November: Identity Theft—It Could Happen to You

Sample Tweets, Posts, and Materials to Reduce the Risk of Identity Theft

Authors:: Becki Mendivil
Published:: Monday, June 6, 2016
Columns:: Cybersecurity and Privacy

min read

Campus Security Awareness Campaign 2016
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View the other monthly blog posts with ready-made content, as well as a printable calendar with the 12 topics. Learn more.

Identity theft may be the most frequent, costly, and pervasive crime in the country. Help your end users take precautions to reduce the risk of identity theft and be prepared for what comes next in case they do become a victim of identity theft.

Get the Word Out

Newsletter Content

The threat of identity theft (ID theft) is real, and it can take months or years to recover once you become a victim. Recent statistics show that each year approximately 15 million U.S. residents have their identities used fraudulently. In addition, nearly 100 million Americans have their personal information placed at risk of theft each year when records in databases are lost, stolen, or accessed by unauthorized individuals. EDUCAUSE research shows that 21% of respondents to the annual ECAR student study have had an online account hacked, and 14% have had a computer, tablet, or smartphone stolen. Here are some tips to help prevent ID theft:

Read your monthly statements carefully. Review bank, credit card, and pay statements, as well as other important personal accounts (e.g., health care, social security). If a statement has mistakes, charges you don't recognize, or doesn't arrive when expected, contact the business.
Shred outdated documents. Make sure you shred any documents that show sensitive financial or medical information before you throw them away.
Be careful when sharing personal info. Avoid responding to pop-up ads, e-mails, texts, or phone messages that ask for personal information such as your Social Security number, password, or account number. Legitimate companies don't ask for information in this way.
Protect your online accounts. Create strong passwords or passphrases that are at least eight characters long and include a mix of letters, numbers, and special characters. Don't use the same password or passphrase for multiple accounts.
Limit use of public Wi-Fi. If you must use a public wireless network, make sure it is fully encrypted before sending sensitive information. Use HTTPS (for websites) and SSL (for applications like e-mail) whenever possible, and use a VPN (virtual private network) if you have access to one. Save your most sensitive browsing and work for when you are in a place where you know the Wi-Fi is secure.
Use secure devices. Whenever possible, encrypt your hard drive, make sure operating system and application software and plug-ins are up-to-date, and install antivirus software (and keep it current).
Keep personal information private. Limit what you share on social media. For instance, don't share your vacation pictures publicly until you return home (so thieves don't target your empty home).
Review your credit report every year. You can request a free annual credit report.

If you've been a victim of ID theft:

Create an Identity Theft Report by filing a complaint with the Federal Trade Commission online (or call 1-877-438-4338).
Use the Identity Theft Report to file a police report. Make sure you keep a copy of the police report in a safe place.
Flag your credit reports by contacting the fraud departments of any one of the three major credit bureaus: Equifax (800-525-6285); TransUnion (800-680-7289); or Experian (888-397-3742).

It Only Takes Seconds for Them to Take Everything

Use this image to support your message (click for larger image).

Social Posts

Be discreet about what you tweet! Don't overshare personal info. #IdentityTheft
Use long, complex #passwords or #passphrases as your first line of defense to protect online accounts. #IdentityTheft
Legitimate businesses will never ask for your account password. #IdentityTheft
HTTPS and #VPN are not just for geeks—protect yourself! #IdentityTheft
Free #WiFi hotspots can be dangerous. Avoid financial transactions while connected. #IdentityTheft
Review monthly financial statements & shred outdated documents before throwing them away #IdentityTheft
Check your credit report annually. Request free reports here: https://www.annualcreditreport.com/index.action #IdentityTheft

E-Mail Signature

Ask staff to add a tip to their e-mail signature block and link to your identity theft page.

Example:

John Doe
Chief Information Security Officer
University of XYZ

Protect Yourself from Identity Theft. Learn more. [Link "Learn more" to your institution's identity theft page or link to the FTC's consumer information about Protecting Your Identity.]

Embed or Share Videos

Resources

Share these resources with end users or use them to inform your awareness strategy.

It Only Takes Seconds for Them to Take Everything (poster) [Use something like this for caption above and link picture to Pinterest post.]
When You Least Expect It (video) [Share this short, educational video.]
IdentityTheft.gov can help you report and recover from identity theft.
Learn about current scams and how to protect yourself by visiting Fraud.org.
Get more tips for protecting your identity.
StaySafeOnline.org offers a tip sheet for victims of cybercrime.

Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).

ParentTopics:: Data Security Data Privacy Identity Theft