skip to main content

Federal Trade Commission: Buying an internet-connected smart toy? Before giving in to your kid's plea for a new toy, you may want to collect some information about it. Click here to learn more about smart toys.

Identity Theft Toolkit

Preventing Identity Theft

Identity theft is a crime by which someone wrongfully gains access to your personal information such as your bank and credit card account numbers, income, Social Security Number (SSN), driver's license number, personal identification number (PIN) or password, or your name, address, and phone numbers.

An identity thief obtains some piece of your personal information and uses it without your knowledge to commit fraud or theft.

What happens next? They use this information to obtain loans, open new checking accounts, rent property, make purchases, or use your identity to commit more serious crimes. You are now an identity theft victim.

We are taking this opportunity to inform you about identity theft and fraud (including online schemes such as phishing and pharming) and to provide you with the appropriate guidance to lower your risk of becoming an identity theft victim, and steps to be taken if you are an identity theft victim.

What is Identity Theft?

Identity theft is defined as a fraud committed or attempted using the identifying information of another person without authority. Identifying information means any name or number that may be used (alone or in combination with) to identify a person such as:

  • Name
  • Social Security number
  • Date of birth
  • Driver's license number
  • Alien registration number
  • Government passport number

How Identity Thieves Gain Access to your Personal Information

Skilled identity thieves use a variety of methods to gain access to your personal information. Four out of five identity theft victims have no idea how an identity thief obtained their personal information, but some of the more common methods include:

  • Stealing mail, including bank and credit card statements, utility bills, pre-approved credit offers, new checks, or tax information. Some thieves complete a "change of address form" to divert your mail to another location.
  • Sorting through trash to find letters, financial statements, etc. containing personal information and account numbers. This activity is referred to as "dumpster diving".
  • Illegally obtaining an individual's credit report.
  • Stealing credit and debit card numbers as your transaction is processed by using a special information storage device in a practice known as "skimming".
  • Getting information from businesses or other institutions by:
    • stealing records from an employer;
    • bribing an employee who has access to these records; or
    • hacking into the organization's computers.
  • Deploying phishing or pharming schemes to obtain confidential personal information.
  • Stealing a wallet, purse or other confidential information found in your home.

How Identity Thieves Use your Personal Information

Once identity thieves have your personal information, they may:

  • Go on spending sprees using your credit and debit card account numbers or by opening new credit accounts.
  • Open new bank accounts and write bad checks.
  • Use counterfeit checks to withdraw money from your account.
  • Buy cars, goods, or property by obtaining loans in your name.
  • Rent apartments and establish utility, phone or other services in your name.
  • Commit crimes using false identities to mislead law enforcement.
  • File for bankruptcy to avoid paying debts incurred under the false identity.

Warning Signs of Identity Theft

Protect yourself and your identity by monitoring the balances of your financial accounts and looking for unexplained charges or withdrawals. Often, there are no warning signs that identity theft has occurred. However, some reasons for concern are:

  • Your monthly credit card or bank statements suddenly stop being delivered.
  • You are denied credit for no apparent reason.
  • You start getting bills from companies you do not recognize.
  • Credit collection agencies try to collect on debts that do not belong to you.
  • You see charges on your credit card, long distance phone or bank account statements that you did not authorize.
  • New credit accounts that you did not open appear on your credit report.

Safeguard Your Personal Information

To help prevent becoming a victim of fraud or identity theft, follow these recommended guidelines:

  • Keep your financial records, credit cards, debit cards, PINs, checks, Social Security Number (SSN), driver's license number, and other personal information in a safe place.
  • Keep a list of all credit cards and bank accounts including the account numbers, expiration dates, and issuer's names and phone numbers in a safe place.
  • Keep deposit/withdrawal slips and credit/debit card receipts where they will be safe.
  • Shred expired credit/debit/ATM cards, identification cards, credit card solicitations, credit card statements, financial institution statements, utility bills, insurance information, medical bills, and investment updates before disposing of them.
  • Where possible, use security codes on your credit card, bank and phone accounts. Avoid using easily available information such as your mother's maiden name, your birth date, the last four digits of your SSN or your phone number, or a series of consecutive numbers as the security code.
  • Examine your credit card and bank statements for unauthorized transactions. Immediately report any unauthorized transactions that you find to your financial institution.

