Slide 1

Slide 2

Victims of ID theft suffer much anguish Nearly a billion records were compromised in 2014 20 incidents exposed one million records in each instance PII (Name, DOB, SSN) is easier to sell than credit card/banking information http://www.csoonline.com/article/2847269/business-continuity/nearly-a-billion-records-were-compromised-in-2014.html 1 in 5 Americans had Credit Card/Banking/SSN stolen in 2014 http://thinkprogress.org/home/2014/04/15/3426781/1-in-5-americans-have-had-their-social-security-number-or-credit-card-info-stolen/ 50% of identity theft victims knew the person responsible for the theft Affects 10-16 million Americans annually Takes an average of 6 months and 220 hours to resolve http://www.identityhawk.com/identity-theft-recovery-timehttp://www.identityhawk.com/identity-theft-recovery-time

Slide 3

Every 19 minutes a person becomes a victim by: Email Phishing Credit/debit card information stolen at stores, restaurants by hacking or skimming https://www.youtube.com/watch?v=U0w_ktMotlo&list=PLE979CF662C9EB337 Social media - Bad guys start to put together a jigsaw puzzle of your life with personal information. Phone scams Remote access provides cybercriminals with unlimited access to anything in your computer http://www.trusteer.com/glossary/remote-access-trojan-rat

Slide 4

Consequences Go to jail for someone elses crime IRS notifies you more than one tax return was filed under your name Credit can be ruined Bankruptcy filed in your name Difficulty getting loans or credit cards Citations Rental vehicles damaged/stolen Student loans taken in your name Higher interest rates Merchants refuse checks Debt collectors start calling Medical Identity Theft Thiefs medical information gets in your file (blood type, allergies, illnesses) Health claim refused because you have reached limit

Slide 5

Signs Your Identity Has Been Stolen A Sudden Increase in an Account Balance Your Credit Card is declined Your Credit Score Drops Mysterious New Account on credit report Debt collectors are calling

Slide 6

How to prevent Teach children as well Never give personal information over email/phone Dont put birthday on social media or PII to create a profile Update anti-virus software weekly on computer and smartphone Keep/protect separate passwords for each account Pick up mail in unlocked box daily Get free credit report annually from each of 3 credit reporting bureaus. Request one free report get one every 4 months Place outgoing mail in secure mailbox

Slide 7

Prevention, Part 2 Stop getting pre-approval credit cards or loan offers in the mail. Remove name from marketing lists of 3 credit reporting agencies and call 1-888-5-OPTOUT or go to www.optoutprescreen.com to remove you from marketing lists.www.optoutprescreen.com Shred credit card offers (cross-cut shredder) Cut up expired or credit cards you dont use Keep an eye on credit reports Keep an eye on bank and credit card statements at least weekly Never keep your SS card in your wallet Never use password on an unsecured Wi-Fi Ask if there are options other than providing SSN as PII http://blog.credit.com/2013/03/5-places-where-you-should-never-give-your-social-security-number- 65328/

Slide 8

What to do if your Identity is stolen or banking/credit card information was accessed at Target, Home Depot, PF Changs, JP Morgan Chase, ETC. Security Freeze on Credit Report, small fee to initiate and remove if you need a credit check Protect my ID.com Apply for a new social security number Get V on back of drivers license

Slide 9

What to do, part 2 Call credit reporting companies and place a fraud alert on credit reports associated with your Social Security number. Dispute Fraudulent charges Have any account that has been tampered with or opened fraudulently closed immediately. Contact your local police and/or the police department in the community where the identity theft took place and file a report. Contact the Federal Trade Commission and file an official complaint.

Slide 10

Number of spam/phishing emails UNM IT blocks DAILY 1-3 MILLION If one gets through, forward to: spamdrop@unm.edu security@unm.edu

Slide 11

Antivirus software can only protect you from known viruses Kaspersky Lab is detecting 315,000 new malicious files every day http://www.kaspersky.com/about/news/virus/2013/number-of-the-year

Slide 12

Phishing scams Never disclose your financial or personal information in response to an unsolicited e-mail regardless of who sent it. If you get an email or phone call asking for personal information, it is a scam 100% guaranteed Call the institution directly if you have a concern (do not call the number they provide in the email. Look it up yourself.) Never click on a link embedded in an unsolicited e-mail, regardless of who sent it. Verify the authenticity of a website before entering financial or personal information via that website

Slide 13

Google Malware stealing emails and accessing Google documents and any account with same password http://www.cnbc.com/id/101668517#. http://www.cnbc.com/id/101668517# The scam starts with an email that claims to be sent by Google with the phrase "Mail Notice" or "Lookout Notice" as the subject. The message in the email reads: "This is a reminder that your email will be locked out in 24 hours, due to not being able to increase your email storage quota. Go to the INSTANT INCREASE to increase your Email storage automatically." A link then redirects the user to a bogus Google login page where the user is prompted to put in their credentials. Once the hackers receive the credentials they have access to not just a victim's email, but to all Google documents, Google Play, Google+ and if the person uses the same login information for multiple sites, the hacker will also have access to those.

