Why is it that credit bureaus can gather such a great amount of information about you and sell it? Don’t you have a say in how your information is handled or whether it should be handled by anyone at all? There are reasons why your name and social security number have a credit file, this really does make things easier when you apply for a mortgage or a car loan etc. In today’s economy there’s a significant need for credit and an organized system for reporting it. But your identity does not belong to you in the sense that the collected information is in fact the property of the credit bureau that gathered the information.

There are more than 1,000 local and regional credit bureaus around the country (US), the three major ones are Experian, Equifax and TransUnion. All of which collect and record information reported to them by your creditors, banks, credit card companies, private lending institutions etc.

Yes they sell your information to third parties and this is profitable for them, and those third parties may resell or share that information with other business partners who then pre-approve you for dozens of credit offers each year and add you to their mailing/distribution lists to send you stuff you don’t really need.

Why this puts your identity at risk?

The trading and exchanging of personal consumer information is risky business, for the consumer that is. Those who obtain your information from the credit bureaus could mishandle your information and expose you to a hacker. Unfortunately this is simply the cost of doing business.

Credit bureaus are private companies with a business that’s regulated because it involves a certain degree of risk for the information owner. Those regulations do not yet do enough to protect consumers however. Hey cigarettes and alcohol are dangerous also, but they’re not going to stop selling them are they? As long as they’re regulated and the producers pay federal taxes, all is well.

Do you have any say in this?

Luckily yes. You can request a credit freeze. Sometimes known as security freeze, prevents a credit reporting bureau from releasing your credit report and stop inquiries and subscriptions on your account without your consent. You can request a credit freeze from each of the credit bureaus, and typically you’ll be provided with a personal identification number and/or password if you ever want to remove it.

The most immediate advantage of placing a freeze on your credit report is to stop releasing your information to those who intend to market to you. But you must also know that by placing a credit freeze on your file you’ll stop your own self from being able to get credit, apply for a mortgage or a car loan. If you can live without those things and simply want to take control of your identity now, then a credit freeze will work great.

This mostly applies to the 3 major credit bureaus, other companies that gather information about you must be contacted individually and there could be hundreds of them. They can still trade your information and continue to send you junk mail and credit offers if they already have you on file. The freeze only stops the bureaus from further releasing information about you.

One way to address your information already being available is to either use credit monitoring or identity theft services. Although you can do much of what these services yourself, it will prove time consuming and burdensome to tackle this task on your own. Definitely something to consider.

Identity fraud normally occurs when the victim has absolutely no knowledge or control over what’s happening to them. Think of all the places where you have made a purchase with your credit card, either at a department store, restaurant or online. There is nothing stopping a dishonest employee from stealing your information or it could simply be careless handling of your information by the organization where they don’t secure their files properly and misuse easily occurs. Here are some identity theft protection tips to practice as a matter of habit:

Limit the number of items you carry in your purse or wallet

Losing your wallet or your purse easily becomes an opportunity for someone to commit identify theft. It’s a bad habit to carry your social security card, your driver’s license and all of your credit cards along with receipts and notes in the same wallet. No one ever realizes how risky this is until they lose their wallets. Another unfortunate mistake people make is to have the numbers for the credit card companies written on a piece of paper that was in their wallet or purse. Identity thieves are as opportunistic as they are resourceful.

Keep bills, financial statements and other sensitive personal information locked up at home

One of the places you never think about losing your identity is in your own home. We often leave bills and bank statements laying around kitchen counters, desks etc. If you never allow anyone into your home then you’re probably ok. But if you have visitors like contractors, cleaners etc who come to work for you in your home, you need to make sure you’re not exposing your sensitive data to anyone.

Shred anything that contains your name, address and financial information

Shredding machines are rather inexpensive. To some people this may sound like a hassle but it is so important to make sure that none of your unwanted statements leave your house in one piece. Some identity thieves still resort to “dumpster-diving”, which basically means they will dig through trash, as a way to gather any information they can use. In order to minimize the amount of paper statements, you can also request from all your financial institutions that they take you off of paper statements and have your statements emailed to you instead. The same thing goes for utilities and phone services.

