Since 1987

300 Montgomery Ave.,  Oxnard, CA. 93036              (805)988-9540    

E:Mail  nccorthu@sbcglobal.net   http://www.cal-pactech.com/

Edited by G.W. Orthuber

Be vigilant against viruses

 

This season, protect yourself against viruses

And worms. And Trojan horses. These Internet vermin are composed of malicious code that can infect and wreak havoc upon your corporate network and beyond in a matter of hours. They are alarmingly prevalent -- as many as 250 new kinds are encountered every month. They most often enter your system by way of an innocent looking e-mail, attachment, Internet site or downloaded file. Keep the following in mind:

• Be sure anti-virus software is installed and running on your computer or laptop, and that it is updated regularly. If you're not sure, ask your company's system administrator or technology help desk.
• Avoid potential virus hazards:
• Don't open unsolicited e-mails with suspicious subject lines, and don't open unsolicited attachments.
• Don't download music, graphics and other non-business related files from the Internet
• Don't surf suspicious Internet sites.
• Don't load or install non-business related items from personal diskettes and CDs onto your company-issued computer. Check with your company's system administrator or technology help desk to approve installation of new business related software.
• If you think your computer has been infected, immediately shut down your machine and inform your company's system administrator or technology help desk, as well as the people at your company who are responsible for information security.
• When you receive a virus alert from a well-meaning relative, friend or even a colleague, there is a good chance that it is a hoax. Don't pass it along. To verify if a virus warning is a hoax, check the virus hoax pages on the web sites of major anti-virus software vendors.

 

 

 

Keep your password strong and protected

 

Don't share it . (No matter what you learned in kindergarten.)

When it comes to passwords, it's not nice to share. Your password is secret and confidential; be sure to keep it that way. Never divulge your password to anyone, whether in person or over the phone -- no matter who asks, no matter why they say they need it. If anyone ever asks for your password, report the incident to your system administrator or technology help desk, as well as to the people at your company who are responsible for information security.

 

Intruders look for passwords posted on your computer, under your keyboard, inside your desk, on your bulletin board and in every other area of your workspace. This is why it's best not to write down your password at all. But, if you must write it down, treat it like money and keep it in your wallet or another secure location.

 

1. Keep your password private

1.   Do not share your password with anyone for any reason, no matter who asks. If you divulge your password, you create a risk that someone may purposely or even unintentionally put it to improper use. Anyone with a legitimate need to access your account should be provided with a proper way to access it without using your password.
2. If properly trained, your company's IT support staff and other technology professionals will not ask you for your password. Be aware that a common--and quite convincing--ploy used by intruders is to pose as an IT support person or other technology professional who needs your password.
3. If possible, don't write down your password. If you must write it down, keep it in your wallet or another inaccessible place and protect it like money. Never leave it anywhere near your workspace--that would be like leaving the keys to your house in the front door lock!

 

 

 

Most important, keep your password strong by following these rules:

1. Use eight or more characters.
2. Mix upper-case and lower-case letters with numbers and special characters.
3. Choose a password that is difficult to guess or hack, but that you can remember without having to write it down. For example:
4. Choose the first letters of words in a title, song or poem. For example, Book One: Harry Potter and the Sorcerer's Stone becomes b1HP&tss.
5. String several words together (the resulting password is also known as a "passphrase") and insert numbers and special characters. For example, turn "go to town" into go2^*ToWn.
6. Insert punctuation or numbers into a regular word. For example, turn "regular" into rEgu!4lar.
7. Deliberately misspell words (don't use a common misspelling). For example, turn "common" into koM*7on.
8. Combine several preferences, such as hours of sleep desired and favorite colors. For example, yeL(8Low.
9. Don't use personal information such as your name (or the name of a relative or pet), birthday or hobby, because these are easy to guess.
10. Don't use a correctly spelled word in any language, because "dictionary attack" software can crack these in minutes.
11. Change your password regularly -- this way, if your password does fall into the wrong hands, it won't be usable for long. It is best to change your password every 30 days. Other intervals that are sometimes used are every 60 or 90 days.

