Financial Literacy Skills Unit 6: Understanding Consumer Fraud and Identity Theft.
Identity Fraud Consumer Report
Transcript of Identity Fraud Consumer Report
-
7/22/2019 Identity Fraud Consumer Report
1/32
HowConsumerscanProtectAgainst
IdentityFraudstersin2013
February2013
-
7/22/2019 Identity Fraud Consumer Report
2/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
2HowConsumerscanProtectAgainstIdentityFraudstersin2013
FORWARD
JavelinStrategy
and
Researchs
HowConsumerscanProtectAgainst
IdentityFraudstersin2013providesrecommendationstohelpconsumersprevent,detect,andresolveidentityfraud. Thisreportprovideseasyto
followguidelinesforconsumerstoprotectthemselvesagainstthis$21
billioncrimeofidentityfraud.JavelinStrategy&Researchsgoalistoequip
consumerswithprovenmethodstoprevent,detect,andresolveidentity
fraud.
Adeeper
analysis
of
economic
indicators
and
identity
fraud
trends
is
availableforpurchaseinthefullversionofthe2013IdentityFraudReport,alongwithadetailedbreakdownofhowdifferenteconomicfactors,
paymentpurchasingtrends,andsecuritydynamicscorrelatewithchanges
inidentityfraud.
Nowinitstenthconsecutiveyear,thecomprehensiveanalysisofidentityfraudtrendsis
independentlyproducedbyJavelinStrategy&Research,adivisionofGreenwich
Associates.Javelinmaintainscompleteindependenceinitsdatacollection,findings,and
analysis;thereportisaproductofJavelinonly.
Thisresearchstudyismadepossiblebyoursponsors,IntersectionsandCitigroup.These
companiesarededicatedtoconsumerfraudpreventionandeducation.
2 13 Identity FraudReport:Data BreachesBecoming a TreasureTrove for FraudstersLearn More:https://www.javelinstrategy.com/brochure/276The full report
consists of:
8 pages 56graphs and
tables.
An overview of
the key findings
New trends
Quantitative
cross tabulations
Longitudinal U.S.
identity fraud
data from 2003 -
2012.
-
7/22/2019 Identity Fraud Consumer Report
3/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
3HowConsumerscanProtectAgainstIdentityFraudstersin2013
TABLEOFCONTENTS
OVERVIEW
................................................................................................................................................................
4
IdentityFraudvs.IdentityTheft................................................................................................................6
HowCriminalsObtainInformation..........................................................................................................10
RECOMMENDATIONSFORCONSUMERS...............................................................................................................11
CONSUMERPROTECTIONCHECKLIST....................................................................................................................12
PREVENTION..........................................................................................................................................................13
HowCanIPreventIdentityFraud?..........................................................................................................13
DataBreachNotificationLetters.............................................................................................................18
WhatShouldIDoIfIReceiveaBreachNotificationLetter?.....................................................18
DETECTION.............................................................................................................................................................20
HowCanIDetectIdentityFraud?............................................................................................................20
RESOLUTION..........................................................................................................................................................24
WhatShouldIDoIfIBecomeaVictimofIdentityFraud?......................................................................24
IdentityFraudProtectionSolutions.........................................................................................................25
ABOUTJAVELIN......................................................................................................................................................27
METHODOLOGY.....................................................................................................................................................27
ADDITIONALRESOURCES.......................................................................................................................................27
GLOSSARYOF
TERMS
.............................................................................................................................................
29
TABLEOFFIGURES
Figure1:OverallIdentityFraudIncidenceRateandTotalFraudAmountbyYear..................................................4
Figure2:FraudIncidencebyDataBreachVictims,NonDataBreachVictims,andAllFraudVictims....................7
Figure3:FraudIncidencebyOwnershipofTechnologyProducts...........................................................................9
Figure4:HowTheftofPersonalInformationHappens.........................................................................................10
Figure5:
Javelins
Prevention,
Detection,
and
Resolution
Identity
Fraud
Model
..................................................
11
Figure6:DataBreachesAreatanAllTimeHigh...................................................................................................18
Figure7:HowtoContacttheThreeCreditBureaus..............................................................................................20
Figure8:MethodsofDetection,2012...................................................................................................................21
Figure9:IdentityFraudProtectionServices..........................................................................................................26
-
7/22/2019 Identity Fraud Consumer Report
4/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
4HowConsumerscanProtectAgainstIdentityFraudstersin2013
OVERVIEW
Forthe
second
consecutive
year,
the
number
of
identity
fraud
victims
in
theU.S.increased,risingby1millionconsumersin2012toatotalof12.6
millionconsumers.Thismeansthat5.26%ofU.S.adults,ormorethan1in
every20consumers,learnedthattheywerevictimsofidentityfraudin
2012.
Annualoverallfraudamounts(theamountofmoneystolenbyfraud
perpetrators)alsorosein2012,increasingto$20.9billionandreversing
improvementsmadein2010and2011.Thisincreaseinfraudamountswas
drivenbydramaticjumpsinthetwomostseverefraudtypes:New
accountfraud(NAF)andaccounttakeoverfraud(ATF). Traditionally,new
accountfraudandaccounttakeoverfraudhavebeenexperiencedbya
New AccountFraud: the use of afraud victim'spersonalinformation toopen fraudulentnew accounts inthe victims name.
Account TakeoverFraud: the methodof identity fraud inwhich a fraudoperator attemptsto gain access to aconsumersaccount byfraudulentlyadding his or herinformation to theaccount.
IdentityFraudIsontheRise
Figure1:OverallIdentityFraudIncidenceRateandTotalFraudAmountbyYear
11.210.6
10.2
12.5
13.9
10.2
11.6
12.6
$32.0
$28.7
$24.7
$28.9
$31.4
$19.9$18.0
$20.9
$0
$5
$10
$15
$20
$25
$30
$35
$40
$45
$50
0.0
2.0
4.0
6.0
8.0
10.0
12.0
14.0
16.0
2005 2006 2007 2008 2009 2010 2011 2012
BillionsU.S.
Millionsofvictims
Millionsofv ictims Totaloneyearfraudamount
October2012,n=varies:4,7845,249
Base:All Consumers2013JavelinStrategy&Research
-
7/22/2019 Identity Fraud Consumer Report
5/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
5HowConsumerscanProtectAgainstIdentityFraudstersin2013
lowerproportionoffraudvictims,butthesetwotypesoffraud
consistentlyproducethehighestaveragefraudamountsandconsumer
costs.So
while
there
are
fewer
victims
of
these
two
types
of
fraud,
they
feelthestingthemost.
Averageconsumercostsroseslightlyto$365in2012,upfrom$354in
2011.Consumercostsareanyoutofpocketexpensessufferedbythe
fraudvictim,includingunreimbursedmonetarylosses,andlostwagesasa
resultoftimespenttoresolvethefraudaswellasanyrelatedlegalcosts
andcreditmonitoringcosts.However,ofthe12.6millionvictimsin2012,
80%didnotsufferanyconsumercosts(medianoutofpocketcoststo
consumersof$0)atall.Thesecostswereinsteadabsorbedbybanksand
creditcardcompaniesthroughtheirzeroliabilitypoliciesandcoverage,
whichshieldconsumersfrommostofthecostsassociatedwithfraud.
