Identity Theft Definitions
Dumpster diving refers to the practice of rummaging through trash cans – a “low-tech” technique that often produces non-shredded personal information that thieves can use or sell.
Insiders such as friends, family members, relatives, employees and live-in caregivers can abuse their access to privileged information such as personnel records, payroll information, insurance files, account numbers or sales records.
Keystroke logger or key logger can be downloaded or installed unwittingly onto your computer or laptop. Once installed, a keystroke logger will record everything you type, including any user IDs, passwords and account or personal information. Thieves know how to retrieve this information, and can even set up programs to automatically have the information sent back to them. This is a very real risk when using public or shared computers such as those in public kiosks or Internet cafés.
Mail fraud can take on several forms, from official – and legitimate-looking – letters to offers that seem too good to be true. These include letters informing you that you’ve won a prize, requiring that you pay shipping and handling fees that can total hundreds and even thousands of dollars, and then never shipping any prize. Before responding to such an opportunity you may want to contact the Better Business Bureau to check out the business or charity, or in the case of any type of securities or pyramid offer, check with the SEC.
Mail theft includes searching mailboxes for pre-approved credit offers, bank statements, tax forms, convenience checks and credit card payment envelopes that have been left for postal carrier pick-up.
Malware is a generic term used to describe all kinds of malicious software, including viruses, worms, Trojans, spyware, adware, hoaxes and other online practices used to damage or disrupt a computer system and/or obtain sensitive information.
Phishing is an attempt to criminally and fraudently accquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.
Phone fraud is a tool for obtaining sensitive information. Be very cautious about providing personal or account information over the phone unless you initiated the call. If you receive a call from your bank or a company asking for this type of information, always ask the caller to provide a call-back number, which you can then call to verify authenticity.
Shoulder-surfing is when an identity thief, standing close to you in a checkout line or crowd, memorizes your personal information such as name, address, phone number or PIN number when you perform financial transactions like writing a check or using an ATM. An identity thief can watch you punch in your phone or credit card numbers at a public phone – or overhear you when you give your credit-card number for a hotel room or rental car. It can also be somebody standing near you in a crowded place observing when you fill out a form or enter your login and password in a public kiosk or Internet café.
Skimming is the practice of stealing credit/debit card account numbers as cards are processed at restaurants, stores or other business locations, using a special data collection/storage device.
Spyware is software that consumers unknowingly install that can track online usage and personal information. The risk it involves is that sensitive information like user IDs and passwords can be easily misused by unscrupulous individuals or organizations.
Social engineering an attempt to obtain sensitive information or gain unauthorized access to a system or facility by deceiving an unsuspecting party. Social engineers often rely on the natural helpfulness of people in order to obtain information.
Telefunding and disaster-relief scams occur when scam artists call, e-mail or write to you requesting contributions to nonexistent charitable causes. Be extra cautious of anyone calling you representing a disaster (such as an Asian tsunami or Hurricane Katrina) relief organization. Sadly, these tragic events create a way for thieves to take money from well-meaning people. Always ask for the name of the organization they are representing – and call the organization directly before giving your money away.
Telemarketing fraud is a type of phone fraud, although similar fraud is conducted via e-mail, in person and even by fax. Typically, you’re offered a “get-rich quick” opportunity and are pressured to act right away and send money for more information. The information never comes, but your money is gone. Before responding to such an opportunity you may want to contact the Better Business Bureau to check out the business or charity, or in the case of any type of securities or pyramid offer, check with the SEC. Any time someone asks you to wire money, or to cash a check and then wire a portion of that check to them, it is almost certainly a scam. Wiring money is like giving cash to the recipient and there is nothing your bank or any legal authority can do to help you get it back.
Travel scams include calls, e-mails or letters from individuals awarding you prizes such as vacations. More often than not, these calls are scams. Although the offer may sound like a great deal, it usually involves being asked to provide a credit card deposit. A legitimate prize or free gift should not cost you money.
Trojan horse a type of e-mail virus usually released by an e-mail attachment. If opened, it will scour your hard drive for personal and financial information. It collects and sends your information to the thief’s database.
Worm a self-replicating computer program that uses a network to send copies of itself to linked networks with or without human intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.