 

 

 

 

 

 Protect information at your Workspace

 

Who left the keys in the car with the doors unlocked?

You did, if you walked away from your desk with your screen unlocked and confidential papers in view. Remember: Information thieves look for opportunities. When a workspace is unattended, an intruder could get at sensitive papers or sit down at an unlocked screen and gain access to the network. Before stepping away from your desk, follow these workspace security steps:

1. Clear your desk of confidential papers.
2. Lock your computer with a password-protected screen saver.
3. On Windows NT and Windows 2000 systems, press CTRL+ALT+DELETE and then select Lock Computer. For questions about other systems, please consult your company's IT support personnel.
4. If you use a laptop, be sure it is securely locked with a laptop cable (laptop cables are often available via your company's procurement personnel, and they are available through office-supply vendors).
5. At the end of the day, lock drawers, cabinets and doors.
6. Before you go home, log off the network. Then, turn off your computer (unless you have been specifically instructed to leave your computer on overnight to facilitate automatic software updates and maintenance).

 

 

 

Be alert and aware of "social engineers"

 

Just say "No."

It's natural to want to be helpful. But beware of "social engineers" who try to take advantage of your good nature in the workplace in order to compromise proprietary business information and resources. They might appear in person, or call on the phone, or contact you by e-mail. They might claim that they're from your technology help desk or from the phone company. They might even threaten to report you if you are not cooperative. Remain polite but don't be intimidated, and just say "No" at times like these:

1. If anyone at all asks you for your password
2. If an unknown person without an ID asks you to let them in to your workplace or tries to follow you into your office (ask who they want to see, and have that person admit them and sign them in)
3. If an unknown caller asks you to connect them to an outside line, or asks you to disclose telecommunications information such as your calling card number or a list of company telephone numbers
4. If an unknown person, or someone whose authorization level you are unsure of, asks for information that you know is confidential company, client or personal information

 

Respond with a few questions of your own. Politely ask for proof of identity, for a callback number and for the name of their manager or company contact. If their authorization does not check out, report the incident immediately to your company help desk and to the people at your company who are responsible for physical and information security.

 

Similarly, if strangers in your company's office appear to be where they should not be, politely ask a few questions to verify who they are and why they are there, and, if their authorization does not check out, report the incident immediately.

 

 

 

Back to basics to prevent "common" theft

 

Rob a thief of an opportunity

We'd like to think that theft "doesn't happen here." But, it does happen at virtually every office building--and, all too often, we provide the opportunities. We prop open locked doors; leave keys, cell phones, or confidential reports sitting out in the open; store cash in an unlocked drawer; or forget to use a laptop security cable.

 

Theft of property and papers can lead to information security breeches, corporate and personal losses, business interruptions, identity theft, and other headaches. So, rob a thief of an opportunity. Follow these basic rules to prevent "low-tech" theft at the office.

8 Basic Rules to Prevent "Low-tech" Theft

1. If a door is meant to be locked, keep it locked--don't prop it open.
2. Don't allow an unknown person without an ID to follow you into the office.
3. It is OK to politely but firmly confront a stranger. Ask whom they are here to see, then notify that person that their visitor has arrived and is waiting to be admitted to the office.
4. Lock your laptop to a fixed piece of furniture using a laptop security cable.
5. Lock up personal valuables, even if you'll "be right back."
6. It takes only seconds for an intruder to enter your office or cubicle; grab cash and credit cards from the purse in your bottom drawer; take your wallet from the inside pocket of your jacket hanging near your desk; or walk off with other valuables such as PDA's, cell phones and portable CD players.
7. Lock your desk drawers, file cabinets and other storage spaces at the end of the day.
8. Take your keys with you.
9. The first place thieves look for keys is on or near your desk, or in an unlocked desk drawer (sound familiar?). So, take your keys with you.
10. Protect papers that contain sensitive company information or personal data.
11. Before leaving your desk, put away confidential business reports and sensitive personal papers. Shred confidential or sensitive materials before discarding them.
12. Be sure that members of your organization know whom to contact to report a theft or suspicious circumstances.
13. In most organizations, people should contact their local facilities manager or building-security provider.