Online Fraud

An increasing number of identity thefts directed at consumers are being committed online. Consequently, it's very important for you to learn how to spot fraudulent e-mail messages (also known as phishing and pharming) and how to lower your risk of identity theft while using the Internet.

What is Phishing?

The term phishing (pronounced fishing) refers to techniques used by identity thieves to "fish" for personal information in a "pond" of unsuspecting Internet users in order to steal personal information. In a phishing scam, an identity thief creates a counterfeit e-mail, which to you may look like an official communication from your financial institution or other service provider. The goal of the scam is to trick you into divulging your personal information such as your Social Security Number, credit card numbers, passwords, or account related information in order for the identity thief to purchase goods or obtain money from your account(s).

Unauthorized use of a customer's account and asset information obtained through phishing is also referred to as "account hijacking". Please be aware that The Provident Bank will NEVER ask you for personal information in an e-mail.

What is Pharming?

Pharming (pronounced farming) is a technique used by dishonest individuals and companies to obtain important personal and financial information without your knowledge. It is similar to phishing except that the information is collected without you needing to click on a link contained in an e-mail.

As with phishing, the primary purpose is to gain access to your personal information.

How Does Pharming Work?

Similar to phishing, pharmers send seemingly authentic and urgent e-mails to potential victims or users stating that account information needs to be updated immediately. The difference from phishing is that the pharming e-mail installs a small software program on the intended victim's computer. When a user tries to go to the real website, the program redirects the browser to the pharmer's fake website. It then asks the user to update information such as log-ons, PIN codes or other sensitive information. Computer users that do not click on the e-mail links may still be subject to this attack because pharming directs the browser to the fake pharmer website..

How To Reduce the Risk of Online Fraud?

Below are some tips on how to avoid becoming a victim of online fraud:

  • DO NOT respond to any suspicious e-mail requesting personal information. If you have questions, call the company who "sent" the e-mail, using the phone number provided on your statement or obtained from the telephone company and talk to a customer service representative. DO NOT use the number on the e-mail as it could also be fraudulent.
  • DO NOT send personal or confidential information over e-mail. E-mail messages are not usually secure.
  • If you want to access your personal information or update your account, go directly to the company's website by typing the address into the web address bar, not by clicking on a link in an e-mail.
  • Whenever you transmit personal data online, make sure the website is secure. A closed lock icon ( ) will appear at the bottom of your web screen for a secure website. Also the web address will begin with https. Note: the "s" in https is short for "secure".
  • Maintain up-to-date antivirus and antispyware software on your computer. This will greatly reduce the possibility that a virus will redirect you to the malicious website.
  • Be wary of e-mails requesting you to update any account information immediately. DO NOT RESPOND.
  • If you receive suspicious e-mails claiming to be from The Provident Bank, please notify our Contact Center immediately at 1-800-448-PROV.
  • DO NOT download files or click on hyperlinks from someone you don't know.
  • Use a firewall to protect your computer files, especially if you have a high-speed or "always on" connection to the Internet. The firewall allows you to limit uninvited access to your computer.
  • DO NOT store financial information on your laptop unless absolutely necessary.
  • Avoid using an automatic log-in feature that saves your user name and password and always log-off when you're finished conducting your business transaction or research.
  • Delete all personal information stored on your computer before you dispose of it.
  • Read website privacy policies.
  • DO NOT use public Internet-access computers in libraries, Internet cafes, hotels and other public places that offer Internet connections to conduct confidential transactions or business.