Consumersalsospentrelativelylittletimeresolvingtheirfraudcases.The
averageresolutiontimeremainsunchangedat12hours,butmorethan
halfofallvictimsspentthreehoursorlessresolvingfraudincidentswith
their
providers.
The
expansion
of
zero
liability
policies,
security
protections,anddedicatedfraudandclaimsteamsatfinancialinstitutions
(FIs)andcardissuershaveexpeditedtheresolutionprocessincasesof
fraudandhavehelpedlowerconsumerscostsoverthelastdecade.
Zero LiabilityPolicies: Zero-liability policiesare fraudprotectionprograms thatbanks or creditcard providersoffer to protectconsumers fromlosses associatedwith fraud on theirpayment cards
(credit, debit, orprepaid) or otherfinancial accounts.
-
7/22/2019 Identity Fraud Consumer Report
6/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
6HowConsumerscanProtectAgainstIdentityFraudstersin2013
IDENTITYFRAUDVS.IDENTITYTHEFT
Mostindividualsarefamiliarwiththetermidentitytheft,whichiswidelyusedbymedia,
government,andconsumergroups,aswellasnonprofitorganizations.However,itis
importanttodistinguishbetweenidentitytheftandidentityfraudbecausethetermshave
differentmeanings,althoughJavelinusesidentityfraudmorecommonlythroughoutthe
identityfraudsurveyandcorrespondingreports.
Identitytheftoccursaftertheexposureofpersonalinformation;typicallysomeones
personalinformation
is
taken
by
another
individual
without
explicit
permission.
Identity
fraudistheactualmisuseofinformationforfinancialgain;itoccurswhencriminalsuse
illegallyobtainedpersonalinformationtomakepurchasesorwithdrawals,createfalse
accountsormodifyexistingones,orattempttoobtainservicessuchasemploymentor
healthcare.Personallyidentifiableinformation(PII)suchasaSocialSecuritynumber(SSN),a
bankorcreditcardaccountnumber,apassword,atelephonecallingcardnumber,a
birthdate(month/date/year), aname,oranaddresscanbeusedbycriminalstoprofitata
victimsexpense.
Byaccessingandusingrelativelybasicinformation,acriminalcantakeoverexistingfinancial
accounts(existingcardfraudorexistingnoncardfraud)oruseavictimspersonal
informationtocreatenewaccounts(newaccountfraud).Acriminalcancommitidentity
fraudnumerousways,including:makinganunauthorizedwithdrawaloffundsfroman
account,makingfraudulentpurchaseswithacreditcard,andcreatingnewaccounts(e.g.,
banking,telephone,utilities,andloans).Allofthemcanhaveadamagingeffectonan
individualscredit.Infact,thefirstnotificationthatfraudhasbeencommittedmightbethe
appearanceofanunfamiliaraccountonacreditreportoracontactfromadebtcollector.
-
7/22/2019 Identity Fraud Consumer Report
7/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
7HowConsumerscanProtectAgainstIdentityFraudstersin2013
ConsumerInformationExposedinDataBreachesLeadstoFraud
Consumersshouldpayparticularlycloseattentiontoanynotificationsor
letterstheyreceivefromtheirFIs,creditcardproviders,healthcare
providersormerchantsregardingabreachinpersonallyidentifiable
information.Almost1in4consumerswhoreceivedadatabreach
notificationin2012becameafraudvictim.Ofparticularconcernisthat
consumerswhowerenotifiedthattheirSocialSecuritynumberswere
compromisedinoneofthesedatabreachincidentswere5timesmore
likelytobeavictimofidentityfraudthanallotherconsumersand14times
morelikely
to
become
avictim
of
new
account
fraud.
As
discussed
previously,newaccountfraudvictimssufferaboveaveragefraudlosses
andconsumercosts.
FraudRateAmongDataBreachVictimsOutpacesFraudRatesAmongAll
Consumers
Figure2:FraudIncidencebyDataBreachVictims,NonDataBreachVictims,
andAllFraudVictims
4.4% 4.9% 5.3%
1.4%2.4% 2.9%
11.8%
18.9%
22.5%
0%
5%
10%
15%
20%
25%
2010 2011 2012
Allconsumers
Nondatabreachvictims
Databreachvictims
Q2.Inthepast12months,haveyoubeennotifiedbyabusiness
orotherinstitutionthatyourpersonalorfinancialinformationhas
beenlost,stolen,orcompromised inadatabreach?
October20102012, n=varies337 5,249
Base:Allconsumers,data breach
victims,non databreachvictims.
2013JavelinStrategy&Research
-
7/22/2019 Identity Fraud Consumer Report
8/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
8HowConsumerscanProtectAgainstIdentityFraudstersin2013
OnlineRetailShoppingIsBecomingMoreLucrativetoFraudsters
Asonlineshoppingexpands,sotoodoesthemisuseofconsumer
informationtocommitonlineretailfraud.Onlineretailfraudoccurswhen
aperpetratorusesonlinepaymentcredentials,suchasacreditordebit
cardaccountnumber,tomakefraudulentpurchasesonline(knowninthe
industryascardnotpresent(CNP)purchases).Onlineretailfraud
increasedfrom41%ofallfraudvictimsin2011to45%in2012.Payment
cards,suchascreditcardsanddebitcards,represent95%ofthemisused
informationinthesecases.OnlineretailfraudthroughCNPtransactionsis
theleast
expensive
fraud
type
for
consumers
in
2012,
with
an
average
consumercostof$326.However,itisalsohighlypervasiveintheU.S.,
affecting7.5millionAmericans,whothenspendanaverageof11hours
resolvingthesecases.Consumersshouldtakethetimetoreviewtheir
statementseachmonthforfraudulentchargesandcontacttheirFIsand
cardprovidersforusefulonlineauthenticationandsecurityoptions.
MalwareAttacksMobileConsumersandPutsThematConstant
Riskof
Fraud
The105millionsmartphoneusersand42milliontabletusersintheU.S.
areconstanttargetsforfraudsters,whousemalware,exploitsoftware
vulnerabilities,launchphishingandsmishingattacks,andcompromise
unsecuredWiFiconnectionstoobtainusersvaluablepersonal
information.Tabletusersaremorelikelytobevictimsoffraudthanall
consumers(9.6%comparedwith5.3%),whichcanbeattributedbothto
tabletusersbeingyoungerandlessriskaversethanolderconsumersand
theinherentsecurityvulnerabilitiesthataretypicalofnewtechnologies.
Rising onlinesales lead toincrease in onlinefraud
-
7/22/2019 Identity Fraud Consumer Report
9/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
9HowConsumerscanProtectAgainstIdentityFraudstersin2013
Additionally,forthenearly211millionAmericanswhoregularlyuseonline
banking,malwareposesanincreasingthreatasanavenuefor
compromisingand
gaining
control
of
users
accounts.
