Identity Theft and Phishing
"Identity Theft" is when one person learns personal information about another person; then uses the information to masquerade as that individual.
Personal information can consist of some or all of the following: full name, Social Security Number, date of birth, and financial account numbers (including PINs or passwords). At the least, this information gives a thief the ability to access existing banking and credit accounts; create new accounts, such as loans, credit and/or mortgages; and use those accounts under the victim’s name. In extreme cases of identity theft a victim’s identity could be used for drug trafficking or other criminal purposes.
Phishing is a popular, high-tech scam used to steal personal information. Phishers will send pop-up messages and/or e-mails that attempt to convince others to submit personal information through e-mail or on a fake Web site. A phishing scam usually threatens a consequence, such as loss of funds or loss of account access; if there is no response to the message. If you respond to them, your account credentials will be compromised and you should immediately change your password. Neither the IT Group, nor any other legitimate institution would ever request this kind of information from you via email.
You will always recognize an email from the IT Group because messages from us will always be addressed to:
- the Student or Faculty/Staff GAL
- we will identify ourselves at the beginning of the message as the KSC IT Group
- our messages always tell you to, “Contact the IT Group HelpDesk at 358-2532, email firstname.lastname@example.org or stop by our office on the 2nd floor of Elliot Hall with questions concerning this or any other technology issue”
- our signature line provides location and contact information.
The IT Group nor any legitmate institution will ask you for your personal information via email or text. There is never an exception to this rule.
If you unsure, call the business and talk to a manager about the contact if you are suspicious. Many online companies also have an e-mail account specifically for reporting fraud and phishing scams, and will request that you forward suspicious e-mail so they can use it to help fight identity theft.
Spyware is another method of gathering personal information. Spyware programs can track keystrokes and browsing habits, which means a thief can use the tracking results to figure out the usernames, passwords, and access codes used on the computer being tracked.
Visit these Web sites for more information on Identity Theft and Phishing and how to keep your information safe:
- Federal Trade Commission Consumer Information on Phishing
- US Department of Justice Federal Trade Commission
- Identity Theft and Assumption Deterrence Act
- Identity Theft Resource Center
Who’s at the center of security? You are!