 

 

 

 

 

 

Use the Internet responsibly and securely

 

Surf away from the rocks ...

... and away from non-business-related Internet sites. When you surf the web at work, follow these security rules to be sure you use the Internet responsibly and securely, and primarily for business purposes.

1. Don't post sensitive company information or company-related comments on message boards, in chat rooms or anywhere else on the Internet.
2. Don't visit inappropriate Internet sites.
3. Some examples of inappropriate sites are pornographic, game and gambling sites.
4. Be aware that in many companies, network-monitoring software keeps track of the sites that users visit. In many cases, access to inappropriate sites is blocked.
5. In the case of certain rogue web sites, the very act of visiting the site could pose a virus hazard. This is an important reason to primarily limit your use of the Internet to conventional and business-related purposes.
6. Don't download non-business-related files to your company's network or to your company-issued computer.
7. Some examples of inappropriate downloads are screen savers, music files, audio files, graphic files, pornographic files, software and software utilities.
8. Downloads from the Internet are often virus hazards.
9. Downloading to a company network takes up precious storage space, decreasing the availability of an essential business resource.
10. Be aware that, in some companies, violation of the corporate Internet-use policy could be cause for disciplinary action.

 

 

Security for your privately owned home computer

 

Home sweet home computer

Your privately owned home computer is a sweet and easy target for hackers if it's unprotected and connected to the Internet. Hackers randomly and successfully scan the Internet for vulnerable, unprotected home computers, looking for passwords, credit card numbers and other personal and financial information. They also want to use your computer to plant illicit software and viruses, and as a platform to launch larger Internet attacks.

 

The good news is that you can protect your privately owned home computer with basic security measures. Home computer security is a very broad topic -- too broad to cover in a few paragraphs - but you can get a jump-start with materials like the Common Sense Guide for Home and Individual Users, which is available for free online at http://www.isalliance.org/resources/papers/ISAhomeuser.pdf. This easy-to-read guide by the nonprofit Internet Security Alliance (http://www.isalliance.org) discusses the nine recommended home computer security actions listed below. View the full text on the Internet Security Alliance web site to become a more informed and secure home computer user:

1. Install and use anti-virus software.
2. Keep your system patched.
3. Use care when reading e-mail with attachments.
4. Install and use a firewall program.
5. Make backups of important files and folders.
6. Use strong passwords.
7. Use care when downloading and installing programs on your privately owned home computer.
8. (More advanced) Install and use a hardware firewall.
9. (More advanced) Install and use a file encryption program and access controls.

 

 

 

Information security when working from home

 

Information security. Don't stay home without it.

Working from home has its own set of information security risks. When you work at home or anywhere away from your office, keep these 8 security essentials in mind.

 

1. Be sure anti-virus software and security patches stay up to date. If you work away from the office for an extended period, there is a possibility that your computer will fall behind on anti-virus updates and security-related software patches. Contact your technology support organization to determine if you are at risk of falling behind. If you are, arrange with them an efficient way to get anti-virus software updates at least once a week and to get other security related patches installed on your computer.
2. Shut down your laptop completely before you return to the office. Some viruses remain in memory as long as your computer is on, even if it is in "Stand by" mode--which means it is still on, but in an inactive, energy-saving state. This could infect the network once you return to the office. So, shut down and power off completely before you get back to the office. (Note that closing the lid on your laptop does not shut it down. Use the proper shutdown procedure: For Windows computers, click the Start button and select Shut Down.)
3. Store company information only on company-issued media. To store company information, use only a company-issued CD, diskette or computer hard drive, or your company's network. Do not use CD's or diskettes that are privately owned or that have been used in a privately owned computer--they are potential virus hazards. Do not save company information on the hard drive of a privately owned PC.
4. Save your work to the network, or make an extra copy. If you have remote access, the company network is the best place to save your work, since most companies makes backup copies of files on the network. If you cannot access the network from home, make an extra copy of your work on a company-issued CD or diskette. Then, copy your work to the network when you return to the office.
5. Don't allow friends and family to use your company-issued computer. An company-issued computer is not for use by friends and family at home. Imagine the risks to your bank account if friends and family of bank employees played, chatted, emailed and surfed the web on the bank's computers! Don't expose the sensitive data of clients, business partners and employees to such risks.
6. Do not install software on your company-issued computer, even at home. Remember that, even at home, most companies allow only their IT professionals to install software on company-issued computers. If you have software that you need installed and it is approved by your company, contact your technology support organization for installation.
7. Guard company information at home as you would at the office. When working from home, guard your laptop, CDs, diskettes and papers that contain company information. Shred or destroy items that contain company information before discarding them.
8. Use only company email for company business. Do not use personal email accounts for company-related email. Use only company email systems for company business.