Fraudsters
stole
$4.9
billionin2012fromconsumeraccountsthroughaccounttakeover
schemes.Malwareposesadirectthreattoconsumers,businesses,andFIs
alike,becausethesemaliciousprogramsseektoinfectvariousdevicetypes
andcompromisethetypeofconsumerfinancialaccountinformationand
credentialsnecessarytocommitfraud.
TabletOwnersAre80%MoreLikelyThanAllOtherConsumersto
BecomeFraudVictims
Figure3:
Fraud
Incidence
by
Ownership
of
Technology
Products
5.3% 5.6% 6.0% 6.3%
6.5%
9.6%
0%
1%
2%
3%
4%
5%
6%
7%
8%
9%
10%
11%
12%
13%
14%
15%
Allconsumers Mobilephoneowners
Laptopo wner s D esk to pcomputerowners Smartphoneowners Tabletowners
Fraud
incidence
rate
October 2012,n=varies1,062 to 5,249.Base:Allconsumers,ownersofvariousproducts.
2013JavelinStrategy&ResearchQ39A: Please indicate which of the following products you personally own and use. Q5:How long ago did you discover that your personal or financial information had beenmisused?
-
7/22/2019 Identity Fraud Consumer Report
10/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
10HowConsumerscanProtectAgainstIdentityFraudstersin2013
HowCriminalsObtainInformation
Manyidentitytheftsoccurthroughtraditionalmethodssuchasstolen
walletsandfamiliarfrauds,inwhichapersonknowntothevictimhas
accesstothevictimsstatementsorotherlegaldocuments.Identitytheft
occurrencesareoftentheresultofsimplelostorstoleninformationand
notnecessarilythroughhackingorelaborateInternetschemes,although
onlineandmobilethreatsremainviablesourcesofinformation.Figure4
showssomeofthemanywaysthatidentitytheftcanoccur.
Identity
Theft
Occurs
Through
Various
Methods
Figure4:HowTheftofPersonalInformationHappens
ATHOME: WHILEYOUAREOUT:
Throughinformationleftoutinthe
home(oratwork)andstolenbyfamily
orfriends
Bymeansofalostorstolenwalletor
purse
Throughdumpsterdivingbycrooks
lookingforunshreddedpaperworkthat
containspersonalorfinancial
information
Throughshouldersurfing,inwhich
someoneobtainspersonalinformation
bylookingoveryourshoulder
Throughtheftofyourmailfromyour
mailboxordiversionofyourmailbya
fraudsterwhochangestheaddressto
obtainyouraccountstatements
Bycardskimming,whensomeone
illegallyrecordsanimprintofyour
creditordebitcardinformationforlater
use
THROUGHABUSINESSYOUUSE: BYTRICKERYORPRETENSE:
Throughasecuritydatabreach,
wherebyabusinessororganizationthat
accessesyourpersonalinformation
(hospital,school,departmentstore,
financialcompany,etc.)hasbeen
compromised
Throughphishingorvishing,inwhich
someonepretendstobeabankor
trustedcompanyandtricksyouinto
providingconfidentialpersonal
informationviaemails,callsorSMS/
textmessages
Throughhacking
incidences,
such
as
Trojanhorses,keyloggersoftware,
virusesormalware/spywareona
computer
Throughsocial
networking
sites
where
personalinformationcanbefoundand
communicationwithfraudulent
individualscanoccur
Throughtheseandothernewandinnovativewaysthatcriminalsareconstantly
2013JavelinStrategy&Research
-
7/22/2019 Identity Fraud Consumer Report
11/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
11HowConsumerscanProtectAgainstIdentityFraudstersin2013
RECOMMENDATIONSFORCONSUMERS
Consumers
should
monitor
accounts
frequently
and,
if
you
have
not
alreadydoneso,usefinancialalertsforyourbankandfinancialaccounts.
Becauseidentitytheftcanoccurbynumerousmethods,youcanprotect
yourselfbyadoptingavarietyofbestpracticesandeffectivebehaviors.
Javelinrecommendsacomprehensive,threepartapproachtocombat
identityfraudeffectively:prevention,detection,andresolution.Thenext
sectionprovidesdataoncurrenttrends,stepstopreventfraud,actionsto
detectfraud
ifit
occurs,
and
ways
to
resolve
fraud
ifyou
become
avictim.
Figure5:JavelinsPrevention,Detection,andResolutionIdentityFraudModel
2013JavelinStrategy&Research
-
7/22/2019 Identity Fraud Consumer Report
12/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
12HowConsumerscanProtectAgainstIdentityFraudstersin2013
CONSUMERPROTECTIONCHECKLIST
BelowisJavelinsconsumerprotectionchecklist.Thechecklisthighlightstheninemostimportantways
toprevent,
detect,
and
resolve
fraud
in
your
financial
accounts.
Take
some
time
and
review
the
list
belowtoseehowpreparedyouare.Themoreitemsyoucancheckoffthelist,thegreatersecurityyou
haveagainstidentityfraud.Remember,themostefficientwaytocombatfraudisforfinancial
institutionsandconsumerstoworktogethertostopcriminals.Togetevenmorecustomized
recommendations, visitJavelinsIDSafety.netwebsite,whereweofferan18questionquizthatwill
providepersonalizedrecommendationsforyourdailyactivities.
-
7/22/2019 Identity Fraud Consumer Report
13/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
13HowConsumerscanProtectAgainstIdentityFraudstersin2013
PREVENTION
Consumerscan
best
prevent
identity
fraud
by
carefully
protecting
and
limitingtheexposureofsensitiveinformation,suchasPINs,bankingand
accountnumbers,andSocialSecuritynumbers.Youalsoshouldbeaware
ofcommonfraudstertechniques,suchasphishing,vishing,smishing,and
otherscams.
HowCanIPreventIdentityFraud?
MobileDeviceSecurity.Mobiledevicesaretreasuretrovesof
informationforfraudsters.Thealwaysonfunctionalityof
mobiledevicesprovidesfraudsterswithnewavenuesfor
stealinginformation.Werecommendthefollowingstepstoprevent
identityfraud:
Installmobilesoftwareonlyfromtrustedsourcesandofficialapp
stores.
Appusersshouldalsoreadthepermissionsrequestedbynew
appscarefullyanddeterminewhetherthepermissions
coincidewiththeallegedfunctionoftheapp.
Mostsmartphoneusersshouldalsoinstallanantivirus/
antimalwareprogramtomitigateinstancesofmobilemalware.
ApplemaintainsthatnoantivirusisneededforiPhoneusersas
longastheOSiskeptuptodate,andnoneisavailableinthe
AppleAppStore.
Mobile
devices
are
increasingly
used
to
store
and
transmit
personalinformation.Youshoulduseantivirus/antimalware
softwaretoguardthatinformationfrommalicious
applications.
-
7/22/2019 Identity Fraud Consumer Report
14/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
14HowConsumerscanProtectAgainstIdentityFraudstersin2013
Makesurealloperatingsystemsarethelatestversions.
Updatesareusedtopatchsecurityholesfoundonthe
previousversion
of
the
operating
system.
Devices
that
continuetorunonoldoperatingsystemscontinueto
experiencethosesecurityvulnerabilities.
