Artifact 3 Trends in Fraud, Discussion Board Question, Week 5, Loss Prevention and Crime Prevention, SMGT 411

Discussion Question 1. Based on the 2004 Federal Trade Commission Summary on Trends in Fraud: a. Why do you think the top category in fraud and identity theft were from internet and credit card usage? b. What are some safeguards companies can use to reduce identity theft these crimes? The 2004 Federal Trade Commission (FTC) summary on trends in fraud contain over 2 million complaints and in 2012 approximately 9 million Americans have become victims of identity theft and fraud. This is an increase of over 7 million citizens a year victimized. One may ask how and why the numbers are increasing with so much emphasis placed on the subject. The top category in fraud and identity theft were from Internet and credit card usage because of the prevalence of personally identifiable information (PII) used by retail organizations, medical clinics and hospitals, government agencies, and businesses small to large. The victims are increasing because of the advancements and exceptional use of technology. According to Finklea (2012) An increase in globalization and lack of cyber borders provide an environment ripe for identity thieves to operate from within the nation's borders as well as from beyond (p. 1). The organizations listed above using PII to expedite business may be perpetrators of insufficient security measures, lenient privacy policies and uneducated or negligent employees which allows scandalous criminals easy access to customer/client data. Kevin Mitnick, aka Kim Schmitz an infamous convicted hacker and now government employee once stated: .the human side of computer security is easily exploited and constantly overlooked. Companies spend millions of dollars on firewalls, encryption, and secure access devices, and its money wasted, because none of these measures address the weakest link in the security chain, the user (McIlwraith, 2006, p. 5). An imperative safeguard companies can use to reduce identity theft is by providing adequate information security education, accurate or periodic training, and awareness to their employees. Individual and companies should also implement the following measures: 1. Install and update firewalls, anti-virus protection software, and spyware. 2. Shred all sensitive and PII information and documents no longer required. 3. Do not open files, download programs or click links in e-mails because phishing scams often use these techniques to try to steal your identity. 4. Do not send personal information in e-mail or instant messages. 5. Ensure all data on hard drives is magnetically wiped off or shredded if no longer in use.

6. Avoid storing sensitive information like credit card numbers or Social Security number on computer. 7. Use strong passwords that include a combination of numbers and symbols and upper and lower case letters, 8. Do not enable a login screen to save passwords and keep in mind to log off the website when are finished using a secured site. 9. Use Smart Cards (Contact, Contactless, or Combination) with encryption software requiring pin access. 10. Install biometrics for high level restricted areas with PII. 11. Establish a defense in depth plan of overlapping security layers to prevent, detect and respond to security threats. These measures if effectively conducted or implemented could possibly reduce the amount of fraud and identity theft. References: Finklea, K. F. Congressional research service, (2012). Identity theft: Trends and issues (R40599). Retrieved from website: http://www.fas.org/sgp/crs/misc/R40599.pdf McIlwraith, A. (2006). Information security and employee behavior: How to reduce risk through employee education, training and awareness. Gower. Tips for Protecting Business Data. (2010). Information Management Journal, 44(3), 11.