May 1, 2007

Expert: Thinking like a predator key to preventing identity theft

WEST LAFAYETTE, Ind. -

Since performing financial transactions online is becoming an increasingly common way to do business, a Purdue University expert says it is more important than ever to employ a proactive approach to preventing the theft of personal data."Many individuals don't consider security action plans until after an intruder has penetrated their personal information," says Beverly J. Davis, an associate professor of organizational leadership and supervision at the College of Technology locations in Lafayette and Kokomo. "The result is a reactive and ineffective approach that fails to take into account the technology of today.

"Today's intruders are savvy, and preventative measures must be taken in order to prevent intrusion into personal space. A few simple, yet effective steps can make all the difference."

To help people protect themselves, Davis has created what she calls the Security Penetration Prevention Action Plan. It contains a series of questions that she says everyone should ask themselves on a regular basis, even if they have no reason to suspect someone might have accessed their information.

"The Federal Trade Commission has reported that the average victim of identity theft is unaware of the problem for 12 months, and the reality is that waiting that long to realize there is a problem could be a destructive and devastating mistake," Davis says.

"The key is to prevent such an occurrence in the first place, and the best way is by essentially working backwards and asking the questions that a perpetrator might ask."

 Davis says some questions include:

*  What are the intended goals of a potential predator?

"Most likely, the intruder wants to access your personal banking account, credit card information and Social Security numbers to 'become you' and financially benefit. Give personal information only to associations and organizations you feel confident have strong security measures in place to protect your data."

*  What means will potential intruders take to achieve their goal?

"One of the most common techniques used is social engineering, where the intruder uses psychological tricks to gain the confidence of you or a family member. It relies on the human tendency to trust and assist others. Examples include spam or phishing, which uses sophisticated e-mails and fake Web sites designed to mimmick those from legitimate financial institutions or organizations. It is important to be aware of this technique, make sure all family members are aware of it and stay current on the latest scams that are out there."

*  What extent might an intruder go to in order to succeed?

Davis says it is important to realize that psychological tricks used by identity thieves might include going so far as contacting your financial institution and claming to have lost a debit card or credit card.

"Often, all that is needed to obtain account-related information is easily obtained security information, such as your mother's maiden name. If at all possible, ask any institution that holds your personal information to require a harder-to-obtain method or password," she says.

Davis says failing to stay on top of who might be accessing your information can have dire consequences, such as a damaged credit history that will take years to clean up.

"The most important thing that anyone can do is monitor their credit report regularly through free sources such as http://www.annualcreditreport.com  to detect errors and make sure all members of the family are aware of some of the pitfalls identity thieves are using to try to trick consumers," she says. "As technology improves, so do the devious tactics of potential intruders. That's why it's so important to follow these steps. Prevention starts with awareness."

Writer: Kim Medaris, (765) 494-6998, kmedaris@purdue.edu

Source: Beverly Davis, (765) 586-8945, bevjd@purdue.edu

Purdue News Service: (765) 494-2096; purduenews@purdue.edu

To the News Service home page

Newsroom Search Newsroom home Newsroom Archive