Installorenableapasscodelockonyoursmartphone.
Passcodesactasastrongdeterrenttothievesandcangive
youthetimeyouneedtoenableyourremotewipingoranti
theftsoftware.
BeSocial,
Be
Responsible.
Social
media
sites
like
Facebook,
Flickr,Tumblr,LinkedIn,MySpace,Google+,andTwitterare
explodinginpopularity,andthegrowingubiquityofthese
siteshasintroducedanewsetofrisksfortheuser.Wearenotsuggesting
younotparticipateinsocialmedia,butexamineyourcurrentbehaviors
thatexposepersonalinformationthatistypicallyusedbybanksandother
companiestoverifyaconsumersidentity.
Donotrevealsensitiveorpersonalinformationonsocial
networkingsites.
Suchpersonaldetailsarecommonlyusedbybanksandcredit
cardcompaniesassecurityquestionstoidentifyanindividual
beforeclearingaccesstohisorherfinancialaccounts,credit
cardlogins,andmore.
Usecautionwhenusingappsonsocialnetworkingsites.
Verifythattheappdoesnothaveaccesstoanypersonally
identifiableinformation.Usersofcertainsocialmediaapps
experienceasignificantlyhigherincidenceoffraudthanthe
generalpublic.
1. Socialnetworking
sites canprovidefraudsters withpersonalinformation toaccessaccounts.
2. Use cautionwhen sharingsuch details onyour profile.
-
7/22/2019 Identity Fraud Consumer Report
15/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
15HowConsumerscanProtectAgainstIdentityFraudstersin2013
StaySafeOnline.Transitioningyourfinancialactivities
awayfrompaperstatementsandontoonlinechannelscan
significantlyreduce
the
time
it
takes
to
detect
fraud
as
well
asreducerisksassociatedwithphysicaldocumentscontainingpersonal
information.However,theInternetalsointroducesnewthreatsthatyou
shouldtakeintoaccount.
Regularlyinstallandupdatefirewall,antivirus,andantispyware
softwareonyourcomputerandmobiledevicewhenpossible.
Beawareofthedangersofonlinethreatsandinstallantivirus
andantimalwaresoftwareonyourcomputer,smartphones,
andtablets,andupdateitalongwithapplications,browsers,
andoperatingsystems.
Downloadbrowsersecuritysoftwaretoprotectagainstmanin
thebrowserattacks.Installsecuritypatchesandsoftware
updatesassoonastheyarereleasedbyverifiedsources.
Useandrecognizesecurewebsites.
Donotprovidecardorpersonalinformationatunsecured
sites.
Torecognizethesesites,lookforthepadlocksymbolandan
safterthehttpinyourbrowsersaddressbar.Ifthe
websitehasanadditionallayerofsecurity(EVSSL),green
highlightingwillappearintheaddressbarwhenyouaccess
thesiteusingahighsecuritybrowser.
Avoidaccessingwebsitesthatdisplaypersonaloraccount
informationusingunsecuredWiFiconnections,suchasthose
atcafes,publiclibraries,orairports.Youaremoresecureusing
yourmobile
devices
3G
or
4G
connection
than
using
apublic
hotspot.
EnsurethatyourInternetconnectionathomeandworkis
secureorprotectedbyafirewall.
7.4 % consumerswho accessedpublic wi-fihotspots in thepast 12 monthsbecame a fraudvictim. This is
much higher thanthose that did not(4.6%)
-
7/22/2019 Identity Fraud Consumer Report
16/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
16HowConsumerscanProtectAgainstIdentityFraudstersin2013
TurnoffBluetoothandWiFiwhentheyarenotbeingused.
Watchoutforemailandattachmentsfromconvincingimitations
ofbanks,
card
companies,
charities,
and
government
agencies.
Neverresponddirectlytorequestsforpersonaloraccount
informationonline,overthephone,inemail,orthroughyour
mobiledeviceincludingSMStextmessages.
Instead,useyourbankscontactinfolistedontheirwebsite,
onstatements,orthebackofcreditcards.Callthemdirectly.
DonotclickonembeddedlinksinanyemailorSMS.Ifyouget
anemailfromyourbankorFI,gotoitsmainwebsiteoruseits
dedicateddownloadable
application.
Followsafepasswordpractices.
Donotuseeasilyguessedpasswords,suchasyourbirthdate,
thenameofacloserelative,oryourpetsname.
UsepasswordsforwirelessInternetconnections,anddont
accessunsecurewebsitesortypeinPIIusingpublicWiFion
mobiledevices,laptops,orcomputers.
Takeadvantageofavailableonlineshoppingandpayment
securityfeatureslikeonetimepasswordsandvirtualcreditcard
accountnumbers.
Manyofthelargestpaymentnetworksandfinancial
institutionsofferenhancedsecuritytoolsformoresecure
shoppingonline.ServiceslikeVerifiedbyVisa,MasterCard
SecureCode,andCitibanksVirtualAccountNumbersoffer
additionallayersofsecuritytoyouronlineshopping
experiencegivingimprovedfraudprotection.
Wipeclean
electronic
devices,
such
as
smartphones,
tablets
and
computers,beforedisposingof,turningin,orsellingthem.
Do not use: Dictionary
words, the name of the
website, or the word
password.
Dont just capitalizethe first character;instead, capitalize arandom letter.
Integrate numbersinto your password.
-
7/22/2019 Identity Fraud Consumer Report
17/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
17HowConsumerscanProtectAgainstIdentityFraudstersin2013
StaySafeOffline.Beingawareofyoursurroundingsand
destroyingphysicaldocumentsthatcontainsensitiveinformation
areessential
in
safeguarding
your
identity.
Take
these
simple
precautionstoensurethatyouridentityissafe.
Keepsensitiveinformationfrompryingeyes.
Athomeorwork,secureyourpersonalandfinancialrecordsina
lockedstoragedeviceorapasswordprotectedfile.
Shredpaperdocumentsthatcontainsensitiveinformation
beforedisposingofthem.
Avoidproviding
your
full
nine
digit
SSN
whenever
possible,
and
do
notcarryyourfinancialcardsanddocumentswithsensitive
information.
WhenyourSocialSecuritynumberisrequestedasanidentifier,
askifyoucanprovidealternateinformation.
Requestelectronicstatementsanduseonlinebillpaywhenever
possible.
Enrollindirectdeposit,anddontputchecksinanunlocked
mailbox.
Switchfrompaperstatementstoonlinefinancialaccount
management.
Optoutofpreapprovedcreditoffers.
Javelin Data Snack:In 2012, 12% of allidentity fraud crimeswere committed bysomeone known to thevictim.
Javelin Data Snack:In 2012, 28% of fraudvictims reported havingtheir SSN stolen.
Call:1-888-5-OPTOUT
Visit:www.optoutprescreen.com
To be removed fromcredit card applications.
