Staying Secure Electronically
1 like353 views
The document details the rising threat of data breaches, highlighting 1,093 incidents in 2016, predominantly impacting healthcare and credit agencies. It provides strategies for protecting personal information from identity theft, including credit freezes, fraud alerts, and secure practices for online and email communications. Additionally, it outlines the different types of identity theft and offers recommendations for safeguarding data, such as using complex passwords and two-factor authentication.
Staying Secure Electronically
- 1. Keeping Your Data Secure Jennifer Ellis Jennifer Ellis, JD, LLC [email protected] Copyright Jennifer Ellis, all rights reserved
- 2. How Many Data Breaches in 2016? • 1,093 data breaches for U.S. companies and government agencies – 40% increase from 2015 • Most data breaches never discovered • Most data breaches never reported • At least half involved Social Security numbers – 4 breaches exposed 120 million Social Security numbers • Health care is a common target – Responsible for half of breach notifications affecting 500 or more individuals – Averaged one health data breach per day • More than 27 million patient records https://www.bloomberg.com/news/articles/2017-01-19/data-breaches-hit-record-in-2016-as-dnc-wendy-s-co-hacked http://www.securityweek.com/number-us-data-breaches-increased-2016-report https://www.healthcare-informatics.com/news-item/cybersecurity/report-healthcare-sector-hit-hard-2016-data- breaches
- 3. Credit Agencies • Equifax – mid May through July 2017 – 143 Million U.S. consumers • If you have a credit report, you were probably affected – Names, Social Security numbers, birth dates, addresses, drivers’ license information. – Credit card numbers from 209,000 – Dispute documents from 182,000 • Equifax – May 2016 – W2Express website • Downloadable W-2 forms for Kroger employees • Tax data and salary details • Equifax, Experian & Transunion – March 2013 – Focused on celebrities and high profile figures • Michelle Obama, Paris Hilton, Hillary Clinton, Robert Mueller – Credit reports – Used publicly available information to bypass security questions • Experian – September 2013 through September 2015 – Million U.S. consumers • Applied for financing from T-Mobile – Names, birth dates, addresses, Social Security numbers, drivers’ license information and more
- 4. Credit Cards in 2016 • $16 billion in fraud and identity theft • 15.4 million Americans • Card not present biggest form of fraud – 40% increase from 2015 – This gets around chip-embedded cards
- 5. Identity Theft and Scams
- 6. Protecting Yourself • Sign up for insurance – Check your homeowners policy • Get copies of your credit reports frequently – Should come with insurance – AnnualCreditReport.com • Each agency must give one every 12 months for free – Do not sign up for “free” companies that are not well known
- 7. Credit Freeze • Credit Freeze (security freeze) – Prevents opening new accounts – Will not protect already open accounts – Have to call each agency • There may be a fee of between $5 and $10 • Equifax: 1-800-349-9960 • Experian: 1-888-397-3742 • Transunion: 1-888-909-8872
- 8. Fraud Alert • Fraud Alert – Concerned you may become a victim – Prevents unverified access for 90 days • Extended Fraud Alert – Already a victim of identity theft – Seven years • Contact one of the companies listed previously – That company will inform the others – No fee
- 9. Web & Email • Be careful of websites – Even trustworthy sites can have malware – Many fakes websites • Use quality malware protection – Webroot – Norton – Etc • Do not click on links – Go to the website directly • Use a link checker – https://validator.w3.org/checklink • Do not open unexpected files – Even if you know the person
- 10. Email is Not Secure • Do not send private information through email • Add encryption – See https://www.lifewire.com/you-should- encrypt-your-email-2486679 • Put in an encrypted file and attach
- 11. Encrypt USB Drives • If you store data on USB drives, add encryption – See https://www.pcmag.com/article2/0,2817,249272 6,00.asp
- 12. Phone Scams • Fake number on caller ID • Often from other nations • Try to scare people into paying money
- 13. Protect Your Phone • Use a password • Turn on encryption – Search how do I encrypt (type of phone) – Follow instructions • Do not jailbreak your phone • Do not add applications from unknown sources • Check what applications access • Turn on find my phone • Use malware software • Keep up-to-date