How To Reduce the Risk of Identity Theft

The following measures can help protect against identity theft:

  • Make a prompt inquiry if bills or statements are not received in a timely manner. This could mean they are being diverted for identity theft purposes.
  • Limit the information on your checks to only that which is absolutely required (usually name and address only).
  • Request a copy of your credit report every year from each of the three major credit agencies (see next page) to make sure they are accurate. Free credit reports can be obtained at www.freecreditreport.com.
  • Carry only the credit or debit cards you plan to use. If you have credit cards that you do not use, store them in a safe place. Cancel the accounts if you will not use them again. Cut up old credit cards before discarding.
  • Limit the need to carry your Social Security card or number, birth certificate or passport.
  • DO NOT put your trash out until shortly before it will be picked up.
  • Make sure that your mailbox is secure. Take your mail out of your curbside mailbox as soon as possible after it has been delivered. And, if you're traveling, have the US Postal Service hold your mail or have someone you trust remove it from your mailbox daily.
  • DO NOT give any of your personal information to anyone in person, over the telephone, or over the Internet unless you've initiated the contact or are sure you know with whom you are dealing.
  • When providing personal identity information, ask how it will be used and secured, and whether it will be shared with others.
  • Ask your financial institution, doctor's office, other businesses and your employer if they secure your personal information.

You may also wish to:

  • Request to no longer receive preapproved credit offers by calling 1-888-5-OPT-OUT.
  • Ask to be removed from national direct mail lists by writing to the DMA Mail Preference Service at P.O. Box 9008, Farmingdale, NY 11735-9008. Include your name and address.
  • Ask to no longer receive telephone solicitations from national marketers by writing to DMA Telephone Preference Service at P.O. Box 9014, Farmingdale, NY 11735-9014. Include your name, address and telephone number.
  • As part of The Provident Bank's ongoing efforts to prevent identity theft, we will continue to keep you updated with practices that will help maintain your privacy and keep personal information safe.

What to do if you are a Victim of Fraud

If you suspect that your personal information has been used in a fraudulent manner, take the following steps to prevent further usage and damage:

1. Place a fraud alert on your credit reports and review your credit reports.
Call the toll-free fraud number shown below for each of the three major credit bureaus to place a fraud alert on your credit report ("one-call" fraud alert). This can help prevent an identity thief from opening additional accounts in your name. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified to place fraud alerts on your credit report, and all three reports will be sent to you free of charge.
To report fraud or to check your credit report, you can contact the major credit bureaus as follows:

Equifax:

Call: 1-800-525-6285
Write: P.O. Box 740241
Atlanta, GA 30374-0241
Log on to: www.equifax.com

Experian:

Call: 1-888-EXPERIAN (397-3742)
Write: P.O. Box 9532
Allen, TX 75013-9532
Log on to: www.experian.com

TransUnion:

Call: 1-800-680-7289
Write: Fraud Victim Assistance Division
P.O. Box 6790
Fullerton, CA 92834-6790
Log on to: www.transunion.com

Once you receive your credit reports, review them carefully. Look for inquiries you did not initiate, accounts you did not open, and unexplained charges or credit advances on your legitimate accounts. You also should check that information such as your Social Security Number, address, name (including initials, prefixes and suffixes) and employer are correct. Inaccuracies in this information may simply be due to typographical errors, however, they should be reported to the credit bureau(s) as soon as possible by telephone and in writing.

The "one-call" fraud alert process used to notify all three major credit bureaus of fraud only works for the initial placement of your fraud alert. Requests for renewals of your fraud alert or requests for additional credit reports must be made separately at each of the three major credit bureaus.

2. Close any accounts that have been tampered with or opened fraudulently.
Follow these simple steps:

CREDIT ACCOUNTS
Credit accounts include all accounts with financial institutions, credit card companies, other lenders, phone companies, utilities or other service providers.

Notify your creditor's of the fraud via telephone followed by a written notification which will ensure protection of your right to dispute fraudulent charges and may limit your liability for these items. Send your letters by certified mail, return receipt requested, so as to document your notification responsibilities and the creditor's receipt of your notice.