-
7/22/2019 Identity Fraud Consumer Report
18/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
18HowConsumerscanProtectAgainstIdentityFraudstersin2013
DATABREACHNOTIFICATIONLETTERS
Organizationstypicallysenddatabreachletterstonotifycustomersaboutthepossibleleak
ofpersonallyidentifiableinformation,suchasSocialSecuritynumbers,driverslicense
numbers,creditcardnumbers,etc.Theletterwouldalsospecifywhatinformationwas
stolenorleakedandthestepsrequiredtoensurefurtherprotectionofcustomersaccounts.
In2012,12%ofU.S.adultsreceivedsuchletters.
WhatShouldIDoIfIReceiveaBreachNotificationLetter?
Currently,
46
states
(plus
the
District
of
Columbia,
Guam,
Puerto
Rico,
and
the
U.S.
Virgin
Islands)requirecompaniestonotifyyouifabreachofsecurityoccursattheirplaceof
businessandyourpersonalinformationhasbeenplacedatrisk.Receivingthisnotification
doesnotnecessarilymeanthatyouwillsufferafraud.However,Javelindatashowsthat
consumerswhoreceivedbreachnotificationsin2012hadasubstantiallyhigherriskof
identityfraud,almost5timeshigher,thanthosewhodidntreceivethesenotifications.
TakeActiontoProtectYourselfIfYouReceiveaSecurityBreachNotification
Figure6:RecordNumberofDataBreachRecipientsBecameIDFraudVictimsin2012
2013JavelinStrategy&Research
-
7/22/2019 Identity Fraud Consumer Report
19/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
19HowConsumerscanProtectAgainstIdentityFraudstersin2013
Consumerswhoreceivesecuritybreachnotificationsthereforeneedtotakeactionto
protectthemselves.Ifyoureceiveadatabreachletter,takethefollowingsteps:
1. Verifythattheletterislegitimate.
2. Youarestronglyencouragedtotakeadvantageofanyfreeservicesthenotification
letteroffers,suchascreditmonitoring.
3. Youshouldalsocallthetollfreenumbersorvisitthewebsiteslistedintheletterto
learnmoreaboutthebreach,determineyourlevelofrisk,andidentifytheactions
youneedtotaketoprotectyourselffrommoredamage.
4. Differentbreacheshavedifferentlevelsofriskthatrequirespecificactionby
consumersto
prevent
further
harm.
The
action
could
be
as
simple
as
changing
passwordstoemailaccountsthatarelinkedtotheFItocancelingthecreditordebit
cardaffectedtochangingsecurityquestionsandanswerstoaffectedaccounts.Or
theactioncouldbefarreaching,suchasthefollowing:
Monitoringyourfinancialaccounts.
Closingaffectedaccounts.
Placingafraudalertonyourcreditreportwiththethreeprimarycreditbureaus:
Equifax,Experian,andTransUnion(refertoFigure7forcontactdetails).Fraud
alertsnotify
creditors
that
apotential
fraud
has
occurred
and
that
they
should
verifytheapplicantsidentitybeforeextendingcredit.Aninitialalertstaysactive
for90days,andanextendedalertforidentityfraudvictimslastssevenyears.A
fraudalertwilltriggeracreditreport,whichtheconsumerneedstoreviewfor
anysignsoffraud.
Placingacreditfreezeonyouraccountwiththethreeprimarycreditbureaus.A
creditfreezeisstrongerthanafraudalertbecauseitlocksyourcreditreport
downtopreventnewcreditfrombeingextended.
-
7/22/2019 Identity Fraud Consumer Report
20/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
20HowConsumerscanProtectAgainstIdentityFraudstersin2013
DETECTION
Itiscriticalthatconsumersdetectfraudasearlyaspossibletominimize
potentiallossesandfraudresolutiontime.Fasterdetectionresultsinlower
outofpocketexpenses,whichincludeunreimbursedlosses,legalfees,
andlostwages.Thesoonerfraudisdetected,theeasieritistoresolveand
thelessthecriminalisabletosteal.
HowCanIDetectIdentityFraud?
Javelinresearchhasconsistentlyshownthatconsumerscanbevery
successfulatdetectingidentityfraudrelatingtotheiraccounts.Themost
efficientwaytocombatfraudisforconsumersandinstitutions(banks,
governmentagenciessuchastheFederalTradeCommission,andother
CreditBureauInformation
Figure7:HowtoContacttheThreeCreditBureaus
Credit
BureauEQUIFAX EXPERIAN TRANSUNION
Order
credit8006851111 8883973742 8008884213
Report
fraud8887660008 8883973742 8006807289
Web
addresswww.equifax.com www.experian.com www.transunion.com
Mailing
address
EquifaxConsumer
FraudDivision
P.O.Box105281
Atlanta,GA30374
ExperianConsumer
Assistance
P.O.Box9532
Allen,TX75013
TransUnionVictim
AssistanceDept.
P.O.Box6790
Fullerton,CA92834
2013
Javelin
Strategy
&
Research
Note:Toorderafreeannualcreditreportfromanyorallagencies,contact
www.annualcreditreport.comorcalltollfreeat8773228228.
-
7/22/2019 Identity Fraud Consumer Report
21/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
21HowConsumerscanProtectAgainstIdentityFraudstersin2013
organizationsdedicatedtofightingfraud)toworktogether.Consumers
mustbeproactiveintheirapproachtoprotectthemselvesagainstfraud
andshould
work
with
institutions
to
safeguard
their
identity.
SelfDetectionvs.ExternalFraudDetection
Financialaccountprotectionisasharedresponsibility betweenFIsand
customers.In2012,frauddetectionwasalmostequallysplitbetween
fraudvictimsandexternalsources(e.g.,FIsandlawenforcement).While
50%ofvictimswereabletoselfdetectfraudbyregularlymonitoringtheir
accounts,
credit
reports,
or
enrolling
in
identity
protection
services,
33%
of
consumersreliedontheirbanksorcreditcardproviders.Thelattergroup
realizedtheyhadbeendefraudedonlywhentheywerenotifiedbythese
externalsources.
ConsumersAreEquallyRelyingonSelfDetectiontoDiscoverFraudon
TheirAccounts
Figure8:MethodsofDetection,2012
Notifiedby
BankorCredit
CardProvider
33%
Other
17%
Bymonitoringaccounts through
theInternet,ATM, orother
electronicmeans
Monitoredaccount through
paperstatements
Balanceshrank/credit
overdrawn
Reviewed
credit
report
Usingacreditmonitoring or
identityprotectionservice
Q22:Howdid youfirstdiscoveryouwereavictimofidentitytheft?
Wasit...?
October2012,n=827
Base:Allfraudvictims.
Surveybase:n=5,249
2013JavelinStrategy&Research
SelfDetection
50%
-
7/22/2019 Identity Fraud Consumer Report
22/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
22HowConsumerscanProtectAgainstIdentityFraudstersin2013
Itisimportanttonotethatselfdetectionisstillthemosteffectivewayto
detectfraud.CertaintypesoffraudaremoredifficultforFIstodetectand
canlead
to
longer
detection
times
and
higher
consumer
costs
for
victims.