Do not open spam email

The reason why spam has not gone away and will probably never go away is because it is still a very popular way to market, and recipients still open these emails. Spam mail is a prime avenue for identify theft, as it often contains viruses and other malicious code that can run as a background process and gather information while you’re active online. These malicious programs are an attempt to collect personal information from unknowing internet users with the purpose of harvesting their personal identities.

Credit card skimming

Whenever you pay with your credit card make sure you keep an eye on the person running the transaction for you, this is an opportunity for someone to skim your card. Skimmers are devices about the size of a credit card that someone can swipe your card through to read your card’s information to be used later. Whenever possible pay with cash and it is always a good idea to not sign the back of your credit cards but instead write the words “please check my ID”. Credit card theft is one of the easiest to do because credit card numbers are often mishandled.

Know who is calling you or emailing you requesting your information

Phishing is still a popular way of acquiring personal identity information, whenever you receive emails that appear to be from financial or insurance companies make sure you read them carefully. If they prompt you to submit any of your information as a way to verify your account, simply delete the email. Financial institutions DO NOT request your information via emails or phone calls, they already have it. Rather than surrender this information when they call you ask questions to find out exactly who they are. Should the request sound legitimate contact the toll free number from the organization’s website and call them to verify.

Take your name off marketing lists

If you’re not aware of the national Do-not-call registry, visit their website (https://www.donotcall.gov/), this is an act that protects you from getting calls from most telemarketers.

Review your credit card statements and check your credit report often

Reviewing your credit card and bank statements can give you some early detection when you see charges that you do not recognize. You also need to check your credit report often and make sure you setup free fraud alerts. These will tell you when changes have occurred to your credit report and this is a clue to investigate what the change is, especially if you have not initiated anything.

Report suspicious activity

Should the worse happen and you fall victim of identity fraud, do not wait to contact your credit card companies or banks immediately to freeze your accounts and keep further charges from taking place. You should also report the incident with the credit bureaus and ask them to put fraud alerts on your file, and finally contact your local police department and ask them to fill out a police report on the identity theft crime that you’ve been a victim of.

Sign up for credit monitoring / identity theft protection

Although you’re able to accomplish most of what these services can do on your own, it simply is not practical enough for a single person to monitor their credit or identity 24/7. These highly specialized services make use of state of the art technology to monitor the identities of millions of subscribers and provide them with accurate and prompt alerts when suspicious activity is taking place involving their identity.

The U.S. alone has 220 million internet users, that’s a 130.9 % increase since the year 2000, more people are connecting to the internet every year to conduct business, shop, pay bills and seek friendship and pleasure. The internet is a broad and vast market place with something for everyone, including identity thieves, who prey upon the unknowing and often careless users who may have little or no concern for computer identity theft.

With the faster and always on internet connections available today, online identity scams abound and speed and convenience, not security, are the main focus of marketing efforts by most ISP (Internet Service Providers) companies.

Internet users often store their information on their computers and these computers do not always have the adequate protection needed to prevent viruses and spyware programs from infecting their systems. Some of the information that these programs are able to gather are your name, address, social security number, credit card numbers and whatever else you keep stored on your local drive. With this information it is very easy for an identity thief to commit credit card theft by visiting the website of any one credit card company to apply for credit with your information. This applies to everyone from working professionals to stay at home moms, to children, the elderly and even the deceased. If their information is stored on a hard disk and that system is unprotected they are at high risk.

There are millions of identity theft cases reported every year and the majority of them occur online. Internet users are constantly compromising the security of their identities and need to embrace the concept of identity theft prevention and computer security while working online.

What is spyware?

Spyware is the type of software that is typically installed on your system without your knowledge with the sole purpose of changing your computer’s safety feature configurations or collecting your identity information. This is one of the preferred methods for identity thieves to gain access to your personal information. Typically spyware is downloaded and installed on your system quietly when you visit websites that automatically send you this software or it can also be installed along with other applications that you get for free, particularly if they’re pirated.

What exactly does spyware do?

