Protect yourself, spouse and dependents against identity and credit card fraud with the following steps:
Review Your Financial Information
-
Review billing and banking statements carefully for unauthorized activity
-
Review your credit reports quarterly at https://www.annualcreditreport.com/index.action
-
Watch for changes in mail patterns. Have certain financial statements stopped arriving in the mail or has mail stopped altogether?
-
If you use online banking for credit cards and/or typical banking tasks, set up alerts (either text messages or emails) for transaction limits, withdrawals, daily account status, etc.
-
If you notice anything suspicious, contact your bank, card issuer or credit agency and correct it immediately
Detect Medical Identity Theft*
Read your medical and insurance statements regularly and completely. They can show warning signs of identity theft. Read the Explanation of Benefits (EOB) statement or Medicare Summary Notice that your health plan sends after treatment. Check the name of the provider, the date of service, and the service provided. Do the claims paid match the care you received? If you see a mistake, contact your health plan and report the problem.
Other signs of medical identity theft include:
-
A bill for medical services you didn’t receive
-
A call from a debt collector about a medical debt you don’t owe
-
Medical collection notices on your credit report that you don’t recognize
-
A notice from your health plan saying you reached your benefit limit
-
A denial of insurance because your medical records show a condition you don’t have
*The information in this section comes from an FTC web page about medical identity theft, referenced below.
Secure Your Devices
Much of this applies to tablets and smart phones, as well
-
Keep your computer patched – that includes the operating system as well as 3rd party applications
-
Run an antivirus client
-
Enable the built-in firewall
-
Create a standard user account for everyday use and use the administrator account only when necessary
-
Watch out for phishing attacks – someone asking you to reply with sensitive information, open up a malicious attachments or directing you to visit suspicious websites. If you do receive a phone call, email, or text indicating that there might be an issue with an account, it is best to contact the financial institution directly by using the number on the back of the card (for a credit card) or the phone number on your bank statement, rather than using a phone number included in the original email or phone call. Never give out personal information over the phone when you did not initiate the phone call.
Use Strong Passwords
-
Use a strong password for your important accounts.
-
Consider separate passwords for your important accounts
-
If multi-factor authentication is available, take advantage of it
Additional Security Information
Additional information may be found in the references below. While the first was written in 2008, the information is still pertinent; the only thing that has changed is how much more frequent breaches of personal information have become.
Information Security References:
http://www.consumer.ftc.gov/features/feature-0014-identity-theft
http://www.consumer.ftc.gov/articles/0171-medical-identity-theft
https://www.udayton.edu/udit/safe-computing/index.php
If you want more information on any of the above or have any questions, please don’t hesitate to contact Dean Halter or the UDit Service Center:
Dean Halter, CISA, CISSP
IT Risk Management Officer, UDit
937-229-4387
dhalter1@udayton.edu
UDit Service Center
937-229-3888
helpdesk@udayton.edu