Slide 14

Pharming Scams Pharmers redirect Internet users from legitimate commercial websites to counterfeit web pages to trick them to disclose their vital financial and personal information

Slide 15

Check the URL even if you typed name in The URL is also a great place to check. Always ensure that, once the page has loaded, that the URL is spelt correctly and hasnt redirected to a slightly different spelling, perhaps with additional letters or with the letters swapped around. Make sure the URL has http(s) and padlock on bottom of page

Slide 16

Holding your computer hostage for money http://krqe.com/2015/02/04/ransomware-rakes-in-millions-from-average-computer-users/ They have already stolen all your files Paying does not guarantee you will get it back or that it wont happen again Using your credit card only compounds your problem

Slide 17

Phone fraudsters recycle approach http://www.abqjournal.com/531300/biz/phone-fraudsters-recycle-approach.html http://www.abqjournal.com/531300/biz/phone-fraudsters-recycle-approach.html Calls representing IRS, threatening arrest if you dont send money immediately. IRS does not email or call. Calls representing police departments regarding taking care of warrants by phone payments Calls stating you missed jury duty. Call 841-8141 re: Jury duty questions Family member has been kidnapped demanding money for safe return. Calls made from a disposable cell

Slide 18

Child/Student Identity Theft on the Rise Goes undetected for years http://www.equifax.com/specs/child-identity-protection-kit/child-kit.pdf http://www.equifax.com/specs/child-identity-protection-kit/child-kit.pdf Use the childs SSN as the family SSN due to the inability of a parent to get a SSN Pay off debt and create new lines of credit Avoid a criminal record on the perpetrators file Avoid a medical record with the perpetrators file information (perhaps for insurance purposes or to hide a medical condition) Fraudulently receive welfare, unemployment or medical benefits

Slide 19

College students on scammers radar FBI warns of fictitious Work-From-Home Scam Targeting University Students http://www.ic3.gov/media/2015/150113-1.aspx If a job offer sounds too good to be true, it probably is Never accept a job that requires the depositing of funds into your account and wiring them to different accounts Never provide credentials, passwords or personal information in response to a recruitment email Forward emails to spam@unm.edu and warn your friends to be on the lookout for the scamspam@unm.edu

Slide 20

I ate Thanksgiving with my Identity Thief for 19 years http://time.com/money/3607328/identity-theft-i-ate-thanksgiving-dinner-with-my-identity-thief-for-19-years/?xid=time_readnext

Slide 21

Mans ID stolen by killer, with lingering effects http://www.abqjournal.com/524390/biz/bogus-health-fitness-claims-should-raise-red-flags.html http://www.abqjournal.com/524390/biz/bogus-health-fitness-claims-should-raise-red-flags.html Ted Bundy was also an identity thief Victim had to prove he was not Ted Bundy even after he was put to death

Slide 22

Scammed BBB president shares lessons learned http://www.abqjournal.com/506835/biz/bbb-chief-falls-prey-to-intrusion.html http://www.abqjournal.com/506835/biz/bbb-chief-falls-prey-to-intrusion.html Was closing on a Farmington building the BBB was donating to Big Brothers Big Sisters Received email from Big Brothers email titled Kindly Review the Attached Document. Clicked the attachment which was blank. Prompted him to provide Google email username/password. He complied. Big mistake. Once in his email, hackers sent the identical bogus email to any person the BBB chiefs ever sent email The point was to get into thousands of emails quickly to steal personal information, bank and cc accounts Contained his usual signature but an incorrect phone number so if his contacts suspected something about the email, they would get a wrong number. Set up filters so that all responding emails would go directly to trash. Lessons learned: Do not store personal information on your email Do not let your guard down or logon information even if email seems to be from someone you know

Slide 23

Protect Passport/CC/Cash RFID Blocking Wallet https://www.youtube.com/watch?v=hcSss9BHPFo https://www.youtube.com/watch?v=hcSss9BHPFo Unless country mandates carrying passport, leave original in safe and carry copy in passport holders inside pants Carry cash in money belts inside pants

Slide 24

NM and FTC Victim Resources http://identitytheftnetwork.org/resource-map/new-mexico Federal Trade Commission: Step by step instructions http://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf

Slide 25

If you think you have been a victim of identity theft or want further information, please contact Deb Kuidis at 277-0732 or dkuidis@unm.edu http://researchcompliance.unm.edu/industrialsecurity-home http://researchcompliance.unm.edu/industrialsecurity-home