 

 

Home sweet home computer

Your privately owned home computer is a sweet and easy target for hackers if it's unprotected and connected to the Internet. Hackers randomly and successfully scan the Internet for vulnerable, unprotected home computers, looking for passwords, credit card numbers and other personal and financial information. They also want to use your computer to plant illicit software and viruses, and as a platform to launch larger Internet attacks.

 

The good news is that you can protect your privately owned home computer with basic security measures.

 Home computer security is a very broad topic -- too broad to cover in a few paragraphs - but you can get a jump-start with materials like the Common Sense Guide for Home and Individual Users, which is available for free online at http://www.isalliance.org/resources/papers/ISAhomeuser.pdf. This easy-to-read guide by the nonprofit Internet Security Alliance (http://www.isalliance.org) discusses the nine recommended home computer security actions listed below. View the full text on the Internet Security Alliance web site to become a more informed and secure home computer user:

1. Install and use anti-virus software.
2. Keep your system patched.
3. Use care when reading e-mail with attachments.
4. Install and use a firewall program.
5. Make backups of important files and folders.
6. Use strong passwords.
7. Use care when downloading and installing programs on your privately owned home computer.
8. (More advanced) Install and use a hardware firewall.
9. (More advanced) Install and use a file encryption program and access controls.

 

 

Look out for phone fraud

 

Smooth operators

1. "I'm working with Linda in Telecom--we need you to dial 9, then 0, to test a new feature on the phone system..."
2. "Thank you for your order. $498.98 has been charged to your account. If you wish to cancel your order, call 1-555-555-5555."
3. "Win a free trip for two to the Bahamas! Your vacation is just a phone call away at 1-555-555-5555!"
4. "Your manager has requested that our telemarketing firm no longer make calls to your offices. I'll need a list of all the phone numbers at your location so we can place them on our blocked list..."
5. "Is this Mr. Smith? This is Jane at the phone company. We've noticed an unusual calling pattern on your corporate calling card. Before I go into the details, can you verify your card number, for security purposes?"

 

Telecom crooks contact you and pretend to be someone they're not. They'll instruct you to dial a number for any number of reasons. They want information about phone numbers and calling cards. They want to hack into voicemail systems or intercept cell phone conversations. These smooth operators want to exploit your company's telecommunications resources--and they want you to help them do it. Protect against phone fraud with these 5 security measures:

