Identity Theft Red Flag & Address Discrepancies Flashcards
What are the identity theft red flags and address discrepancies regulations and guidelines?
ITPP and FACT Act
Any financial institution or creditor that offers accounts that may be at risk for identity theft must have in place an identity theft prevention program (ITPP).
The identity theft red flags and address discrepancies regulations and guidelines implement sections 114 and 315 of the fact act of 2003.
Compliance is mandatory as of November 1, 2008.
What is identity theft?
It is when identity thieves use a variety of tactics to steal their victims’ names, Social Security numbers, credit card numbers or other financial account information.
What are some of the methods used by identity thieves to obtain confidential information?
Dumpster diving
Phishing
Old-fashioned stealing
Skimming
Address change
Pre-texting
What is dumpster diving?
When identity thieves go through the potential victims trash looking for bills or other papers that contain personal information.
What is phishing?
Using the Internet, identity thieves will send a spam email message that appears to come from the victims’ financial institution. The email directs the recipient to a fraudulent website. Identity thieves may also use pop-up messages to get the victim to disclose personal information.
What is old-fashioned stealing?
Target items include wallet, purses, and items found in the mail. Thieves look for financial institution and credit card statements, new checks, preapproved credit offers, or tax information. I did any thieves may also bribe employees who have access to the intended victim’s personal records. They may even still be information themselves.
What is skimming?
While at a store, Identity thieves will use a special storage device when processing a potential victims card, to still credit or debit card numbers.
How does changing an address turn into identity theft?
Identity thieves will complete a change of address form to divert the victims billing statements to another location.
What is pre-texting?
Identity thieves will use false pretenses is to try to obtain a victim’s personal information from telephone companies, financial institutions, or other sources. For example, the identity thief might pretend to be a police officer who is investigating a crime.
What policies and procedures must our identity theft prevention program include?
Identify Incorporate Obtain Detect Respond Update
Identify – how does it fit in ITPP?
Identify relevant patterns, practices, and specific forms of activity that are red flags signaling possible identity theft, and incorporate those red flags into the program.
Incorporate – how does it fit in ITPP?
Incorporate existing policies and procedures.
Obtain – how does it fit in ITPP?
Obtain board approval for the initial ITPP.
Detect – how does it fit in ITPP?
Detect red flags that have been incorporated into the ITPP.
Respond – how does it fit in ITPP?
Respond appropriately to any red flags that are detected to prevent and mitigate identity theft.
Update – how does it fit in ITPP?
Update ITPP periodically to ensure it reflects changes and risks to customers and our institution.
What are red flags?
Red flag refers to a pattern, practice, or specific activity that signals the possibility of identity theft.
Red flags include consumer reporting agency alerts. Name some alerts, notifications, or warnings from a consumer reporting agency.
A fraud or active duty alert
A reported notice of a credit freeze
An address discrepancy
A consumer report that indicates a pattern of activity that is inconsistent with the history and usual pattern of activity of an applicant or customer
Red flags include suspicious personal identifying information. Name some specific examples.
Address does not match any addresses in the consumer report
Address is fictitious, email drop, or a prison
Social Security number is the same as one submitted by another person
Red flags include unusual use of, or suspicious activity related to, a consumer account or other account. Give some specific examples.
- Request for a new, additional, or replacement card shortly after the notice of a change of address has filed
- A new revolving credit account is used in a manner commonly associated with known from patterns
- Inactive card is suddenly used
- Mail is returned to the financial institution or creditor repeatedly
- Customer notifies bank of missing statements
