High tech identity theft is less common than you think

[nsane.forums]

Did you know that most identity theft is done the old fashioned way, by stealing your mail, wallet, or social engineering on the phone? That's what we learned at the Secure360 conference today.

We’re attending the Secure360 conference in (surprisingly) sunny St. Paul, MN this week, learning everything from lockpicking to disaster recovery. It’s a great event and reasonably priced, so if you’re in the area we highly recommend attending every year.

One topic that interested us was identity theft, especially with the catchy title of, “Identity Theft Prevention – YOU ARE VULNERABLE!” We went into the session, presented by Kelley “Mike” Archer, and were prepared to hear about all of the cool (and scary) technology attacks in the wild that are stealing everyone’s identity.

What we learned instead was that high tech attacks, such as spyware and phishing, make up only 15% of all identity theft cases. Instead, most identity theft attacks are basic things like someone stealing your purse/wallet, taking mail from your mailbox, and dumpster diving. What a letdown!

The information was a big eye-opener though. We spend a lot of time making sure our IT systems are secure, and it’s definitely important, but don’t forget the physical world. Did you know that your credit card is worth roughly $5 on the black market, whereas your medical insurance card (in the United States, anyway) is worth $50?

Some interesting stats from the lecture:

• 12 million people are affected by identity theft every year
• Only 300 arrests per year
• 11% of adults paid for fraudulent products or services in 2011
• 1 in 80 have had mail stolen from their physical mailbox
• 70% of victims have trouble clearing their name
• Credit card is worth $5 on the black market
• Medical insurance card is worth $50 on the black market

How do you protect yourself? Make sure you don’t keep your social security card with you unless you need it, put your wallet in the front pocket to resist pickpockets, don’t give personal information over the phone unless you are the one who initiated the call, and don’t put your mail in an unlocked mailbox. Unfortunately, you can follow every possible precaution, but if companies you do business with don’t have the same protections in place, data could leak out from those sources.

View: Original Article