Identity Theft

What is Identity Theft?
Identity theft is a crime whereby criminals impersonate individuals, usually for financial gain. In today’s society, you often need to reveal personal bits of information about yourself, such as your social security number, signature, name, address, phone number, cell number or even banking and credit card information. If a thief is able to access this personal information, he or she can use it to commit fraud in your name.
Armed with your personal information, a malicious person could do any number of things, like apply for loans or new credit card accounts. It’s possible they could request a billing address change and run up your existing credit card without your knowledge. A thief could use counterfeit checks and debit cards or authorize electronic transfers in your name and wipe out funds in a bank account.
Identity theft can also go beyond a monetary impact. Thieves can use your information to obtain a driver’s license or other documentation that would display their photo but your name and information. With these documents thieves could to obtain a job and file fraudulent income tax returns, apply for travel documents, file insurance claims, or even provide your name and mailing address to police and other authorities if involved in other criminal activities.

Using Information on the Internet for Identity Theft
The outcome of identity theft is usually the same, regardless of how the thief obtains your information. However, the Internet is providing new ways for people to steal your personal information and to commit fraud. Thieves can accomplish their goal several ways such as using Internet chat rooms and spreading Trojan horses that drop key loggers on your computer to transmit any passwords, usernames and credit card numbers you use on your computer back to the thieves. Many online businesses today also store personal information about customers and shoppers on websites, and this provides another way for your personal information to be accessed, without your permission or knowledge.
Additionally, email phishing is another way that thieves can attempt to gather your personal information. Phishing emails falsely claim to be an established legitimate enterprise in an attempt to scam you into surrendering private information that will be used for identity theft. The email will direct you to visit a website where you’re asked to update personal information, such as passwords and credit card, social security, and bank account numbers — information the legitimate organization already has. The website, however, is bogus and set up only to steal your information.

Mitigations

There are many different ways your personal information can be stolen electronically – but preventing fraud and identity theft online is possible. Use these simple tips to help create a safer virtual environment for yourself and your family.

  • Password Protection

Preventing identity theft online starts with having a secure password.
•    Never share your passwords or PINs with anyone.
•    Never write your passwords down where they could be easily found by others.
•    When creating passwords, don’t use information that could be easily linked to you (like your birth date, Social Security number, phone number, or the names of pets or hobbies).
•    Use passwords that contain both letters and numbers, preferably not recognizable words (example: 7djskDer)
•    The Federal Trade Commission (FTC) provides helpful password tips at http://www.onguardonline.gov/stopthinkclick.html.
•    Use a unique password for each system. Always use a different password for each system you access.
•    Change your online account passwords often. We recommend that you change your passwords every 30 days.

  • Online Security

•    If you are providing financial information or placing an order online, be sure the site is secure. Look for a URL that begins with “https://” and the “closed padlock” in the lower right hand corner of your browser.
•    Do business only with financial institutions and online merchants that you know and trust.
•    Watch out for copycat sites that may try to look like a financial institution. Be sure you are using the correct web address for your bank.
•    Don’t reply to any e-mail or pop-up message that requests you update or provide personal information.
•    Never leave your computer unattended while using any online banking or investing service.
•    Always log off completely and close your browser when you are finished with a secure session.
•    Only access your personal financial information from a computer you “trust.” Internet kiosks and cyber cafes are not as secure as your personal computer.
•    Make sure your computer is protected with anti-malware software. TD offers free online fraud protection from Trusteer Rapport.
•    Make sure your computer is up-to-date with security patches for your operating system and applications. Windows users should turn the Auto-Update feature on. Security patches may be found at vendor’s websites. Check the sites periodically as these patches are frequently updated.
•    Consider using a personal firewall to prevent hackers from invading your personal computer, especially if you are using DSL or a cable modem to access the Internet. A firewall can make you virtually “invisible” online and will help to block out communications from unauthorized sources.
•    If you use wireless networking, make sure to turn on all security features such as WPA encryption. Change the default password and SSID on your wireless router.

  • e-Mail Safety

Learn how to prevent identity theft online by using the latest techniques in e-mail safety.
•    If an offer received via e-mail or on a website sound too good to be true, it probably is.
•    E-mail is not secure. Never e-mail personal financial information such as account numbers or your Social Security number.
•    Don’t open e-mail or attachments from senders you don’t know. And even when you know the source, exercise caution. Attachments may be Trojan Horse programs that compromise your computer’s security.
•    Beware of e-mail scams. Never respond to unsolicited e-mail or click a link within a suspicious e-mail asking you to validate your account information or provide personal information.
•    Use e-mail filtering software to screen for “spam” and identify suspect messages.
•    Turn off the “preview” function of your e-mail program. The feature can be a security risk.
•    Use secure messaging when it’s available. Our Online Banking application has a secure messaging feature available once you have successfully logged in.