Identity Theft Check

CETA, the 4,000 strong network of insurance intermediaries, is urging its brokers to promote identity theft insurance.

The risk of this type of fraud is increasing for UK consumers; losses from plastic cards used for Internet, telephone and mail purchases totalled £290.5 million in 2007, although CETA believes the figure could be much higher.

While the crime is mainly associated with credit card fraud, identities are also being stolen to open bank accounts, divert mail and apply for social benefits and mortgages.

According to the network’s managing director, David Quick, identity theft insurance is relatively cheap and can provide invaluable practical assistance to victims.

Mr Quick is concerned that many organisations do not appear to look after customers’ records well and that as criminals become more resourceful, consumers are beginning to live in fear of identity fraud.

The Financial Services Authority has recently completed a survey of the data security systems of 39 firms in the financial services sector and has gone on to warn that businesses must do more to protect customers’ personal data.

The utility of the British ID card programme is predicated wholly upon the success and efficiency of brand spanking new the National Identity Register (NIR) – started just this year (2008).

The system has been described by Government as being easy-to-use and extremely secure, containing personal identification for adults living in the UK – adults, in this case, being anyone over the age of 16 years.

The NIR scheme will be run by the Identity and Passport Service (IPS). The Government predicts that it will take several years yet for the NIR to become fully operational with everyone registered on and with it. Although this year saw the first enrolments of foreign nationals into the scheme, ID cards for British citizens are not expected to be available for issue in the UK before 2009.

The initial stages of the ID card programme will see them being issued to British citizens who apply for passports, either for a first time or to renew and old one, although they will eventually be available to people who do not want passports as well.

 For those who are resident within the UK but who are not British citizens, all residency permits, registration certificates or residency cards will take the form of an ID card instead.

The NIR scheme will eventually become compulsory, although the exact timescale of this has not been ironed out yet. Once it does become compulsory, all British citizens over the age of 16 will be required to have an ID card by law, although we are told that it will not be compulsory to carry it around with us at all times.

If you have reason to believe that you have been a victim of identity fraud concerning credit or debit cards, or online banking, or any cheques, you should report your concerns to the financial institution that is honouring that debt for you by extending you credit or cashing your cheques (or whatever).

State your case clearly and give as many details as possible. Every financial institution has some sort of hotline for this kind of thing, just check the back of your statements or online for details.

Wherever possible it should be the account holder who makes contact with the financial institution. Once you have reported the matter it becomes the responsibility of the institution to run its own investigation to ascertain the extent and nature of the fraud.

Where deemed appropriate, the institution will contact the police, logging the criminal activity with these correct authorities and allowing matters to proceed to formal police investigations and/or any arrests

This process only applies to plastic card, cheque and internet banking fraud and was introduced just last year in 2007, in an effort to minimise the red tape and difficulty for consumers to report their suspicions reduce and thereby streamline the commencement of appropriate action by the authorities..

If the suspected fraud does not involve your credit or debit cards, or cheques or online banking, you should still report your concerns to the relevant financial institution and then depending on how they advise you, you may have to go to your local police station to report the crime.

One of the most endemic forms of internet fraud comes in the form of what is commonly referred to as ‘phishing’. This is when a would-be (or actual) criminal impersonates a trusted institution, company or organization in an email in an attempt to make you reveal personal information.

Can you think how many “I am the Finance Minister of an African state overrun by guerrillas. Please give me your banking details so I can put a bazillion US Dollars in it for safe keeping” scams you have seen or heard of circulating the net?

But not all of these scams are quite so embarrassingly obvious, with some being highly sophisticated forms of fraud.

Entire bogus websites have been created in the past that replicate perfectly the legitimate websites of certain banking companies, and if you follow the link in the email sent to you by such fraudsters there are often very few clues to indicate that you aren’t at the legitimate website of your online banking account. If you enter your account number and security codes you are then certain to be robbed.

The trick here is to never email you bank account details back to your bank. No bank asks you to email them your passwords or account details. Likewise, do not follow links in emails that seem to be from your bank, instead just type their web-address into your browser and go there yourself to verify whatever claims are being made in the email.

Another form of ‘phishing’ is when you receive emails offering bogus job offers. These are intended to harvest your full name, address, CV, telephone numbers and, if they can get away with it, your banking details.

Don’t be fooled into thinking that as long as you don’t send your banking details you cannot be affected by some sort of scam. A friend of mine once gave her name, postal address, email address and messenger details to what she thought was a potential employer just so that she could receive more information about the ‘job’ being offered. She then received a batch of sealed boxes in the post that her would-be ‘employer’ told her was sent by mistake and asking if he could pop around to pick them up.

He did, but it turned out that the goods were by fraud or were illegal in themselves (my friend didn’t find out which). She was arrested a fortnight later and had her laptop computer and her Nokia 6500 Classic mobile phone confiscated for analysis as part of a major investigation into whatever internet crime she was implicated in.

The whole process was very invasive, with all her private computer files, emails and mobile phone messages being analysed by the police, before finally being acquitted without charge.

Another thing to watch out for is posting too much personal information on internet social network sites like MySpace or Facebook. Some criminals spend hours surfing through accounts that do not have strict enough security settings, harvesting information that may be used for various unwholesome deeds…

You have been warned…!

One of the most common forms of illicit (if not always illegal) PII acquisition comes from the harvesting of email addresses by various companies in order to send out seemingly endless amounts of advertising in the form of ‘junk mail’.

There are, however, more acute threats to our security that come from electronic sources and resources.

Having our computers ‘hacked’ into or infected with a ‘Trojan Horse’ virus or ’spyware’ are sure-fire ways to lose sensitive information. Hacks and some viruses can give another party access to our computer files and at the very least may reveal our email addresses, our friends’ email addresses, our internet browsing habits and even internet account passwords – all of which can be used for potentially nefarious and certainly nuisance ends.

The worst that can happen from having a compromised computer would be having private files sent across the internet without our knowledge to someone who wishes to use any sensitive information contained within them for criminal activities (such as fraud and theft).

Always be sure to have an active firewall and anti-virus software running when you are online and never download any files or programs from sources you don’t trust absolutely.

Similarly, private information can be gleaned from old and discarded computer equipment that has not been reformatted, destroyed or otherwise rendered unreadable before disposal. Never throw out a computer without first having at least deleted all relevant personal information from it.

In fact the best course of action might be to send your computer to a trusted source for reformatting and recycling, that way you protect your personal data and also help minimise your carbon footprint in some small (but always important) way.