1. Do not follow dialing instructions from an unknown person
2. Do not dial 9-0 (or any other number) for an unknown person. This is one of the most common telephone scams--it transfers the caller to an outside line to make long-distance or overseas calls courtesy of your company.
3. Do not follow a stranger's instructions to call a long distance or seemingly toll-free number. These numbers can run up huge per-minute bills.
4. Be on the alert if an unknown caller requests internal company information
5. Be aware that intruders often use a simple phone call to try to gather information about business dealings and corporate information systems
6. If an unknown caller asks for internal company information, first ask for their name and callback number, the name of their company and manager, and the name of their contact at your organization. Offer to have someone get back to them after their identity and their authorization to know the information is verified. If their authorization does not check out, report the incident to your IT helpdesk and to the people at your company who handle information security matters.
7. Guard your company calling card
8. When using a public phone, shield the number pad as you enter your calling card number.
9. Do not give your calling card number to anyone, unless you have called your telecom department or phone company to ask a question about it.
10. If someone asks for your card number, ask for their contact information, and then report the incident to the people at your company who handle telecom and information security matters.
11. Guard your cell phone
12. Avoid using your cell phone to discuss detailed confidential business. Cell phones conversations are extremely vulnerable to electronic eavesdropping and to being overheard by passers-by.
13. Report a lost or stolen cell phone immediately.
14. Review your monthly phone bill(s) for accuracy. Report unexpected or suspicious phone activity to your telecom department.
15. Take care with voicemail
16. Be aware that intruders exploit voicemail systems to get company information and to get access to the phone system.
17. Be sure to change the default password assigned to your voicemail account.
18. Never leave sensitive company information in a voicemail.
19. To indicate if you'll be away from the office, leave a simple outgoing message with as few details as possible, such as "I am away from the office starting May 1, returning May 7." Con-artists are known to make use of overly-detailed outgoing messages: "I spoke with Barbara just before she left for her ski trip--she said it's fine to send me the information..." Or, "I'll be in the training session with Jim today, and he asked me to bring him those sales figures. Could you fax them to me?"

 

 

 

 

Resist the risks of instant messaging

 

 

Instant messaging, the popular method of typing online conversations in real time, poses serious security risks. So serious, in fact, that several providers of instant messaging "freeware" available on the Internet warn of the security risks and advise strongly against using their products for sensitive communications. Their instant messaging systems are hosted -- i.e., based -- on computers that are external to your organization's network, and they provide insecure communications connections that should not be used by your organization.

 

Inform members of your organization that externally hosted instant messaging is not permitted on your network and that instant messaging freeware may not be installed on your organization's computers.

 

To understand more about the instant mess caused by externally hosted messaging, see the risks outlined below.

The  Risks of Externally Hosted Instant Messaging

1. Weakened security settings. During installation, instant messaging software may change browser security settings, placing the computer at risk.
2. Readability by intruders. Instant messaging sessions are conducted in plain, unencrypted text, and are an open book to a reasonably skilled intruder.
3. Intrusion on privacy. By design, instant messaging software runs continuously as a background task and broadcasts the computer's presence online even if the interface is closed. (A separate "exit" action is needed to stop it.) In addition, instant messaging software may store the content of an instant messaging session in a log-file that could be read by others.
4. Hijacking and impersonation. Instant messaging accounts are vulnerable to hijacking or spoofing, allowing an intruder to impersonate someone in conversations with others.
5. Malicious code. Instant messaging establishes an open communications channel to the computer that can be exploited by malicious code such as worms, viruses, and Trojan horses.
6. Unauthorized access. Instant messaging users can potentially access each others hard drives and files during a session, placing the computer at the disposal of would-be hackers.
7. Poor password security. Instant messaging software typically stores passwords in a manner that is highly vulnerable to hackers.
8. No virus protection. Instant messaging sessions are not virus protected and can freely spread virus-ridden files.

 

 

 

 

 

 

 Protect laptops, PDAs and other items that store important information

 

Are you carrying hundreds of millions of dollars?

You just might be. It could be in your laptop, briefcase, diskettes, CDs and printed reports. Any items that contain confidential business information could be of tremendous value to your company. And, too often, these items are of interest to thieves and other saboteurs. They even interest people who will literally sort through corporate trash in hopes of turning up valuable business information.

 

We all need to protect sensitive business information and the physical business assets entrusted to our care. Keep the following security essentials in mind at the office and on the road:

 

1. Lock your laptop to your desk or to another fixed piece of furniture using a metal laptop cable (available through office-supply companies).
2. Guard laptops, diskettes, CDs, cell phones and papers at all times.
3. Shred or destroy discarded items containing confidential information.

