What is identity theft?

Before fraudsters can use your personal information, they have to get it. And that's exactly what identity theft is: obtaining, possessing or trafficking in personal information to commit a criminal act such as fraud.

Most sought after personal information for identity thieves

  • Full name
  • Date of birth
  • Address
  • Social insurance number
  • Credit or debit card number and PIN
  • User names and passwords
  • Driver's licence number
  • Your mother's and other family members' names
  • Your security questions and answers
  • Passport number

Most common types of identity theft include

  • Skimming (credit and debit card scam)
  • Using spyware to intercept user names and passwords for online banking
  • Intercepting PINs entered at point of sale terminals
  • Getting banking information through phishing
  • Stealing mail or sifting through household waste

How to protect yourself against identity theft

  • When dealing with phone solicitors, be very careful. If you're interested in what they have to offer, ask for their contact information so you can call them back at your convenience. Before calling back, confirm the contact information against another source. You can also confirm the contact information by checking with a reputable organization or the company the caller claims to represent.
  • Ask questions—fraudsters don't like them. They'll quickly sense your scepticism and usually let it drop.
  • If you have any doubts about whether the call is legitimate, cut it short.
  • Never wire money using a credit card or otherwise and don't disclose personal information before confirming that the caller and the offer are real, even if they claim to be someone in authority like a police officer.
  • Don't act on impulse. Before you accept anything over the phone, talk to friends or colleagues about it first.
  • Shred any mail that contains personal information.
  • Before responding to mail offers, do a background check on the company or person making you the offer. An online search will often reveal stories from people who've been swindled by similar scams.
  • Don't act on impulse. If you're interested in a mail offer, ask for a second opinion before you do anything.
  • Don't put your name on the mailbox.
  • Make sure your computer or tablet has up-to-date security software (spyware, firewall, antivirus software, encryption software and anti-spam software).
  • Password-protect your wireless network.
  • Always log out of secure sites rather than simply closing the page.
  • Look for the site's privacy policy. Read it carefully to make sure the merchant is complying with the principles of confidentiality. If there isn't one, don't use the site.
  • If possible, use a different password for all the secure sites you use and change them from time to time. Never disclose them.
  • Before providing personal data, check to make sure the "http" address bar has changed to "https" (the "s" indicating that it's secure), and look for the padlock or key icon.
  • Passwords:
    • Choose a password that contains at least 7 or 8 characters.
    • Insert symbols (e.g., &, $, !, etc.)
    • Alternate between letters and numbers.
    • Switch between uppercase and lowercase letters.
    • Never disclose your password.
    • Never write down your password. Memorize it instead.
    • Use different passwords for every site that requires a password and change them regularly.
  • Never leave your credit and debit cards out in the open, at home or at work.
  • When you receive a new card, make sure you sign it right away in permanent ink.
  • Always make sure card transactions happen where you can see them—don't let your card leave your sight. And check to make sure the card you're handed back at the end of the transaction is really yours.
  • Memorize your PIN so you don't have to write it down.
  • Always cover the keypad when entering your PIN.
  • Have everything ready before you get to the ATM so you don't have to go through your pockets, wallet or purse.
  • If you require assistance, ask someone you trust to come with you, or ask for help from a bank employee.
  • Don't forget to collect your card and receipt.
  • Don't use an ATM or payment terminal if you suspect it's been tampered with, for instance if any parts move or fall off when you touch them. Report anything strange to your financial institution
  • Don't use the ATM if you don't feel safe.

Social networks sites (Facebook, Twitter, MySpace, etc.) facilitate open communication and the creation of virtual networks where people can exchange with friends the world over. It would be natural to think that "virtual friends" are also friends in the physical world, but is that really the case? In these virtual communities, a stranger can easily pass himself off as a friend and gather personal information about you for fraudulent purposes.

This is why we recommend you never include the following information about yourself in your profile:

  • phone numbers
  • address
  • date of birth
  • spouse and children's names
  • any other piece of personal information

This information can be used by scammers to steal your identity.

Private or public profile?

When you create your profile, we recommend you do not accept the site's default security settings.

Instead, ensure that your profile is private so your information is not available to all Facebook or MySpace members, for example, and do not automatically allow virtual friends to email you. Read and understand the Security Settings and Privacy Policy of each social network site you use.

Be aware that all information you publish on a social networking site automatically becomes property of the site. By accepting the site's terms of use, you accept that your photos, postings, email address and date of birth can be sold to third parties.

If you decide to go on a social networking site, follow our advice and assume that, no matter how many precautions you take, whatever you post is available to the entire Web community, including cybercriminals operating on these networks.

Resources

Learn more