Identity Protection

A: Frankly, I do not recommend online banking, but for the following reasons, I do distinguish online banking from online shopping.

With online banking, the most you can do is to be sure to routinely update Windows patches and use a good antivirus program, such as Norton; and install firewall software (I like Zone Alarm, and it’s free for personal use). Also, installing Spybot helps prevent keystroke logging and installing Ad-Aware helps prevent spam. Both are free at www.download.com, legitimate, and somewhat effective. In addition, when on a bank’s website, look for an “s” after “http” in the URL, as well as a lock symbol in the lower right-hand corner of the screen, which indicates the transmission is encrypted.

Note, however, that neither Internet technology nor any other security mechanism is 100 percent effective.

Online shopping is a different matter: Here you do not use your bank account or Social Security number. Further, if a credit card number is stolen and fraudulently used, most credit card companies bear the burden and the victim is usually responsible for $50 at most.

One important point: Do not link your credit card to your bank account (either checking or savings), such as for overdraft protection purposes. Do not give perpetrators another opportunity to access bank accounts through credit card accounts.

available to the agents. What kinds of information should those reporting identity theft provide?A: Persons calling in to the center to report identity theft should provide the call center agent with two things: the police report number and the name of the police officer who took the victim’s complaint.

Before processing any claims information, the agent should first verify that the incident has been reported as a crime to a police department.Q: Given how many threats exist to security in today’s world, what can organizations do to keep their businesses secure? A: There are many practices a business can institute. Currently, many businesses use traditional guidelines to safeguard information. These standards were devised from the study of infosecurity management and pyschology.

Traditional guidelines covered such issues as how to select your employees, how to develop an honest culture and how to perform risk assessments. However, these guidelines are too often seen as rigid, and so they haven’t been modified to meet the needs of infosecurity in the 21st century.

I’ve written about how to update these standards, so that organizations can comply with federal laws on safeguarding information. (For more information, reference Collins’ book, Prevent Identity Theft in Your Business). Q: Where can I find more information on identity theft?A: Both the Michigan State University Identity Theft University-Business Partnerships in Prevention and the ID Theft Crime and Research Lab, established in 1999, perform victim advocacy and train law enforcement (federal and state) on first responses to identity theft and on how to investigate crimes of identity theft. They also conduct ID theft investigations for victims, consult with businesses to secure personal information, conduct research on identity theft and identity crimes, and, at the MSU School of Criminal Justice, offer graduate classes for the Information Security Management and CyberCrime Investigation Certification.

Other sources provide specific information. For example, the Federal Trade Commission collects data from victims and reports annually on incidents of identity theft. Another resource for victims is the Privacy Rights Clearinghouse at www.privacyrights.org.