 

Here's what a stolen laptop could mean:

Millions of dollars of information falling into the hands of a competitor. Hundreds or thousands of hours to re-create the stolen information. Data privacy violations, lawsuits, fines, bad press, lost business and lost shareholder value. Not to mention the risk of intruders gaining access to your corporate network.

 

Your vigilance could mean all the difference! Be sure you know these laptop security essentials:

1. Report a missing laptop immediately to your company's system administrator or technology help desk, and to the people at your company who are responsible for physical and information security.
2. Wherever you use your laptop, use a laptop security cable to lock it to a fixed object.
3. Always lock up your laptop overnight -- and take the key with you.
4. Tape some ID, such as a nametag or business card, to the top of your laptop. This makes your laptop easy to recognize when you send it through airport X-ray, and makes it easier to return to you if it gets lost.
5. When you travel or commute, guard against laptop thieves.
6. If possible, carry your laptop in an inconspicuous bag that does not look like a laptop bag.
7. Never leave your laptop or laptop bag unattended.
8. Keep your arm (or leg, if you set down the bag) through the strap.
9. Never leave your laptop or laptop bag in a visible area of a car; it is best to take it with you out of the car whenever possible.
10. If you place your laptop in the trunk of your car, place it there before you leave for your destination, not after you are parked at your destination. Thieves watch for people who place items in the trunk and then walk away from their car.
11. In your hotel room, lock your laptop with a security cable if left unattended for short periods, and use a hotel safe to store your laptop when you are out of the room for longer periods.
12. Take extra care at times and places where you can be easily distracted, such as:
13. At an airline or rental car counter, when going through airport X-ray, while waiting for a flight
14. While speaking to someone, whether in person, on a mobile phone or on a pay phone
15. While on a train or bus
16. While loading luggage into a taxi - keep your laptop bag with you inside the taxi
17. When a stranger distracts you by asking for assistance or bumping into you - it could be a decoy

 

 

 

Thwart identity theft

 

Prevent an identity crisis

Most companies handle, process, and store personal information of employees, clients, and business partners every hour of every day. It is more important than ever to safeguard this information due to the growing problem of identity theft.

 

Identity theft occurs when someone takes another's personal data--such as their social security number (US), social insurance number (Canada), drivers license number, and birth date--and uses it to commit fraud. The thief might apply for telephone service, credit cards or loans, buy merchandise, lease cars or apartments, apply for a mortgage, even get a job--all in someone else's name. The victim could be left with serious damage to their credit record, their bank account, and their good name.

 

Your vigilance can help prevent identity theft. Follow these security tips at the office to lower your own risk and your company's exposure to this crime.

1. Guard others' personal information as if it were your own.

o Guard sensitive information such as social security numbers (US), social insurance numbers (Canada), drivers license numbers, addresses, birth dates, mother's maiden name, bank account and credit card numbers, policy numbers, health care data and employee numbers.

2. Take care when exchanging sensitive personal data in conversations.

• Do not discuss sensitive information in public places, such as in a restaurant, gym, lobby or elevator, or on public transportation.
• Do not discuss sensitive information on a cell phone, which is vulnerable to casual and electronic eavesdropping.

3. Lock up.

• Lock up sensitive papers and digital media overnight.
• Lock your computer with a password-protected screen saver before leaving your desk unattended.
• Keep your wallet or purse in a locked drawer or cabinet.

4. Don't give passers-by easy access to sensitive papers.

• Put away sensitive papers before leaving your desk.
• Don't leave sensitive papers unattended at copiers, fax machines, or printers.

5. Rather than email sensitive personal information, consider other options.

• Fax it, or send a printed copy in a sealed envelope.

6. Shred papers containing sensitive information before discarding.

• Preferably, use a cross-cut shredder, which cuts paper into confetti-like pieces, rather than a strip-cut shredder, which cuts paper into long strips that can be reassembled.

7. Have an IT professional overwrite or destroy your digital media (such as a CD, diskette, hard drive or backup tape) before discarding.

