Home > Best Practices

IDENTITY THEFT STATISTICS

• Identity theft hits 1 in 4 U.S. households
• 10 million Americans will be a victim of identity theft this year.
• 26 Times More Likely To Be A Victim Of ID Theft Than A Violent Crime
• 21 Times More Likely Than To Have Your Home Burglarized
• 13 Times More Likely Than Being Divorced
• 19 percent of consumers report that financial information, including a bank or credit card number, has been misused.
• 14 percent say they've had personal information such as a Social Security number or birth certificate taken.
• Loss to businesses in the U.S. exceeds $50 billion annually due to identity theft
• On average, identity theft victims spend 175 hours of their personal time and $800 to clear their names
• On average it takes victims 14-16 months to clear their name
• One in six Americans (17 percent) say they've had financial information stolen (bank or credit card number)

Source: Federal Trade Commission, The Gallop Organization poll, Consumer Sentinel and Identity Theft Data Clearinghouse

INFORMATION TO STAY SAFE:

OnGuardOnlline.gov: Stop - Think - Click

There are many great resources available to help understand and prevent all forms of identity threats. One organization, OnGuardOnline.gov provides practical tips from the U.S. federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information. The Federal Trade Commission (FTC) maintains OnGuardOnline.gov as a useful resource.

WHAT TO DO TO PROTECT YOURSELF FROM ID THEFT

It's important to protect your personal information, and to take certain steps quickly to minimize threats.

• Protect your computer by having an active, updated firewall. Comodo Firewall is free and will protect your PC malware and viruses.
• Monitor your credit report to detect any potential abuse. Keep in mind that fraudulent activity may not show up right away.
• Verify the identity of every site you want to purchase from with a new tool called VerificationEngine. This free plug-in can authenticate the home page logos of over 200,000 sites
• Before you purchase, look for the padlock on the bottom right. Better yet - look for the URL address to turn green when you are ready to make a purchase. That way you are sure that the site and business owner have been authenticated.
• Keep your passwords safe. First, pick "strong passwords" - that is passwords that have special characters to them, (e.g. %, ^) that it is not easy for a Key logger and Trojan to guess. Also, don't pick your birthday or your first/ last name.
• Never give anyone your user ID, PIN or password, even if they appear to be a representative of a trusted firm. (This where VerificationEngine can take the guesswork out of verifying that the site can be trusted.)
• Be particularly wary of emails that appear to come from banks, credit card or other trusted companies asking you to update your security information.
• Always type the web address of trusted websites into the browser yourself. Don't click on links in emails.
• Don't enter personal or financial information unless the web address starts with 'https://' and there is a small padlock in the frame of the web browser window. (If you roll your mouse over the padlock, you will see additional company information to help establish trust.)
• If an email offer sounds too good to be true, it probably is.
• Be wary of anything that tries to alter your dial-up internet access

EARLY WARNING SIGNS THAT YOUR IDENTITY MAY HAVE BEEN COMPROMISED

Watch for signs of identity theft:

• Late or missing bills.
• Receiving credit cards that you didn't apply for.
• Being denied credit or offered less favorable terms for no apparent reason.
• Getting contacted by debt collectors or others about purchases you didn't make.

WHAT TO DO IF YOUR PERSONAL INFORMATION HAS BEEN COMPROMISED

The bottom line for online threats like phishing, spyware, and hackers is identity theft. ID theft occurs when someone uses your name, Social Security number, credit card number or other personal information without your permission to commit fraud or other crimes. That's why it's important to protect your personal information.

• Close compromised credit card accounts immediately.
• If someone steals your social security number (SSN), contact one of the three nationwide consumer reporting agencies - Equifax, Experian, or TransUnion - and place an initial fraud alert on your credit reports.
  • An initial fraud alert stays on your credit report for 90 days. When you place this alert on your credit report with one nationwide consumer reporting company, you'll get information about ordering one free credit report from each of the companies. It's prudent to wait about a month after your information was stolen before you order your report. That's because suspicious activity may not show up right away. Once you get your reports, review them for suspicious activity, like inquiries from companies you didn't contact, accounts you didn't open, and debts on your accounts that you can't explain. Check that information - like your SSN, address(es), name or initials, and employers - is correct.
  • Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
  • Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 2002, Allen, TX 75013
  • TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
• Contact relevant government agencies to cancel and replace any stolen drivers licenses or other identification documents, and to "flag" your file.
• Consult with your financial institution about whether to close bank or brokerage accounts immediately or first change your passwords and have the institution monitor for possible fraud.
• Place new passwords on any new accounts that you open. Avoid using your mother's maiden name, your birth date, the last four digits of your Social Security number (SSN) or your phone number, or a series of consecutive numbers.

HOW TO AVOID GETTING CAUGHT IN A "PHISH" NET

Phishing is a scam where Internet fraudsters send spam or pop-up messages to lure personal and financial information from unsuspecting victims. Often the email may refer to confirmation of an account or verification of an activity. The message may ask you to "update", "validate" or "confirm" your account information. The messages direct you to a website that looks just like a legitimate organization's site. But it isn't. It's a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

To avoid getting hooked:

• Don't reply to email or pop-up messages that ask for personal or financial information,
• Don't click on links in the message.
• Don't cut and paste a link from the message into your Web browser - phishers can make links look like they go one place, but that actually send you to a different site.
• Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card, or type in the web address yourself.
• Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
• Don't email personal or financial information.
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

HOW TO REPORT IF YOU HAVE BEEN A VICTIM OF A PHISHING SCAM

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe you've been scammed, file your complaint at ftc.gov, and then visit the FTC's Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft.

You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

Legal      Privacy Statement      Terms of Use      Comodo Security Solutions, Inc. 2009. All rights reserved.

Comodo offers essential infrastructure to enable e-merchants, other Internet-connected companies, software providers, and individual consumers to interact and conduct business via the Internet safely and securely. Our PKI solutions including, SSL Certificates, Extended Validation Certificates, Code Signing Certificates as well as Secure E-Mail Certificates, increase consumer trust in transacting business online, secure information through strong encryption, and satisfy many industry best practices or security compliance requirements with SSL.