International security and conflict resolution Junior Delene Almissouri has never been a victim of identity theft, but as a customer service representative for a phone card company she has heard of many victims.
Almissouri had an encounter with a customer who was reluctant to give out her credit card information over the phone.
"I asked her why she was doubtful, why she couldn't trust me, because on our Web site it stated, '100 percent security and satisfaction guaranteed,'" Almissouri said. "She mentioned that she was the victim of our previous customer service representative."
Almissouri quickly told her boss about the women's concerns, who informed her about a former employee who would take down the credit card numbers, expiration dates and security codes on the back of the cards. The employee would use the information to carry out personal transactions such as getting her nails and hair done and for ordering items online.
"Typically, when you order, the billing address matches the credit card but the shipping address could be different," Almissouri said. "So that is why all these orders were going through because she had all the customers' information. She put her own address as the shipping address."
The fraud Almissouri was informed of was on a much smaller scale than the crimes committed by the 11 people recently indicted in the largest documented case of identity theft in history.
Numerous indictments for large-scale identity theft Eleven people from five countries were indicted for hacking several major retailers and stealing more than 40 million credit and debit card numbers, the Department of Justice announced on Aug. 5.
Of the 11 people who were indicted, three resided in the U.S. The rest were from countries that included Ukraine, Estonia and Belarus, according to Murray Jennex, an associate professor in the Information and Decision Systems department of the College of Business Administration at San Diego State. He is also a certified information systems security professional and an expert on the methods and processes thieves use to capture both credit card information and consumer identities. Jennex described how some foreigners and U.S. residents might cooperate in order to hack American retail stores.
"The Internet is global," Jennex said. "Once a foreigner gets a local person to figure out the wireless access point to get into that network, they can plant their attack software and then conduct the attack from outside the U.S."
The people indicted were part of an organized crime ring selling credit card numbers and credit card information in the open market. In such a market, high-limit credit cards are more expensive than low-limit credit cards, Jennex said.
Once people buy the debit or credit card numbers, they use the cards for a couple of days and try to charge as much as they can. To counteract this, credit card companies use fraud detection systems to try to stop the charges before they accumulate excessively, Jennex said. Victims of identity theft are left to live with the consequences.
"The greatest consequence is the time it will take to get their identity cleared," Jennex said. "The person could need credit cards, or they might want to rent an apartment or get loans in their name." According to www.IdentityTheft.com, college students consist of 34 percent of all identity theft victims, representing the largest demographic of those at risk for having their identity or credit stolen.
How can students protect themselves? Jennex suggests students use a multipronged defense against credit card fraud and identity theft. He recommends the use of patches to protect their computers from attacks. Jennex said a patch is a piece of code that overwrites a computer's existing code to fix the vulnerability.
"There are hundreds and thousands of criminals surfing the Net looking for vulnerable computers," Jennex said. "Not patching just opens your computer to attack."
Microsoft Corporation, Apple Computer, Inc. and other vendors issue patches. Any company from which a person buys software will issue a patch, Jennex said.
"One lesson from this crime is enabling open or weak wireless networking that can bypass your regular protection - like your firewall," Jennex said.
People shouldn't enable unsecured wireless communication or connections. An individual's computer and the network should be password protected and in stealth mode; it should be using the advanced wireless protection and protocols, Jennex added.
"Another lesson from this is that you need to continuously monitor your credit," Jennex said. "You should be looking at every monthly bill and make sure they're accurate. Every year, check your credit report. What you're looking for are accounts in your name that you don't have, that somebody else has unlawfully opened up in your name."
Everyone has the right to a free credit check once a year through the credit-reporting agencies, Jennex said. He advised students to avoid carrying out unsecured credit card transactions over the Internet as well as sending credit card information over e-mail.
Be the first to comment on this article!