Harden yourself and your family as a target. Make the commitment now to go through your purse or wallet and take out those items that identify your family. Carry in your purse or wallet only needed or required items. When you need to visit an ATM, be wise in your selection. Find one that has very good lighting at night and is attached to the bank. Wait in your car until the ATM is free. Once you leave the car, lock the door behind you, preferably with your electronic door key if your car has one. When you complete your ATM transaction and turn to go toward your car, use the electric key button to open the door so you can quickly get into your vehicle. Immediately lock your car door, and leave the bank area. Do not sit in the parking lot to count your money, as you remain a target to a thief.
Lastly, go through your car for any other items that may be considered “identifying” paperwork. Think to yourself, if my car was broken into tonight, what information would thieves get about my family? Child identity theft prevention begins by taking proactive steps to protect you and your family.
Question #24: What is child-targeted phishing and pharming?
Imagine you are on a riverbank and want to cast your fishing pole into the water. You have no idea exactly what fish, if any, may lie below. All you want to do is to throw your bait out there and see what bites. If you were using a computer instead of a fishing pole, and your targets were people instead of fish, that would be phishing. But wait: don’t some fishermen like saltwater fishing, and others like freshwater fishing? Wouldn’t some of the anglers rather fish a lake for bass, while others love the taste of a deep-sea flounder?
Phishing thieves are the same way. Some target adults, while others target children. Some thieves target Internet games and others target e-mails with lottery scams. What is consistent in phishing is that they intend to take from you more than you will receive.
Child identity theft in phishing is when your child is targeted with scam e-mails to get them to respond back with personal information. The e-mail appears to be from a legitimate company. The e-mail often tempts children with free computer games or other enticements if they “register” with personal information. Phishing scams are not designed to give you anything of value, regardless of their claim. Their main goal is to get your personal information, family information, credit information, or bank information.
In addition to phishing is “pharming.” Pharming is a computer hacker’s attack on a website that redirects traffic to another bogus website. There is also “drive-by pharming.” Drive-by pharming uses the JavaScript on a website created by a computer hacker that reconfigures broadband routers. When a child clicks on a link, the hacker’s JavaScript changes the Domain Name System (DNS) settings to reconfigure your home’s broadband router.
The end result is that the hacker has control over what your child sees or what they believe they see. If the computer is shared, your next session on the computer could have you believing you are going to your bank’s website, when in fact you are headed to a fake hacker site that looks like your bank’s website. Once you enter your user ID and password, the thief is able to drain all your financial accounts.
Parents should watch for an increase in “pop-ups” on their children’s computer. Pop-ups are a sign that the child’s computer may have been attacked by hackers who are collecting information from their computer as it runs. These same tech-savvy criminals might be using keystroke collection technology to gain access to all passwords on the computer.
Quite problematic for law enforcement officials are the phishing and pharming scams from foreign countries. Local and state police are powerless in enforcing any laws against people outside the United States, and federal law enforcement agencies have very little authority or power to influence those who do have the enforcement authority in a foreign country. Policing the Internet is difficult, if not impossible.
Several tips to protect your child include the following:
Never trust a stranger on the computer.
Never give out personal information over the computer.
Verify information received via another source, such as a telephone directory.
Do not fall prey to threats. If you receive threats, contact the police.
Look for a lock at the bottom right of your web browser, or the “https://” at the beginning of the web address for secure information transmission.
Look for web addresses that are numbers instead of letters as a red flag.
Look for grammatical errors.
Be cautious of offers that are too good to be true, as they usually are.
Be cautious of friend referrals, as a friend’s computer may have been compromised.
Change your password often with a “hard” password. A hard password is one that is complex, unrelated to easily obtained personal facts about your child, and contains different styles of characters such as numbers, upper- and lowercase letters, and characters such as *, #, @, !, or ^.
If you dispose of an old computer, be sure to remove the hard drive, which may contain valuable information about your child.
Question #25: How can malware access my child’s personal information?
In February of 2009, a Chicago man noticed suspicious activity on a bank account he set up for online purchasing. According to an article written by Jennifer Waters for MarketWatch,3 six months later this man had accumulated over $900,000 worth of bills. What is equally disturbing is the fact that the victim has spent over $100,000 of his own money in an effort to clear his name, and clean up his damaged financial history, due entirely to criminal identity theft.
How did this happen? In this case, the thief used malware. Malware, short for malicious software, is a computer malicious code that is stealthily inserted into your computer and “sleeps” until you access pertinent data. Its design is to disrupt your computer, steal information, and gain access to your computer systems. For this victim, the culprit was keystroke malware that recorded him entering his computer and captured the strokes of his password as he accessed his bank account.