Forexample,incasesoffamiliarfraud(instancesoffraudwherethevictim
personallyknowstheperpetrator)only10%ofvictimsreportedbeing
informedbybanksorcreditcardcompaniesthatfraudulentactivitieshad
occurredontheiraccounts,comparedto33%ofvictimsofothertypesof
fraud.Thesecasesareoftendifficulttodetectbyexternalsecuritysystems
becausetheperpetratorisusuallyfamiliarwiththevictimsbehaviorsand/
orlivesintheclosegeographicalarea.Itisintheconsumersinterestfor
themtoplayanactiveroleinmanagingtheirfinancialsecurityandkeeping
aclosewatchontheirfinancialactivity.
Javelinrecommendsdoingthefollowingtodetectfraudearly:
Signupforemailandmobilealertsthroughyourprimarybank,
creditcardcompany,and/orserviceprovider.
SetupemailandSMStextnotificationsthroughFIssothat
theywillalertyoutosuspiciousactivityandchangestoyour
accountsor
personal
information.
Youcanchooseamongawidearrayofalertofferingsforthe
onesthatapplytoyourbankingbehaviorsandpractices,
therebyincreasingyouridentityfraudprotection.Contactyour
bank,creditcardprovider,orserviceproviderandaskfor
informationaboutaccountalerts.
Themostcommonmethodthatfraudstersusetotakeover
accountsischangingthephysicaladdress,sosetupanaddress
change
alert
whenever
possible.
Monitoryourcreditreportonaregularbasis.
Reviewandconfirmthatalltheaccountslistedbelongtoyou
andthatnounauthorizedchargeshavebeenmadeor
unknownaccountsorcreditlineshavebeenopened.
Free reports areavailable at
AnnualCreditReport.comor by calling1-877-322-8228.
By contacting adifferent one ofthe three credit
bureaus every fourmonths, you canstagger your freereports to reviewyour credit threetimes a year at nocharge.
-
7/22/2019 Identity Fraud Consumer Report
23/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
23HowConsumerscanProtectAgainstIdentityFraudstersin2013
Optionalfeebasedservices,suchasmoreextensive
monitoringofcreditinformation,personalidentityrecords,
andSocial
Security
numbers,
provide
extra
security
and
convenienceforthosewhodontwanttopersonallymonitor
theirinformation.Whenchoosinganidentityprotection
service,selectaproviderthatcoversbothpersonal
informationandcreditmonitoring.3
Reviewfinancialstatementspromptly.
Checkaccountbalancesatleastweeklythroughonline
banking,mobilebanking,phone,orATM.Regularlymonitorall
financialaccountselectronically,includingbanking,biller,and
creditcard.
Confirmthatalltransactionsareauthorizedandthatno
suspiciousactivityhasoccurredorunapprovedchangeshave
beenmadetoyouraccounts.
3FormoreinformationaboutthespecificservicesofferedbysomeofthetopIDprotectionproducts,pleasereferto
Javelins2012IdentityProtectionServicesScorecard:HowtoDeliverCustomerandMarketValueinaRegulated$4BMarket.
-
7/22/2019 Identity Fraud Consumer Report
24/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
24HowConsumerscanProtectAgainstIdentityFraudstersin2013
RESOLUTION
WhatShould
IDo
If
IBecome
aVictim
of
Identity
Fraud?
Ifyoubecomeavictimofidentitytheftorfraud,dontpanic.Whenit
comestoyourfinancialaccounts,FIsandcreditcardprovidersare
preparedtohelpyouresolvetheidentitytheft.MostFIshaveateam
dedicatedtoresolvingidentityfraudandguidingvictimsthroughthe
process.Withtechnologicaladvancements,identityfraudresolutionhas
improved.
Byfollowingthefewsimplestepsbelow,youcanhelpensurethatyour
fraudcaseishandledquicklyandpainlessly.Theseactionscanserveasa
checklist/resourceguideifyoubecomeavictim.
Immediatelycontactyourbankandcreditcardcompanies.
Reportproblemsandworkwithyourbank,creditunion,or
identityprotectionserviceprovidertotakeadvantageof
resolutionservicesandreimbursementpolicies.
Ifyour
FI
provides
fraud
resolution
specialists,
ask
for
their
assistancetoensurethefraudisresolved.
Notifytheappropriateinstitutionsassoonaspossibleif
physicaldocumentssuchasacheckbook,wallet,debitcard,or
creditcardarelostorstolen,ifunauthorizedorsuspicious
accountactivityoccurs,ifchangesaremadetopersonal
information(e.g.,physicaladdress,emailaddress,registered
users,loginorpassword),orifpaperstatementsareturned
off.
Dependingoneachindividualcase,anFImaycloseyour
account,cancelyourdebitorcreditcards,andtakeother
necessaryprecautions.Itwillalsoassistyouinsettingupnew
accountsandwillissuenewdebitandcreditcards.
Javelin Data Snack:The average amount
of time required toresolve a case ofidentity fraud hassteadily decreased,from 18 hours in2004 to 12 hours in2012.
-
7/22/2019 Identity Fraud Consumer Report
25/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
25HowConsumerscanProtectAgainstIdentityFraudstersin2013
EducateyourselfonyourFIsandissuerszeroliability
protectionsondebitcardsandATMwithdrawalsbecausethey
varyamong
providers.
Reportalllostorstolencardsorfraudulenttransactions
immediatelybecausethetimingofyourreportmayaffectthe
amountthatyouareliableforunderthelaw.
ContacttheFederalTradeCommission.
Placeafraudalertonyourcreditreport.
Ifyourpersonalinformationhasbeencompromisedorifyou
havebeenavictimoffraud,immediatelycontactthethree
primarycredit
reporting
agencies:
Equifax,
Experian,
and
TransUnion(refertoFigure7forcontactinformation)toplace
afraudalert.Theseagenciesprovidecreditmonitoring
servicesaswellasadditionalproductsandservices.
Fileapolicereport.
Iffraudhasoccurred,contactyourlocalpolicedepartmentto
fileanidentityfraudreport.Makesuretosaveacopyforyour
personalrecords.
ConsiderenrollinginahighqualityIDprotectionservice.
VictimswhofindthattheirdriverslicensenumbersorSSNs
havebeencompromisedshouldconsiderenrollinginID
protectionservicesthatmonitorcreditreportsaswellasnon
creditrelateddatabasesforunauthorizeduseofstolen
information.
IdentityFraudProtectionSolutions
Specificservices
are
available
for
consumers
who
want
extra
protection
againstnewaccountsfraudthetypeoffraudinwhichacriminalusesa
victimsSocialSecuritynumberandotherpersonallyidentifiable
informationtocreateafraudulentaccountinthevictimsname(e.g.,
To report incidentsof suspected fraud
or identity theft,visit the FTC onlineat http://www.consumer.ftc.gov/features/feature-0014-identity-theftorcall 1-877-IDTHEFT(1-877-438-4338).
-
7/22/2019 Identity Fraud Consumer Report
26/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
26HowConsumerscanProtectAgainstIdentityFraudstersin2013
creditcard,cellphone,orutilities)andothertypesoffraud.Identity
protectionservicessuchascreditmonitoringandpersonalinformation
monitoringcan
be
purchased
for
afee.
