t give you my Social Security number? from http://www.chiff.com/a/identity_theft_internet.htm

Identity theft from job posting sites
 

Identity theft can happen from a variety of sources - some of them not so obvious. Meghann V. in MRK 610 noted the recent case of Monster.com " acknowledging that some of its  users are being targeted for identity theft via  false job postings". When this story broke first week in March 2003 it was carried in a lot of online sites and offline newspapers. Meghann found reference to the story as it was carried on Internetnews.com and the basics are listed below. You should read this story because it is something that could happen to a student like you. (thanks Meghann)

February 28, 2003  The story about Moster.com was carried on several e-news sites, one version was at internetnews.com  "Job Site Warns of ID Theft Risk "  By Beth Cox .  "One of the top Internet career sites,  Monster.com, acknowledging that some of its users are being targeted for identity theft via  false job postings, has issued a warning to  millions of its registered users. " .     February 28, 2003  The story about Monster.com was carried on USA Today's online site, USA Today is a leading newspaper in hard copy form and they also have a huge website .  USA Today said "Pam Dixon, a research fellow with the Denver-based   Privacy Foundation who has studied Internet job sites, said the e-mail confirms a growing hazard  for online job seekers.   "This is a very big problem and it's throughout the job search industry. It's not just on Monster. I've  heard of this on all the major sites," she said."  www.usatoday.com/tech/news/internetprivacy/2003-02-28-monster-warning_x.htm

.
 

KEY POINTS

Obviously Monster.com wants to publically address the news about potential identity theft on their site because they are at risk of the negative publicity effecting their business - if they suffer a steep decline in job seekers posting resumes, the company will be vulnerable in the competitive environment to job offerings being put on sites other than monster.

 

Identity theft from job posting sites

Monster dealt with the issue by "sent e-mails to job-seekers warning them about the possibility of attempts to steal  personal information from fake employer job listings.  The e-mail, called a "critical service message,"  reportedly says that "regrettably, from time to   time, false job postings are listed online and  used to illegally collect personal information  from unsuspecting job seekers."

.. ..

KEY POINTS

Some identity theft happens not because an individual targets a vulnerable person, but because a thief targets a source which allows access to hundreds or thousands of identities. When such a theft is discovered there is obviously going to be a news story break - which leaves the thief in a position of considering what action to take: sell the data to another unsuspecting criminal ransom the data back to the owner do nothing with the data except hope the theft causes confusions and suffering for the victim WTGR

.

Story About  How a company's loss of data during a theft has created risk for Identity Theft in Canada

Sarah Schmidt, National Post  January 30, 2003 .. "Hundreds of  thousands of Canadians are at risk  of identify theft after a hard drive containing personal information  was stolen from a leading data management company." "Social insurance numbers,  pre-authorized banking information, dates of birth and pension details are  stored on a hard drive stolen from a secure area of the Regina headquarters of Information Systems Management Canada, a  subsidiary of IBM Canada. Among the ISM clients affected are Co-operators Life Insurance Co., which is based in Regina and provides protection for more  than 500,000 Canadians, and several agencies of the  Saskatchewan government.    KEY POINTS Because of the difficulty that police agencies have in responding to Identity theft situations -it is, unfortunately, one of those crimes where the responsibility is put on the shoulders of the victim to extricate themselves from any credit complications that may result.  .  In the case of ISM Schmidt reports "The Saskatchewan government has confirmed that personal  records belonging to worker compensation board claimants and SaskTel and SaskPower customers are on the missing hard drive.

.
 

.
 

witiger.com	CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE
	.
	MISTAKES I TEXTS USED I IMAGES I RANK I DISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I PUBLICATIONS I
	.

.

  Prof. W. Tim G. Richardson © www.witiger.com