The victim mentioned above was no child. He was a sophisticated, very intelligent individual who possessed a doctorate degree, yet he found himself victimized by malware. The point here is that this individual had advanced education, yet thieves still were able to get into his computer and manipulate what he thought was private and protected personal information.
Malware began as an experimental worm prank in early Internet MS-DOS systems. Since its invention, malware has migrated into sophistication. Modern malware may come to you in the form of a virus, worm, or Trojan horse. It can steal your child’s information and any information they might have on your family in their computer.
Below are suggestions for what you can do to help prevent a thief from using malware on your child’s computer:
Ensure all computers you use have virus and malware protections.
If you receive an e-mail from someone you do not know, delete it.
Use strong privacy settings on your computer.
Scan your e-mails for viruses with your virus software before you open them.
If a friend sends you a website link and a strange message or file, delete the e-mail.
Do not forward chain e-mails.
Delete all unwanted messages without opening.
Do not click on advertising you are not familiar with.
Keep your security patches up to date.
Spyware is another tool that easily enters your computer. Spyware seeks to track your child’s preferences on sites they visit, purchases they make, and ads they click on. Spyware does not spread like a virus. It is installed by exploited security holes or packaged with user-installed software, or peer-to-peer applications. Your best protection from spyware is to install a service such as SpyHunter, which can be found at www.enigmasoftware.com.
Does your child have an Android phone? Technolog, on NBCNews.com, conducted a study that found that Android malware is up 400%.4 Did you know that fifty bad applications, or apps, currently c
arry malware? According to an article by NBCNews.com titled “Malware infects more than 50 Android apps,” users’ personal information could be at risk.5 Before you allow your child to install an app on his or her phone, make sure to check the permission the app is asking for. If the app needs more permission than is required, avoid it. Never install an application package file (APK) on your child’s Android phone unless you are absolutely sure it is 100 percent safe. This may require you to research the app to find reviews others have done on the app. Lastly, be cautious of “free” apps, as they may not truly provide the free service the user intends to receive. A free app may contain a virus.
Parents must be involved in their child’s computer usage regardless of age. A download from the wrong site may send their child’s identity down a path of irrevocable damage. The supervision kids complain about now may save them from financial ruin or physical harm should they encounter a hacker. Is your child prepared to defeat a hacker? Protect yourself, and your child, with education and prevention.
Question #26: Why do children who have grown up with rules around computers still fall victim to scams?
Scams are big business for a small segment of society. Their ability to survive in the identity theft market depends on their success rate in stealing children’s identities. If you look closely at child identity thieves, their methods are like mutating viruses. Criminals are always devising new scams because law enforcement officials become aware of their tactics, inform the public, aggressively investigate their crimes, and help the legislative community develop appropriate laws.
This cycle is challenging even for law enforcement agents. They must stay trained on the latest techniques being used, and communicate continuously with other law enforcement agencies. If child identity theft challenges law enforcement professionals, imagine the obstacles for parents who have little education on the crime. If you look hard at this scenario, it would seem that children do not have a chance.
The question one must ask oneself is, where do I begin? We have spent a great deal of time developing computer usage rules in schools and at home. Some rules protect you from a system crash, and some protect you from being physically harmed. The rules that parents, school administrators, and children agree on are easy to enforce. All should easily agree that you must have some type of virus program on your computer to survive.
Children who have grown up with computer rules fall victim to scams because they are not educated on child identity theft, scams, or fraud. Many children believe that they are smarter than their parents, who were not raised in an advanced electronic age, but rather adapted to advanced computer programs, iPods, BlackBerries, texting, and other electronic devices. The truth is that, as parents, the more complex your life, the less time you have to spend on electronic luxury items; therefore, you focus on exactly what you need to do to get through your daily activities, and possibly less time on educating yourself on how to protect your child against identity theft.
Children see handheld electronic games as fun pastimes and entertainment. They view the games as challenging and an expansion of their learning. What they often do not see are the potential dangers associated with computers, gaming, cell phones, SMS, and texting. Parents understand that scams do exist, and offers too good to be true raise red flags. Children, including young adults, need to understand this as well, hopefully to help them avoid falling victim to electronic invasion and theft.
How do you reach your children? By this I mean, how do you impress upon them important messages in life? The best influences in children’s lives are their parents and guardians. Children will adhere to what they know you will enforce. They will be receptive to what is best conveyed in a way that they will understand. You know how to reach your child’s mind. Talk to them about security protocols. Discuss and reiterate that danger lurks when you let your guard down.