• Note that when you delete a file using the Windows "Delete" function--and when you empty your PC's Recycle Bin--the file is not actually deleted. Instead, that file's media space is simply made available to be overwritten by other data. "Deleted" data that is not overwritten can still be recovered, possibly by an identity thief.

• Contact your IT support personnel to have them overwrite the data or physically destroy digital media before discarding.

8. Contact internal or external information security specialists to take advantage of their expertise.

• Information security specialists can help you design ways to store, transmit and process sensitive online and paper-based information in a secure manner.

9. Learn more about how identity thieves steal personal information, ways to help protect yourself, and how to take action if you know or suspect you are a victim. You can begin at websites like these:

• Equifax's Identity Theft and Fraud page https://www.econsumer.equifax.com/consumer/forward.ehtml?forward=idtheft_ifyouravictim
• US Federal Trade Commission http://www.consumer.gov/idtheft/
• Solicitor General of Canada Report on Identity Theft http://www.sgc.gc.ca/publications/policing/Identity_Theft_Consumers_e.asp
• Identity Theft Resource Center, a nonprofit specializing in identity theft and victim assistance http://www.idtheftcenter.org/index.shtml

 

 

 

 

 

 

 

 

 

(The following add-on is courtesy of the FTC and OECD Security Agency)

Deterring Identity Theft

Identity theft is the fastest growing financial crime in America and the precursor to other crimes. The number of identity theft victims is increasing at a rate of about 30 percent per year. An estimated 900,000 Americans were affected in 2002. The number of new victims in 2005 is estimated to exceed 1.5 million, with associated losses of $8.0 billion just within the finacial services industry. Identity theft ranks first on the American Bankers Association’s list of fraud concerns.

Identity theft occurs when someone acquires your Social Security number, credit card number, bank account number, or other personal identifying information and uses that information to commit fraud or other crimes. Local criminals commit   identity theft crimes individually or as members of rings – so do organized crimes syndicates and international terrorist organizations. 

 Identity thieves acquire your personal identifying information in many ways. Some computer-savvy criminals exploit opportunities created by the Internet. Others access   public records, employ trickery, or steal business information. Still others rely on old-fashioned methods, like mail theft, stealing wallets and purses, and rummaging   through trash.   Regardless of how it is obtained, identity thieves will use your personal information   to make withdrawals from existing accounts, open new accounts, apply for loans, or   commit other crimes - in your name.

It is predicted that one of every four Americans will become a victim of identity theft.   Typically, victims are not aware for more than a year that their identity has been   co-opted. The first sign often comes from a bill collector, law enforcement officer, or   through an unexpected refusal of credit. By that time, substantial damage already may   have been inflicted on the victim’s assets and credit standing.   Victims of identity theft generally spend 175 hours over two years and pay   out-of-pocket expenses between $800 and $1,700 to repair the damage. Less easy to   quantify, but often more damaging, is the impact on the victim’s good name and   sense of well-being.   Deluxe Corporation, the world’s leading check printer, wants to help you understand   identity theft and know how you can protect yourself from this crime.

 

The facts about  Identity Theft

•  Topped Government’s list of
• consumer frauds for each of the
• past three years.
•  Estimated 12 million
• Americans already affected.
• Complaints to the Federal Trade
• Commision nearly doubled
• between 2001 and 2002.
• Fastest growing financial crime in
• America – 30 percent annual
• growth rate – a new victim every
• 30-40 seconds.
• Estimated 900,000 new victims
• in 2002. Predicted that the
• number of new victoms in 2005
• will exceed 1,500,000.

