Preventing Online Identity Theft

If you’re like a lot of people today, much of your exchange of financial information happens through the Internet. An estimated 22.8 million people in the U.S. used online banking services in 2004 (International Data Corporation, 2004). With all of this financially vital information being filtered through the cyber system, it is critical that consumers safeguard their financial futures. And this time of year, when spending is at its peak, is the most essential period to be protective of where all those numbers are going.

Protecting Yourself from Online Fraud

ldquo;People should keep in mind that online commerce is just another way people are trying to gain identity information, but it is still the smallest area people who perpetrate fraud are going after,” explains Zions Bank President of Online Banking Lee Carter. “People should also keep in mind those who go through garbage, or look through mailboxes, or intercept checks or payments on an offline basis. There are a lot of different fronts that you have to consider when talking about identity theft.”

In fact, in most cases, performing financial transactions online in actually safer than those that are sent through the mail. For example, if you use a bank’s online bill payment service, you will be in a secure online session with your financial institution. If those bills are sent in the mail, a perpetrator could potentially have not only your check, but also your account number, personal address, and name—a lot of information he or she could not obtain in a secure bill pay session.

There are, nonetheless, perils to the relatively new method of transacting business and Lee Carter from Zions Bank offers these tips to preventing online fraud.

Downloading Security

1. If you use a PC to transact business, be sure you have a personal firewall that will allow you to maintain your online connection, but won’t allow intrusions into you’re your PC by someone else on the Internet. “Particularly for people who use broadband connections (DSL or cable modems)—a situation where your PC is always on and always connected—firewalls become very important,” says Carter. “Hackers will often look for an open PC online and they can actually come in and overtake your PC and perpetrate online fraud and online problems using your computer without your knowledge because you’ve left your connection open.”

2. Be sure you also have a good antivirus program. This will ensure that if something has been downloaded onto your PC via the Internet without your knowledge, your PC will be able to identify it.

3. Also install spyware prevention software on your PC. Anti-spyware software will look for “spybots” or pieces of code that can get placed on your computer and can watch which sites you visit. “This allows companies to figure out which product advertisement to send you next,” says Carter.

Being Proactive in Your Prevention

These are the “big three” when it comes to programs you can download to prevent online fraud and nuisances, but there are other steps you should take that have nothing to do with downloading programs or purchasing special software.

1. When you surf online, only go to trusted sites. “There are a lot of sites that become ‘dirty’ either with worms or viruses or something like that,” remarks Carter, “so having the virus scanning software on and enabled is good, but you also need to be a little more judicious about where you go online.”

2. Keep your operating systems up-to-date. For instance, Windows XP has an automated system that will automatically look for updates and install them.

3. “I’m a real advocate of strong passwords,” stresses Carter. “What that means is that you don’t use a password that someone who’s perpetrating a fraud could easily identify such as your birthday, or your wife’s maiden name. It’s very easy to get that kind of password information.” See the sidebar on this page for ways you can ensure your password is one that will keep perpetrators stumped.

4. If your institution is one that offers alerts, have them set up with your account so that (for instance) if your account drops below a certain balance, the bank can email you and tell you the account has dropped below a certain threshold.

Phishing Phraud

According to, phishing is “the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, which the legitimate organization already has. The web site, however, is bogus and set up only to steal the user’s information.”

“The best thing that people can remember with respect to email is that a bank and most of the people you deal with on an online basis will never ask you to supply personal information by clicking a link or going to a website and supplying personal information,” says Carter. “The bank already has your information—they don’t need to ask you for it.”

If someone asks you to reply to an email or reply to a link in an email or an advertisement and then asks you to input personal information, the guideline is: just do not do it!

'Tis the Season

The holiday season means lots of transactions—both online and offline. So what’s the most important step you can take in order to prevent someone from taking advantage of your financial security? “Make sure you deal with reputable companies that you deal with them directly,” urges Carter. “This means that you type in their main page address—you don’t click on banners or links—you go directly to the source.”

In addition to using only sites you trust, make sure that when you transact business online, you’re in a secure session. To verify that your session is secure, make sure that the URL (the web address) reads https:, instead of http: (with no “s” on the end), and that a secure symbol (like a closed padlock or key) is located on the status bar of your browser in the bottom corner of your screen.

Comments and feedback can be sent to