Javelin
advises
consumers
who
purchasefeebasedservicestolookforthefirmsBBBrating.These
servicescanprovidepeaceofmindandconvenienceforconsumerswho
wantextraprotection.
Consider placinga security freezeon your creditreport.If you have been avictim of fraudrelated to anopening of a newaccount more thanonce and you arenot activelyapplying for credit,you may want to
place a securityfreeze on yourcredit report ateach of the threereportingagencies.
SERVICE DESCRIPTION
Creditmonitoring
Apaid
subscription
service
that
monitors
your
credit
for
suspicious
activityorchangestoyourcreditfile(e.g.,creditinquiries,
employmentchanges,newaccountsoraddresschanges)
Intendedtodetectpotentialidentityfraud
Personalinformation
monitoring Scanspublicrecords,thirdpartydatabasesandInternetsitesto
detectexposureofyourpersonalinformation(creditcard
numbers,SocialSecuritynumbers,etc.)
Intendedtodetectpotentialidentitytheft
Fraudalert Amessagethatisplacedonyourcreditreport,requiringlenders
andcreditorstoconfirmyouridentitybeforeissuinganewlineof
credit
Intendedtopreventnewaccountsfraud
Creditfreeze Freezesyourcreditfileatthecreditreportingagencies,whichare
thenprohibitedfromissuingyourcredithistorytoanylender,
creditor,orothers
Intendedtopreventnewaccountsfraud
2013JavelinStrategy&Research
CreditMonitoringandPersonalInformationMonitoringServices
Figure9:IdentityFraudProtectionServices
-
7/22/2019 Identity Fraud Consumer Report
27/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
27HowConsumerscanProtectAgainstIdentityFraudstersin2013
ABOUTJAVELIN
JavelinStrategy
&
Research,
adivision
of
Greenwich
Associates,
provides
strategicinsightsintocustomertransactions,increasingsustainableprofits
andcreatingefficienciesforfinancialinstitutions,governmentagencies,
paymentscompanies,merchants,andothertechnologyproviders.Javelins
independentinsightsresultfromauniquelyrigorousthreedimensional
researchprocessthatassessescustomers,providers,andthetransactions
ecosystem.
Authors: JamesJarzab,ResearchSpecialistAlPascual,SecurityRiskandFraudSeniorAnalyst
SarahMiller,SecurityRiskandFraudAnalyst
Contributors: MaryMonahan,ExecutiveVicePresidentand
ResearchDirector
JamesVanDyke,PresidentandFounder
PublicationDate: February2013
Editor ChuckErvin
ABOUTTHEMETHODOLOGY
Since2003,Javelinhascollecteddatafromapproximately5,000adults
eachyeartomeasuretheoverallimpactofidentityfraudonconsumers.In
2012,5,249adults,including1,186fraudvictims,answeredquestions
regardingtheirdailyfinancialpracticesandbehaviorstohelpdetermine
thecauses
of
and
provide
important
details
about
such
fraud.
Javelins
identityfraudstudyreachesanaudienceof63millionandisafactual
resourcefortheFederalTradeCommission(FTC).
AdditionalResourcesThe 2013 IdentityFraud Reportssponsors Intersections andCitigroup alsomake safetyrecommendations:
Intersectionshttp://
www.identityguard.com/what-is-identity-theft/
Citigrouphttps://online.citibank.com/US/JRS/pands/detail.do?ID=SecurityCenter
-
7/22/2019 Identity Fraud Consumer Report
28/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
28HowConsumerscanProtectAgainstIdentityFraudstersin2013
GLOSSARYOFTERMS
accounttakeoverfraud Methodofidentityfraudinwhichafraudoperatorattemptstogain
accesstoaconsumersaccountbyfraudulently addinghisorher
informationtotheaccount(e.g.,changingaccountmailingaddress,
addinghimselforherselfasaregistereduser,ormakingother
alterations).
cardnotpresent(CNP) Transactioninwhichthecardisnotpresent;carddataismanually
entered.Thisincludespurchasesmadeonline,byphone,orthrough
themail.
casualsocialnetworkactivity
users
Socialnetworkuserswhoindicatedthattheysometimesusethe
indicatedsocial
networking
activity
or
often
use
the
indicated
social
networkingactivity.
cloud ThecloudisametaphorfortheInternet.Withthecloud,software
servicesanddataarenothostedlocallybutgloballyandare
accessibleremotelybybrowser.Amazon,Google,andRackspace,for
example,offerlargecloudnetworksthatareleasedtovarious
businesses.
consumercostoroutof
pocketcost
Outofpocketcostsincurredbythevictimtoresolveafraudcase,
includingpostage,copying,notarizingofdocuments,andlegalfees;
costsmayalsoincludepaymentofanyfraudulentdebtstoavoid
furtherproblems.
creditfreeze Securityfreezeplacedonaconsumerscreditfiletopreventthefile
frombeingsharedwithcreditors,thusforestallingnewaccounts
frombeingopenedintheconsumersname.
creditmonitoring Servicethatscrutinizesaconsumerscreditfileforsuspiciousactivity
orchangesonhisorhercreditreportsuchascreditinquiries,
delinquencies,negativebillinginformation,employmentchanges,
andaddresschanges.Monitoringisparticularly helpfulindetecting
newaccountfraudafteritoccurs.Themosteffectivecredit
monitoringcompanieswillmonitorallthreecreditbureausbecause
manylenders
will
contact
only
one.
databreach Unauthorizeddisclosureofinformationthatcompromisesthe
security,privacy,orintegrityofpersonallyidentifiabledata.
drivebydownload ActofpassivelycompromisingaPCbydownloadingamaliciousfile
whilethevictimviewsthecontentofawebsite.
-
7/22/2019 Identity Fraud Consumer Report
29/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
29HowConsumerscanProtectAgainstIdentityFraudstersin2013
existingaccountfraud Identityfraudperpetratedagainsteitherorbothexistingcardand
existingnoncardaccounts.
existingcard
account
fraud
Identity
fraud
perpetrated
through
use
of
existing
credit
or
debit
cardsand/ortheiraccountnumbers.Thisfraudtypecanalsobe
referredtoasexistingcardfraudorECF.
existingnoncardaccount
fraud
Identityfraudperpetratedthroughuseofexistingcheckingand
savingsaccountsorexistingloan,insurance,telephone,andutilities
accountsorotheraccounts.Thisfraudtypecanalsobereferredtoas
existingnoncardfraudorENCF.
externaldetectionmethods Methodsofdetectingfraudinwhichanexternalresourceisthefirst
todiscoverthefraud.Examplesofexternaldetectionmethods
includediscoveringfraudthroughnotificationsfromthebank,law
enforcement,or
debt
collectors.
fraudamount Totalamountoffundsthefraudoperatorobtainedillegally;these
mayresultinactuallossestovariousbusinessesandorganizations
and,insomecases,totheconsumer.
frequentsocialnetworking
activityusers
Socialnetworkuserswhoindicatedthattheyalwaysusethe
indicatedsocialnetworkingactivityoroftenusetheindicatedsocial
networkingactivity.
familiarfraud Fraudcommittedbysomeonewhoknowsthefraudvictim
personally,suchasafamilymember,coworker,orfriend.Familiar
fraudis
more
damaging
(harder
to
detect
and
longer
to
resolve)
becausetheperpetratorstendtobeawareofthevictimshabitsand
knowhowtohidethefraud.Also,victimstendnottoreportfamiliar
fraudtoauthorities.
identityfraud Unauthorizeduseofsomeportionofanotherspersonalinformation
toachieveillicitfinancialgain.Identityfraudcanoccurwithout
identitytheft(forexample,byrelativeswhoaregivenaccessto
personalinformationorbytheuseofrandomlygeneratedpayment
cardnumbers).
identitytheft Unauthorizedaccesstopersonalinformation;identitytheftcanoccur
withoutidentityfraud,suchasthroughlargescaledatabreaches.
keylogger Spywarethatcapturesandrecordsuserkeystrokesonacomputer
andisusedbyfraudsterstoobtainpasswords,PINs,logins,andother
sensitiveinformation.