Deterring Identity Theft

While it is fairly easy for criminals to steal your identity, common sense   can help lessen your risk of falling victim to this crime. These basic   guidelines will make it more difficult for fraud artists to target you:

•  Be careful disclosing information to strangers via the Internet, telephone,   applications or through the mail.
•  Be especially cautious when sharing information over the Internet.   Make sure Web sites have a closed padlock icon in the corner of the   screen before submitting data.
•  Understand how your information will be used before sharing it with   merchants and others. Know if you have a choice about how it is used.
•  Do not share personal information through Internet chat rooms.
•  Install firewall and anti-virus software on your home computer.
•  Avoid using obvious passwords and personal identification numbers on   your computers and credit/debit cards.
•  Use a separate credit card for online transactions.
•  Have checks printed by a reputable check printer like Deluxe, that uses   paper stock embedded with security features that exceed industry guidelines.
•  Don’t include your Social Security number, driver’s license number or   other unnecessary information on checks.
•  Order a copy of your credit report from each of the three credit bureaus   at least once a year.
•  Subscribe to a service from a trusted company that provides check   monitoring/check order screening – like Deluxe ID TheftBlock™.
•  Ask your financial institution if it participates in a program that combats   document check fraud – like Deluxe SecureMail®.
• AN IMPORTANT FACTOR NOT MENTIONED IS DESTROY TOTALLY YOUR PAPERS THAT MAY HAVE ANY PERSONAL OR CORPORATE INFORMATION ON THEM BY USING A PAPER SHREDDER OR BURNING THEM. THE DUMPSTER DIVERS ARE AT WORK IN YOUR TRASH AND AT THE LANDFILLS.. REMEMBER THAT SOCIAL SECURITY NUMBER OR DRIVERS LISCENCE NUMBER OR BANK ACCOUNT NUMBER OR WORSE YOUR CREDIT CARD NUMBERS ARE GOLD

If You Fall Victim to Identity Theft

Sometimes identity thieves can strike even if you’ve been careful about   protecting your personal information. The most important thing you can do   if someone steals your identity is to act quickly. Identity thieves can cause a   lot of damage in a short amount of time. The moment you suspect you're   a victim of identity theft, take the following steps:

•  Contact all affected credit card issuers, financial institutions, telephone service   providers and any other organizations that you have relationships with.
•  File a report with your local law enforcement agency, or the one where the   crime occurred. Get a copy of the police report.

The cost of  stolen identities

•  Average fraud per case:   $17,000
•  Cost to straighten out finances:   $800 - $1,700
•  Contact the fraud department at any one of the   credit bureaus. Whichever bureau you contact, it will   notify the other two.
• Ask that a fraud alert and victim’s statement be   placed on your account file and request a copy of   your credit report.
• Review your credit report(s) carefully for fraudulent   activity. After four months, order copies of your   reports again and repeat the review process.
•  Immediately alert financial institutions, credit card   issuers or any other organization if there is new   fraudulent activity occurring.
•  If the crime involved theft from the mail, contact your local Postal   Inspection office.
•  Call the Federal Trade Commision identity theft hotline to file a report.

Additional Precautions

There are many other things you can do to help prevent identity theft. These   activities can keep your information out of the wrong hands, and can help you   detect possible fraud faster:

•  Shred or destroy credit card offers and other documents   that contain personal information.
•  Consider purchasing a locking mailbox.
•  Don’t leave sensitive mail in your mailbox.
•  Remove credit card numbers from receipts submitted for rebate offers.
•  Photocopy both sides of all credit cards and store copies in a safe place.
•  Pay attention to billing cycles for missing bills.
•  Don’t leave personal information lying around your house.
•  Don’t carry your Social Security card or birth certificate.
•  Examine statements for unauthorized charges.

Important  contact numbers

Equifax

www.equifax.com

Order a credit report:

1-800-685-1111

Report fraud:

1-800-525-6285

Experian

www.experian.com

Order a credit report:

1-888-397-3742

Report fraud:

1-888-397-3742

TransUnion

www.transunion.com

Order a credit report:

1-800-916-8800

Report fraud:

1-800-680-7289

Federal Trade Commission

1-877-438-4338

 

“Who steals my purse steals trash... But he that filches from me

my good name... Makes me poor indeed.”

William Shakespeare

Othello, Act III, Scene iii, 161-165

 

 

IF YOU DESIRE MORE COPIES OF THIS DOCUMENT JUST CALL (805) 988-9540