Social Engineering is the real threat
Even a piece of direct mail that you've carelessly thrown away, can be enough for a fraudster to pose as you, borrow money or acquire sweets and goodies and then vanish. What do you get? Debts in your name and your credit status in tatters.
The information they use varies but the personal information that an ID thief is typically interested in is your full name, date of birth, current addres, account numbers and, if possible, passwords and PINs.
It sounds a lot but a little work can deliver a surprisingly large amount of data. The idea is to do a bit of cherry picking, and the internet and social networks are a big help.
1. A bank statement
If they're really lucky, a statement might indicate your overdraft limit as well as your full name, address and account number. Shred, burn or rip em up, before binning them
2. A credit card statement
This won't contain your PIN, so they can't use the card account in a British retailer, but it could be enough information to enable the fraudster to purchase from foreign websites. Shred, burn, rip..
3. Access to your social networking pages
It may seem innocent enough, but many people innocently reveal enough information on Facebook, My Space or other social networking sites for a fraudster to guess their PIN and passwords. Don't make it too easy. Change them regularly.
4. Direct mail
Fraudsters are always on the lookout for direct mail containing an offer of a credit card or loan, with your details filled in that they can intercept. Once a crook has one fake account in your name, it's easier to open others. Shred, burn, rip...
5. Your driving licence or passport
These documents provide vital photographic ID that can be amended by an expert and used to prove that he or she is actually you. Secure them securely....they are worth 50,000 GBPs
6. Replies to phishing e-mail
Phishing e-mails are messages that appear to be sent from your bank or other trusted authority and are designed to capture your personal or financial information. Always remember that banks never ask for your PIN or internet banking details. Don't respond to scam stuff...
7. Your PINs and passwords
These are essential if a criminal wants access to any of your accounts or to use your payment cards. Guard them securely and change them regularly
8. A catalogue
Mail-order catalogues may appear innocuous enough, but if they're stamped with your name, address and account number, a thief could claim you've moved home and hijack your spending limit. Shred, burn, rip up anything with your name and address on it before binning
9. Your CV
Most CVs had a lot of personal information, such as your name, address, date of birth, employment history and marital status. Your CV contains so much information that could be used to impersonate you that some online job search services are advising people to be careful before uploading them to to their sites Be selective and question people who want your details.
I agree that it is difficult if you are looking for work and broadcasting lots of CVs in an uncontrolled manner. Keep a spreadsheet of who you have contacted (Company, Contact person, phone number) and when, also which CV version they have but 'be aware' that not all e-mails asking for CVs or CV updates are genuine.
Question them! and do some research on THEIR contact details and website credentials. We all know how easy it is to create a believable or viable website!
If in doubt, don't do it! or severely restrict the amount of personal information on the CV provided. Think of it like this; someone (an attractive stranger) has just stopped you in the street and asked for your contact details; name, address, phone number, e-mail address, etc. In return, you get a moment's 'hope'; hope of a job, hope of money, hope of a future. It is a very attractive offer!
Would you do it? Consider under what circumstances you would do it and why? Consider also how you could replicate those 'conditions' online, when responding to requests for personal details?
10. Online banking information
A prime target for credit-hungry fraudsters, who often set up fake websites to con genuine account holders into parting with their access data. Never click a link in an e-mail directing you to a supposed banking site - it could be a trap. Watch out for scam e-mails and don't click on anything from anyone you don't know
The snail mail post and mailing lists, is the most likely way that ID fraudsters would get hold of some of your personal details. The crooks' top choice of method is to forward your mail to a collection address. This was the cause of 36% of identity frauds during 2007. Check with the Post Office if your mail suddenly stops arriving
In second place, with 30% of cases, comes present address fraud, in which someone living at the same address - often flats with communal postal delivery areas - steals your mail. Previous address frauds, when the criminal uses your name and a previous address to take over your ID, account for 24 per cent of cases. Make sure your Postie knows you (I am Spartacus) and make sure your post box is secure - change the lock if you are suspicious or paranoid
Other popular cons to steal your personal details include:
- Stealing your stuff /belongings
- Tenancy fraud, where the tenant uses the landlord's details to borrow money
- Jackal fraud, when the criminal uses personal details of a dead person
- Card not present fraud, which occurs when someone has your credit or debit card details, but not the card, uses it on the internet or over the phone
No comments:
Post a Comment