-
7/22/2019 Identity Fraud Consumer Report
30/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
30HowConsumerscanProtectAgainstIdentityFraudstersin2013
mailorder/telephoneorder
(MOTO)
Ordersplacedthroughmailortelephonechannels(atypeofcardnot
presenttransaction).
malware
Malicioussoftware
designed
to
access
acomputer
or
operating
systemwithouttheknowledgeorconsentoftheuser.Some
examplesofmalwarearecomputerviruses,worms,Trojanhorses,
spyware,maliciousadware,androotkits.Malwareisdamagingcode
orprogrammingthatgathersinformationwithoutpermission.
maninthebrowser(MITB) Attackinwhichaperpetratorisabletoread,insertinto,andmodify,
atwill,messagesbetweentheInternetbrowserandaserverwithout
eitherpartysknowingthatthelinkbetweenthemhasbeen
compromised.
man
in
the
middle
(MITM)
Attack
in
which
a
perpetrator
is
able
to
read,
insert
into,
and
modify,
atwill,messagesbetweentwopartieswithouteitherpartysknowing
thatthelinkbetweenthemhasbeencompromised.MITBattacksare
asubsetofMITMattacksinwhichthebrowserisexploitedtotrick
thelegitimatepartiesintorevealingsensitiveinformation.
mutualauthentication MethodbywhichtheFIandthecustomeridentifyeachotherby
providingandidentifyingsharedsecrets.
newaccountsfraud Identityfraudperpetratedthroughuseofthevictim'spersonal
informationtoopenfraudulentnewaccounts.
personal
information
monitoring Service
that
keeps
an
eye
on
a
consumers
personally
identifiable
informationbymonitoringchannels,includingonlinesurveillance,
publicrecordsanddatabases,Internetsites,andcardingforums
(undergroundsiteswherestolencreditcardnumbersareboughtand
sold).Thirdpartysolutionsthatofferthisserviceprovideadditional
valuebecausetheycanmoreholisticallypreventanddetectidentity
fraud,includingmedicalandhealthinsurancefraud.
phishing Methodof"fishing"forInternetuserspasswordsandfinancialor
personalinformationbyluringthemtoafakewebsitethroughan
authenticlookingemailthatimpersonatesatrustedparty.Phishing
emailscouldattempttoimpersonateanFI,issuer,merchant,or
biller.
privacysettings Userdefinedcontrolsthatallowuserstomanagethevisibilityof
variouspartsoftheirsocialmediaprofiles,includingwhohasaccess
tospecificinformation.
-
7/22/2019 Identity Fraud Consumer Report
31/32
Copyright2013JavelinStrategy&Research,adivisionofGreenwichAssociates. Allrightsreserved.ThisreportislicensedforusebyJavelinSubscribersonly.Itisprotec
bycopyrightandotherintellectualpropertylaws.Youmaydisplayorprintthecontentavailableforyouruseonly.Youmaynotsell,publish,distribute,retransmitor
otherwiseprovide
access
to
the
content
of
this
report.
31HowConsumerscanProtectAgainstIdentityFraudstersin2013
selfdetectionmethods Methodsofdetectingfraudinwhichtheconsumeristhefirstto
discoverthefraud.Examplesofselfdetectionincludediscovering
fraudthroughelectronicorpapermonitoringorreportingacardlost
orstolen.
severelyimpacted Victimswhoreportthattheyhavesufferedasignificantlynegative
effectbecausetheyhavebeenfraudvictims.Consumersratethe
impacta4or5onascalewhere1representslittleornoeffectand
5representsasevereeffect.
smartphone Amobiledevicewithphone,keyboard,webaccess,andapps(e.g.,
Android,iPhone,WindowsMobile,BlackBerry,etc.)
smishing Aformofcriminalactivity,usingtechniquessimilartophishing,in
which
a
fraudster
uses
SMS
messages
to
mobile
devices
to
lure
victimsintorevealingpersonalinformation.Similartophishing,it
couldattempttoimpersonateanFI,issuer,merchant,orbillerand
canincludeafraudulentURLlinktoafakedwebsiteorphone
numbertoafakeautomatedvoiceresponsesystem.
socialnetworking Amediumforconsumerstointeractwithoneanotheronline.Users
areresponsibleforgeneratingcontentandcanpostandedit
conversations,pictures,andmedia.Someofthemostpopularsocial
mediasitesareFacebook,MySpace,LinkedIn,Twitter,FourSquare,
Yelp,andYouTube.
Trojanhorse
Program
that
appears
to
be
auseful
file
(e.g.,
amusic
file
or
software
upgrade)fromalegitimatesource,trickingthevictimintoopeningit;
onceactivated,theTrojanhorseallowsintruderstoaccessprivate
information.
twowayactionablealerts:
reviewandrelease
Reviewandreleasealertsareuserdefinednotificationsthatalertthe
consumerwhenthetransactionisstillpending.Thetransactionthat
triggeredthealertremainspendinguntiltheconsumercanverifyor
denyitwithinthealert.
twowayactionablealerts:
reviewandrespond
Reviewandrespondalertsnotifyconsumersafteratransactionhas
beencompletedbutallowstheconsumertorespondwithinthealert
ifhe
or
she
wants
to
take
certain
action.
This
could
include
reporting
thetransactionasfraudulentortransferringfundsfromoneaccount
toanother.
-
7/22/2019 Identity Fraud Consumer Report
32/32
32HowConsumerscanProtectAgainstIdentityFraudstersin2013
WiFihotspots LocationthatoffersInternetaccessoverawirelesslocalarea
network.Thesehotspotscanbesetupinpublicvenueswhereusers
canconnectusinglaptops,smartphones,tablets,andotherInternet
accessingdevices.
WiFiProtectedAccess
(WPA)
DesignedtoreplaceWEPbyusingstrongerencryption.Extensionsof
WPAandWPA2includeTemporalKeyIntegrityProtocol(TKIP)and
presharedkey(PSK,alsoknownaspersonal)mode.Bothrequirethe
additionofapassphrasethatisusedintheprocessofencryptingthe
datapacket.