- 14. PHONE SCAMS ARE COMMON
- 15. Homeland Security Scam • Claim to be from Department of Homeland Security – Immigration – Called ID shows 800-323-8603 • Hotline number • Never used for outgoing calls – Demands person prove who they are – Sometimes tells person they are a victim of identity theft
- 16. FBI • Claim to be from FBI – Claim they are investigating person – Demand money or will be arrested – Spoofs local FBI phone number • FBI does not call to demand money or threaten arrests • Get information about local offices – https://www.fbi.gov/contact-us/field-offices
- 17. Can You Hear Me? • Voice asks “Can you hear me?” • You respond yes. • They record the yes and use it as a voice signature to approve various things. • Just hang up if they call • If you already said yes, check your bank and credit card statements for unauthorized charges
- 18. Fake Bank Numbers • Text you claiming that your bank is concerned about a charge • Provides a number for you to call • You call the number, they ask for information • They use that information to steal from your bank account • Always make sure you call the bank directly
- 19. Computer Support • Claim to be from Microsoft or Apple • Ask for information to log in to accounts • Ask to be able to take control over your computer • Ask for money to pay for services they claim they performed
- 20. TYPES OF SPECIALIZED FRAUD
- 21. Arrest Fraud • Someone uses your name and information when arrested • You end up with a warrant • You get pulled over • You get arrested • Requires a lawyer’s assistance
- 22. Child ID Theft • Begins with child’s social security number • Create entirely new identity on child – Government benefits – Bank accounts – Credit card accounts • Often not known until child is an adult • Check your child’s credit too
- 23. Tax ID Theft • Use your Social Security number to file fake tax return • Unknown to you until you try to file your own – Or you receive a warning letter from IRS • If occurs – File a complaint at identitytheft.gov – Contact one credit bureau and set fraud alert – Contact all financial accounts • Close and create new ones – Complete IRS form 14039 – Identity theft affidavit
- 24. Medical ID Theft • Steal personal information to – Obtain medical care – Buy drugs – Submit fake bills to Medicare • Solution, contact: – Department of Health & Human Services – Inspector General – Medicare Call Center – Federal Trade Commission
- 25. Social ID Theft • Someone creates an online social media presence using your information – Often uses such information to fool people into giving them money • Commonly used in romance scams • Periodically search your name and photos online • Watch out for warnings from friends
- 26. TIPS .
- 27. Get a Good Shredder • Not Strip Cut • Cross Cut is fine • Micro Cut is best • Shred: – Documents – Cards – CDs/DVDs
- 28. Getting a New Computer? • Shred the hard drive – There are places that do this • Use data destruction software – See https://www.pcmag.com/article2/0,2817,249272 6,00.asp
- 29. Wi-Fi • Secure your home wi-fi – https://www.pcmag.com/article2/0,2817,240975 1,00.asp • Don’t use free wi-fi • Don’t use hotel wi-fi • Get a hot spot – Often $20 per month – Can get pay as you go
- 30. Passwords • Choose complex passwords – https://identitysafe.norton.com/password-generator/ – At least 14 characters, preferably more – Mix upper, lowercase, numbers, and if allowed, special characters – Change high risk passwords every 3-6 months • Use a tool such as LastPass to remember passwords – That way you only have to remember one – Make it extremely secure • Do not repeat passwords
- 31. Two-Factor Authentication • Uses two steps to protect accounts – When you forget a password – When you try to use a new device • Sends a code to your cell phone – Enter the code on the device you are trying to use the account on
- 32. Additional Issues to Consider • Use firewalls • Do not use computers you don’t know • Closely watch banks and credit cards • Don’t carry Social Security card • Don’t let mail pile up – Put it on hold if going away – If bills seem late or don’t arrive, call the company
- 33. Keeping Your Data Secure Jennifer Ellis Jennifer Ellis, JD, LLC [email protected] Copyright Jennifer Ellis, all rights reserved