chevron-down Created with Sketch Beta.
MARCH 2020 | TECHNOLOGY TRANSLATORS

Identity theft and fraud: How to evaluate and manage risks

by Daniel William, cyber security director at IDStrong

Fraud and identity theft have run rampant over the years, leaving millions of victims in their wake picking up the pieces of their life – or what’s left of it.

To stand up to identity theft and the vicious criminal minds behind it, you need to take steps to determine your risk factor. Knowing what information can cause damage and how severely it can harm you will help with risk management. Preventing identity theft means protecting your critical data at all costs.

What is critical data?

Critical data is any form of personally identifiable information unique to you. You should never share this data with anyone unless necessary and stored in a secure, physical location like a home safe or safe deposit box. If there comes a time that you have to share your private information with a company, make sure to get a copy of their privacy policy.

Critical data you should keep under lock and key:

  • Birth certificate
  • Social Security Number
  • Taxpayer Identification Number
  • Insurance policy number
  • Bank account number
  • Credit card number
  • Driver’s license number
  • Employer Identification Number

Your risk of identity theft hinges on what direct information or “critical data” an identity thief has on you. Criminals can use collected data to compromise your current accounts. Thieves can impersonate you by using your data to get more forms of identification or employment details.

In addition, there are other forms of data that can cause a significant amount of damage and loss when compromised by thieves:

Private physical data. An identity thief will use “physical data” or any information they can collect from your mail or trash as an opening to get your critical data. When investigators want to find out about a suspect, the first thing they look at is the person’s habits. Identity thieves know about this tactic, and use it to frightening effect.

Some forms of physical data include:

  • Residential address
  • The RFID tag of pets
  • Unsolicited mail (brochures)
  • Account numbers for utilities such as water, gas and internet
  • Billing statements

Identity thieves will go through a target’s trash to look for discarded mail or billing statements. You can safeguard your information by using a shredder on all your mail before throwing it out. Put a lock on your mailbox and always drop off your outgoing mail in the post office.

Public data. Public data is trickier to handle because the information is available to everyone. Identity thieves use publicly available data to search for critical details to compromise their target. When criminals turn to public data, they already have the name of their mark or know them personally.

Some forms of public data include:

  • Telephone numbers
  • Employer name and address
  • Doctors and medical providers
  • Email address
  • Social media
  • License plate

This list is far from complete, and there’s more personal data floating around the internet than people care to admit. The goal is to give you an idea of what public information about you is available to the public so you can take steps to manage your risk.

The problem with public data

The main issue with public data is that they contain more information about people than necessary. Government public records such as court filings, driving records and property deeds are prime examples of this. By its very definition, public data is “open,” and you can’t control how others use it.

Identity thieves are getting better at finding creative ways of using public data to find their victims. Unless there’s a 100% guarantee that businesses and the government take the necessary steps to protect the information they collect, you’re not safe from a determined criminal who’s out to steal your identity.

ABA Law Technology Today was launched in 2012 to provide the legal community with practical guidance for the present and sensible strategies for the future. LTT brings together practicing lawyers, technology professionals and practice management experts from a wide range of practice settings and backgrounds. LTT is published by the ABA Legal Technology Resource Center.

Daniel William is a cyber security director at IDStrong. His great passion is to maintain the safety of the organization’s online systems and networks. He knows that both individuals and businesses face the constant challenge of cyber threats. Identifying and preventing these attacks is his priority.

Original link: https://www.lawtechnologytoday.org/2020/01/identity-theft-and-fraud-how-to-evaluate-and-manage-risks/