Our children are very smart and will surprise you. Give them the opportunity to come to you with suspicious items they receive. Talk to them as a family to help other family members best comprehend what lurks outside. Share what you have learned from news items and other sources to help battle cyber crime.
Lastly, challenge your local and state police to bring the community the latest education on scams, schemes, cons, and harmful crimes. Mutating crimes are best fought as a community. Child identity theft will only be defeated when we make it unprofitable.
Question #27: What is a medical “lobby listener,” and how can they harm my child?
Those who work in the medical profession deserve a great deal of respect for caring for the sick and injured. They are specialists in their expertise, and they are admired. The medical profession, however, needs help with understanding what child identity theft is and how it affects children. From doctors and dentists, to orthodontists and pharmacists, each needs to be better educated on the aspects of the crime, as well as how their actions could possibly contribute to someone stealing a child’s future.
Most, if not all, Americans visit a doctor, dentist, orthodontist, or pharmacist each month only to have the receptionist ask the patient to verbally verify information. Most, if not all, times this is done for everyone in the waiting room to hear. Quite often these offices have clipboards asking you to write down personal information on a check-in sheet left in public view. Want to know a patient’s name? Just sit in the waiting room. Trying to guess where they live? No need to—the pharmacy employee may require you to tell them in open questioning. What can a thief do to steal a child’s date of birth to get a credit card? Simply sit in the waiting area of any of these service providers.
Health information is stolen each and every day by “lobby listeners” who camp out in the waiting area of a service provider listening for both children and adults to comply with medical requests. Thieves do not need your family policy number when they have your name, address, telephone number, Social Security number, and reason for your visit to a service provider’s office. Armed with this information, a thief can call your insurance company, provide the last doctor, dentist, or medical specialist visited, reason for the last visit, and personal identifying information, and the insurance company will provide the thief with the child or adult’s identifying medical insurance number.
If you followed a patient through their medical visit, you would notice that identity theft starts with the doctors’ offices and continues with the pharmacy. Customers visiting a pharmacy are asked almost all of the same questions that the doctor’s office receptionist asked for everyone in the lobby to hear. The difference is that the pharmacy employee will discuss openly with a parent what medication has been prescribed for your child, and the details of how your child should use it. As you wait for your child’s prescription to be filled, you may shop for food, cards, laundry detergent, and more, but a thief immediately uses the information he or she overheard to begin the application process for fraudulent credit in your child’s name.
It is worth reiterating once again that children are fifty-one times more likely to be victimized. The description above is of just one method. It does not take into account theft from “shoulder surfing,” which is the act of a thief looking over someone’s shoulder when he or she is working on a computer. It also does not account for theft from within the office by staff, custodian personnel, or after-hours break-ins where files and information are stolen.
So what can we do to help the situation? Parents are definitely the key to information security. In most cases, you can have a direct impact on the security of any medical office you frequent. Advise the medical staff that you are concerned about identity theft and prefer to write down information to answer their questions, unless they allow you to go in a private setting where no one can hear your answers. The more often parents say this to our service providers, the less likely the staff will continue asking private questions in the current format.
Another great suggestion is to talk to your doctor during the visit. Ask your doctor if he or she is aware of child identi
ty theft. Education is the key with child identity theft. If parents, doctors, pharmacists, teachers, and the community understand the crime, then all will certainly take more proactive measures to help protect our children. Success in defeating child identity theft will be found in community awareness and proactive prevention steps.
So let’s get started. Next time you are at the office of a service provider for a medical visit, ask to see your child’s medical file. They will probably be caught off guard and not want you to take it from the office. That is fine. Just ask to sit in a quiet room and view the file. What are you looking for? Most importantly, you want to look for anything that you did not approve. Are there doctor’s visits you did not bring your child in for? Surgery or procedures your child did not have? Changes in your child’s blood type, address, or age?
Make the same request of your pharmacy. Get a printed list of all medications that have been issued to your child over the last year. Review the list for unapproved items. Unapproved items are red flags that can not only stop child identity theft, but just may save your child’s life.
Question #28: How can my child’s school inadvertently jeopardize personal data?
Teachers are a special class of people. They are great with children, they love their work, and they love to develop young minds. They have the best interests of children in their hearts and minds at all times. Teachers, principals, and school administrators and staff just need education in areas in which they do not specialize, such as crime.
Identity theft education is the responsibility of law enforcement. It is not as easy as you might believe because scams mutate very often to avoid law enforcement. Staying abreast of the latest child identity theft trends is a challenge. Thank goodness easy steps can be taken to help maintain an approach through prevention in our schools to protect children of all ages.
Child Identity Theft Page 7