One of the many things spyware can do is provide the necessary information for online thieves to commit identity fraud. Spyware will run as a background process and in a very stealth mode so you don’t know what’s going on. The spyware may be in the form of a keylogger, which records any information you type on your keyboard especially when you’re online paying bills or accessing your bank account. It may also be a program that opens up your computer by disabling firewall and antivirus software, making it easier for a hacker to gain access to your computer.

How to recognize spyware

Because spyware has been around for a very long time, the authors of this type of software have a lot of experience particularly with windows systems which is what spyware software targets, so over the years the software has gotten more sophisticated and it is more difficult to identify on your computer system. But some of the symptoms your computer may begin to show are things like:

• Drastic slow down of your computer or high CPU usage by processes that are not associated with any applications installed on your system.
• The home page on your browser is changed to a website you may never have visited before.
• New program icons appear on your start menu, desktop or systray.
• Random errors pop up on your desktop while you’re running normal operations but the errors are bogus or have little or no explanation in the dialect.
• New toolbars appear on your browse window.
• You notice registry keys that contain URLs to sites you don’t recognize.
• Unexpected redirects to other websites when you click on your bookmarks or type a URL in the address window.
• Your program icons open up other programs that you know were not installed by you.

Protecting your computer system from spyware and identity fraud

The only sure way to battle spyware and protect your self from computer identity theft is to make use of reliable anti-spyware software. Anti-virus software does not take care of spyware, so a separate subscription to anti-spyware is necessary for adequate protection. Just like your virus software, spyware protection software must be updated with new signatures constantly for it to be effective.

Spyware is just another tool that puts your identity in danger and it’s basically another aspect you must address if you want to keep your identity from being stolen. Identity scams can easily happen even if you don’t visit suspicious websites or install pirated software. Using the proper tools to protect your computer system from these malicious programs is an important step in identity theft prevention.

Phishing scams are popular methods of identity theft, they work pretty well and identity thieves use a lot of creativity and put a good amount of effort towards leading victims into their traps to collect their personal information. Here are some sample paragraphs from the emails you would typically get in an email phishing scam:

Once the unsuspecting victim follows these directions they’re very likely to end up at a spoofed website where they voluntarily provide credit card numbers, bank account information, social security numbers, passwords and other sensitive information. This is the basic premise of a phishing scam. The thieves send emails and pop up messages claiming to be from legitimate businesses and financial institutions that you may actually deal with.

Often these emails are written so well that they are able to give the victim a sense of urgency to act quickly and take action. Also they often stress the point that there are consequences to not following their directions, such as: “your account will be closed” or “your membership will be indefinitely suspended” or “you run the risk of having fraudulent charges run on your account” etc.

Email phishing scams

If an email asks that you validate, update or confirm by following a link they provide, the best thing you can do is ignore and delete the message. Do not click on any of the links they provide in the email. If you really have a concern about your account, then call your credit card company, or banking institution by finding their number in the back of your cards or your paper statements and verify with them if there is in fact something wrong with your account. However, you need to know now that legitimate companies never ask for this information over email or phone. They already have it and if it were a case of fraud they would automatically freeze the account and notify you of it.

Phone phishing scams:

You may get an email that has a number rather than a link where you call to do the verification. The person to answer the phone may even sound like an operator from a particular institution by giving you a formal greeting. You must pay attention to the number that’s provided. Normally financial institutions provide numbers that begin with 1-800, 1-877, 1-888 and 1-866. These are toll free numbers. They’re free for you to call, but it usually costs the merchants a lot of money to have. So this is a give away if the number provided does not start with one of these area codes.

Also if you get contacted via phone, look at your caller ID and take notice of the number displayed, if it does not start with one of the above area codes, then more than likely you’re not talking to a legitimate source. Whether you are asked to call or get a call at home, having one of the above area codes displayed does not necessarily guarantee that you’re talking to a legitimate source, it may still be a phone phishing scam. Savvy thieves and hackers can also spoof phone numbers if they have access to sophisticated equipment. What you need to take away from this is that you should never provide any kind of sensitive or personal information over the phone or email, no matter who seems to be asking for it.