If there are fraudulent charges, ask the company about forms for disputing those transactions. If your credit card has been lost, stolen or otherwise compromised, cancel the card as soon as you can. Request a new card with a new PIN.

DEPOSIT ACCOUNTS
If your checks or ATM/debit cards have been stolen, counterfeited or misused, close the account(s) and request a warning be placed on your account(s). Most banks will investigate and help you in resolving forged checks or unauthorized transactions originating from their financial institution. However, you are required to take reasonable care of your bank account(s) and access devices, and make the financial institution aware of any suspicious activity as soon as you become aware of it. You may be held responsible for the unauthorized transaction if you fail to notify the bank in a timely manner. Contact your bank for more specific information.

You may also want to contact the following major check verification companies to ask that retailers who use their databases not accept your checks:
Certegy, Inc.: 1-800-437-5120
ChexSystems, Inc.: 1-888-478-6536
TeleCheck: 1-800-710-9898 or 1-800-927-0188

You can also call Shared Check Authorization Network (SCAN) at 1-800-262-7771 to find out if the identity thief has been passing bad checks in your name.

Once the identity theft dispute claim has been resolved, request that the creditor provide a letter stating that they have closed the account(s) and discharged the disputed debt. This letter will serve as proof that fraud has occurred and that the matter has been resolved.

Request that your bank notify the company they use for check verification services (such as ChexSystems, Inc.) of the fraudulent activity. This notification will alert retailers not to accept checks drawn on your old account.

3. File a report with your local police department.
When filing a police report, provide as much information as you can about the crime, including dates of the identity theft, the fraudulent accounts and the alleged identity thief (if known). Bring any records or documentation that you have pertaining to the crime with you; this will assist you in filing a complete and accurate report.

Keep a copy of the police report. You may need to provide proof of fraudulent activity to creditors and/or financial institutions. If you can't get a copy, at a minimum, record the report number and the location where and date when the report was filed.

4. File a complaint with the Federal Trade Commission (FTC).
Filing your identity theft complaint with the FTC provides important information that can help law enforcement track down identity thieves and stop them from victimizing other consumers like you.

The FTC also can refer victim complaints to other appropriate government agencies and companies for further action. The FTC enters the information you provide into a secure database. To file a complaint: Contact the Federal Trade Commission at:

Call: 1-877 ID THEFT (438-4338)
Hearing Impaired tty: 1-866-653-4261
Write to: Identity Theft Clearing House, FTC
600 Pennsylvania Avenue NW
Washington, DC 20580
Log on to: www.consumer.gov/idtheft

5. Contact the U.S. Postal Service.
If you know or suspect your mail has been stolen, contact your local post office. Address and phone numbers can be found in your phone book, by calling the phone company's information line (411), or via the internet at www.usps.com.

Special Note about Social Security Numbers

It is likely that your employer and financial institution will need your SSN for wage and tax reporting purposes. Other private businesses may ask you for your SSN to perform a credit check, such as when you apply for a loan. Sometimes, however, they simply want your SSN for general record-keeping. If someone asks for your SSN, ask the following questions:

  • Why do you need my SSN?
  • How will my SSN be used?
  • How do you protect my SSN from being stolen/misused?
  • What will happen if I don't give you my SSN?
  • If you do not provide your SSN, some businesses may not provide you with the service or benefit you are requesting. Getting satisfactory answers to the above questions will help you to decide whether you want to share your SSN with the business and will increase your comfort level.

Conclusion

Remember identity theft awareness and prevention can save you needless hours of turmoil resulting from misused personal information. Taking proactive measures to limit access to your confidential information will help you to better avoid being a victim of this new category of crime.

The Provident Bank may notify you if it has reason to believe that your sensitive personal information has either been stolen or otherwise compromised. Remember, we will NEVER ask you to provide your sensitive personal information when we contact you.

Information provided in this ToolKit is based in part on the Federal Trade Commissions publication entitled " Take Charge: Fighting Back Against Identity Theft".

JOIN THE CONVERSATION