Identity (ID) Theft and Protection Service
Identity theft is very stressful for victims. Identity theft occurs when someone uses information about you without your permission. They could use your name and address, your date of birth, credit card or bank account numbers, Social Security number (SSN), medical insurance account numbers, driver’s license number, or any other information to access your financial resources.
Once identity thieves obtain your personal information, they can drain your bank account, buy things with your credit cards, get new credit cards, open a phone, electricity, or gas account, get medical treatment on your health insurance, or pretend to be you if they are arrested.
An identity thief can file a tax return in your name and steal your tax refund. The tax-related identity theft occurs when your SSN has been fraudulently used for a tax refund or a job. If your e-filed tax return is rejected due to a duplicate filing under your SSN, you are highly likely to have become a victim of tax-related identity theft. The number of tax returns with confirmed identity theft was about 597,000 during 2017, according to the IRS.
How Common Is Identity Theft? The Federal Trade Commission (FTC) estimates that as many as 9 million Americans have had their identities stolen each year. With major data breaches making headlines, many consumers are recognizing that credit card fraud or identity theft can happen to anyone. Given the large number of Identity Theft victims, it is wise to protect yourself.
What can you do to protect yourself? Sign Up for an Identity theft protection service to monitor your identity, catch identity theft early, and restore your identity to pre-theft status when identity theft does occur. IDShield, a product of LegalShield, offers the most comprehensive protection and restoration -- IDShield’s plan for individuals is just $9.95 per month (for Family $24.95 per month). If your identity gets stolen, IDShield will put the Kroll investigative firm on the case and spend up to $5 million to restore your credit. Isn't it awesome? As a Licensed Independent Associate with LegalShield, I invite you to click on LegalShield Plans to learn more and choose a plan.
To protect yourself, you shouldn’t send financial information through e-mails -- e-mails are vulnerable to hacking. Never respond to unsolicited requests for personal information whether it’s someone showing up at your door, calling you on the phone, or sending you an e-mail. Some e-mails link to sham websites that look real.
Identity thieves typically obtain personal information about individuals in the following ways (Source: Wikipedia):
- Rummaging through rubbish for personal information (dumpster diving)
- Retrieving personal data from redundant IT equipment and storage media including PCs, servers, PDAs, mobile phones, USB memory sticks and hard drives that have been disposed of carelessly at public dump sites, given away or sold on without having been properly sanitized
- Using public records about individual citizens, published in official registers such as electoral rolls
- Stealing bank or credit cards, identification cards, passports, authentication tokens ... typically by pickpocketing, housebreaking or mail theft
- Common-knowledge questioning schemes that offer account verification and compromise: "What's your mother's maiden name?", "what was your first car model?", or "What was your first pet's name?", etc.
- Skimming information from bank or credit cards using compromised or hand-held card readers, and creating clone cards
- Using 'contactless' credit card readers to acquire data wirelessly from RFID-enabled passports
- Shoulder-Surfing, involves an individual who discreetly watches or hears others providing valuable personal information. This is particularly done in crowded places because it is relatively easy to observe someone as they fill out forms, enter PIN numbers on ATMs or even type passwords on smartphones.
- Stealing personal information from computers using breaches in browser security or malware such as Trojan horse keystroke logging programs or other forms of spyware
- Hacking computer networks, systems and databases to obtain personal data, often in large quantities
- Exploiting breaches that result in the publication or more limited disclosure of personal information such as names, addresses, Social Security number or credit card numbers
- Advertising bogus job offers in order to accumulate resumes and applications typically disclosing applicants' names, home and email addresses, telephone numbers and sometimes their banking details
- Exploiting insider access and abusing the rights of privileged IT users to access personal data on their employers' systems
- Infiltrating organizations that store and process large amounts or particularly valuable personal information
- Impersonating trusted organizations in emails, SMS text messages, phone calls or other forms of communication in order to dupe victims into disclosing their personal information or login credentials, typically on a fake corporate website or data collection form (phishing)
- Brute-force attacking weak passwords and using inspired guesswork to compromise weak password reset questions
- Obtaining castings of fingers for falsifying fingerprint identification.
- Browsing social networking websites for personal details published by users, often using this information to appear more credible in subsequent social engineering activities
- Diverting victims' email or post in order to obtain personal information and credentials such as credit cards, billing and bank/credit card statements, or to delay the discovery of new accounts and credit agreements opened by the identity thieves in the victims' names
- Using false pretenses to trick individuals, customer service representatives and help desk workers into disclosing personal information and login details or changing user passwords/access rights (pretexting)
- Stealing cheques (checks) to acquire banking information, including account numbers and bank codes
- Guessing Social Security numbers by using information found on Internet social networks such as Facebook and MySpace
- Low security/privacy protection on photos that are easily clickable and downloaded on social networking sites.
- Befriending strangers on social networks and taking advantage of their trust until private information is given.
For those taxpayers who get a ‘phishing’ email, the IRS offers this advice:
- Don’t reply to the message.
- Don’t give out your personal or financial information.
- Forward the email to email@example.com. Then delete it.
- Do not open any attachments or click on any links. They may have malicious code that will infect your computer.
More information on Identity Protection: Prevention, Detection, and Victim Assistance is available on IRS.gov.