Other things you should do to avoid phishing scams

Use firewall, anti-virus and anti-spyware -
If you access the internet a lot and you do open every piece of email you receive then you must be equipped with the proper protection. Anti-virus and firewall software can protect you from inadvertently accepting and downloading malicious software on your computer system. A firewall increases your transparency on the internet, making it harder for scanning software to find you and blocking all communications from unauthorized sources. If you have a broadband connection, it is particularly important to run a firewall. Spyware software is specifically designed to stop spyware programs like keyloggers and pop up windows that run silently as background processes and record your activities while you’re online.

Never send personal information over email -
Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; skilled hackers and phishing scam artists are able to forge security icons.

Be on the alert with your statements -
Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe you’re a victim of a phishing scam, visit the FTC’s Identity Theft website at www.ftc.gov/idtheft. Victims of phishing scams can become victims of identity theft very easily. While you can’t entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report so set up fraud alerts as soon as possible.

To learn other ways to avoid email scams and deal with deceptive spam visit ftc.gov/spam.

Hopefully by now it is well understood that computer security at home is very important and with the availability of entertainment, banking and other financial services online today, it is in fact more probable that your identity may be in danger of being exposed. Other online destinations such as gaming sites, social sites and such can give online hackers an opportunity to phish and target you for your information. Following best practices for computer security at home and work can keep you out of trouble.

Protect your valuable personal information

For identity thieves, the personal information of others has an unspecified value, which basically presents an opportunity for potential gain at the cost of an unsuspecting victim. In many occasions people do not consider their information important enough to protect. They store sensitive information on their computer systems and forget about the dangers of identity theft.

I order to protect your information properly you want to begin by not volunteering your personal information online. This includes the social sites, games sites and any other entertainment portal where you may be inclined to use your true personal information such as your name and address. It’s a good practice to use anonymity while working online, instead of your real name use a nickname and don’t reveal your home address or specific details about your personal life or finances.

Never answer to solicitations from sources that claim to belong to financial organizations that you do business with. Normally phishing scams come from spammers who aimlessly address their emails to loads of recipients, the majority of whom will not open these emails, but it is those that do that are most likely to fall victim to identity theft via an email phishing scam. Financial and insurance institutions DO NOT ask for this information via email or phone, they already have it. So rather than follow any links on the emails or volunteer personal information over the phone, hang up and call your credit company or bank immediately and ask customer service directly if they tried to contact you.

Stop using file sharing software

A lot of people believe that file sharing is an easy way to get free software, music and movies, but forget about the security risks that these types of programs create for your computer system. File sharing is known for creating security holes and making files on your computer system available for others to pick and choose. A number of file sharing programs have come and gone since Napster, the originator of file sharing was taken out of commission due to copyright and legal issues. They are all based on the same technology which is a peer to peer (P2P) system where a file you download from someone else’s system can then be downloaded from your system by another user.

These programs are dangerous to the integrity of your system and therefore to the security of the personal information you store on your computer. Also consider that the applications you are downloading are often coded with spyware and viruses and this is where you can seriously jeopardize yourself.

Use security software that updates automatically

Whatever type of activity you’re going to do on your computer system it needs to be protected by antivirus, spyware and firewall software for maximum protection. It’s not good enough that the software be installed on your system it needs to be updated regularly. Most security software are updated automatically by default. It’s important that these settings be left alone and not altered otherwise you won’t get the latest updates to the new virus signatures and spyware programs that are affecting internet users on the internet.

Use the latest versions of Internet Browsers

Browser security is another issue that is often overlooked. If you’re still accessing the internet with Internet Explorer 6.0 or older versions, you’re at high risk. Spyware programs and viruses can easily get past the stoppage points that this browser offers. Other versions like IE 7.0 are a little more adequate. However, you should also consider using FireFox, Opera or Google Chrome. These browsers have better built in security features that can help to protect you while you’re online.

FireFox and Opera are highly configurable browsers and don’t have Active-X enabled by default like IE. FireFox in particular has a strong community behind it that contributes constantly to configuration and security features. Chrome is rather new, but offers a pretty stable interface for browsing the internet.

For more information on browser security and how to secure your browser, we recommend you read “Securing Your Web Browser” from Cert.org, this is a complete guide on browser safety and internet surfing.