The 2005 Identity Fraud Survey Report, released by the Better Business Bureau and Javelin Strategy & Research uncovers where identity theft is coming from, who gets hit, how much is lost, and more. The most interesting finding that we want to pass on is that ID theft is more prevalent offline with paper than online. That’s right, and someone close to you is more likely to steal your identity than some hacker in his mom’s basement.
Is the Internet and online shopping to blame or is it merely coincidence that identity theft has been growing steadily ever since the Internet explosion in the mid-to-late 90’s? I think that the results will shock a lot of people, and may dispel a lot of myths. This is an article everyone should take the time to read. The Better Business Bureau’s press release is available online…
http://www.bbb.org/alerts/article.asp?ID=565
I think that there is a doubt that germinates and grows like a weed when discussing e-commerce. I believe that a lot of individuals feel that when you use your credit card online that it is simply sent across cyberspace naked with no protection, or stored on some server waiting for someone to simply take. This is untrue (in most cases).
One way for some unknown entity to acquire your personal information is by conducting a transaction on an unsecure site. Other ways that this can be done is by outside sources tricking, scamming, or possibly infecting your system. One such example is the old phishing scam in which the would be thief sends out emails that look like legitimate sites such as Ebay, then try to get account information out of you with this guise. What do most of these methods have in common is that none of them happen on a secure site, not to mention that they are almost all tricks to get you to show your personal information on this unsecure site, They still however don’t grab this information off the web—no need it was offered freely to them.
Never give information out to any company or individual emailing you with some sort of issue, especially if it refers to some account and they need you to log in to fix the problem. This is a trap more than likely with some sort of key logger or something in place to capture your information. For more on “phishing” scams, check out this page…
http://www.worldstart.com/tips/tips.php/1309
This is the reason for my number one rule for any online transaction of sensitive information: NEVER UNDER ANY CIRCUMSTANCE GIVE OUT YOUR CREDIT CARD, NUMBER, OR PERSONAL INFORMATION ON AN UNSECURE SITE. For more on how to know if a site is secure, check out our web page…
http://www.worldstart.com/tips/tips.php/826
As mentioned earlier, on a secure website you can shop freely without fear. It is far easier to steal physical information—i.e. card numbers, social security numbers, and such—that if not disposed of properly can possibly expose your personal information. Not to mention that paper methods take little to no cleverness—just a twisted desire to steel from other people.
Let’s for the sake of argument say that you take your family out to dinner and you give the server your credit card in order to pay for the bill. There is nothing other than lack of need, morals, or possibly respect for the law that stops this person from recording your card information. There are probably hundreds, if not thousands, of people who have access to your credit card information throughout an average year, and any of these people, if they wanted, could easily take this information.
This is just a quick example to help illustrate my point: it is possible for an employee of any business you deal with to obtain your personal information. But, this type of theft is second to another even more heinous form—theft from acquaintances or family. People close to you—family members, friends, or possibly business associates—probably know more about you and your accounts then any outside threats. These are the people that know your possible passwords, where you bank, and other information you might guard heavily. This is a horrible thought but it does happen. You probably would know if someone close to you had the nerve or lack of respect to do something like this. I would suggest unless there is some dire need to share this information, don’t do it—keep it hidden.
On the other hand attempting to circumnavigate the security measures that are in place and very regularly monitored on a secure website takes a tremendous amount of skill—if it can be performed at all. This is such a hard point to make for some, I’ve had people who are absolutely paranoid to enter there credit card number online, at a highly secure website, but will call in the number on a cell phone or cordless phone, that has no security measures whatsoever on a broadcasted signal. One customer was even afraid to enter her name and address but had no problem sending a check through the mail–allowing anyone with access to that envelope to get her information and checking account number.
I think what a big part of this misconception, or misplaced blame, on identity theft is due not necessarily to how the cards are getting stolen, but rather what the thieves are doing with the information once they have it. That’s where the Internet comes in. I don’t know if there was ever an easier way for someone to fraudulently assume someone’s identity than by using the World Wide Web.
Let me stress again this is not because the Internet is so unsecure, not at all, but rather by providing an easy place to use this information. Let me clarify: once someone has, let’s say, your social security number and name that they obtained in some manner discussed earlier, that’s all it takes—this person can now create an account and apply for credit cards all in your name. Another example of this sort of fraud is when a would-be thief will go to the post office and do a change of address, to one that he/she has access to and then wait for “Pay dirt”. There are a number of ways to get this information. Online there’s no actual person that you have to speak with to create an account and in most cases it’s an automated system—if some of the info isn’t correct there’s no explaining to do, simply close out window and try somewhere else.
Don’t take my word for it, take a look at the results from BBB/Javelin survey. A couple of these findings are real eye openers and they are backed up with good explanations. Two jumped right out at me:
1. Average loss due to ID theft—$551 in losses when detected using online banking vs. average $4,543 when detected from paper bank statements. Due to the slow nature of monthly bank statements and the almost instant access of online banking, users see abnormalities, much sooner and act to correct them.
2. The BBB’s recommendation for protecting yourself from ID theft
* Replace paper bills, statements and checks with Internet (paperless) versions. Consider moving to an electronic bill payment service, such as your bank or biller’s web site, and stop sending signed paper checks through the mail.
* Visit your bank’s site to monitor account activity on a regular basis.
The fact that the BBB actually recommends that you use online banking and bill paying as a safer alternative to traditional banking practices says a lot. I realize this is a departure from the way you may have banked for who knows how many years, but if you are concerned about ID theft then it may be a course of action you should take. As I mentioned previously, and I can’t stress it enough, you’re safer using an online server than you are using paper methods.
For more on good online shopping practices, check out our website…
http://www.worldstart.com/tips/tips.php/171
Stay safe out there,
~ Chad
The complete Better Business Bureau press release can be found online here…
http://www.bbb.org/alerts/article.asp?ID=565
The 2005 Identity Fraud Survey Report is © 2004 Javelin Strategy & Research
http://www.javelinstrategy.com
Chad Stelnicki