What is Identity Theft?

Identity theft occurs when someone uses your personally identifying information (PII), without your permission, to commit fraud or other crimes.

Examples of PII are

  • Your name
  • Social Security number
  • Date of birth
  • Credit Card or Bank account number
  • Passwords
  • Mother's maiden name

How do thieves steal an identity?

The methods thieves use to steal your information include:

  • Traditional theft Searching through trash Phishing attacks (Theft, email, phone based scams)
  • Social engineering (Someone con you into divulging this information)
  • Shoulder surfing (Someone standing over your shoulder observing as you enter your password)
  • Hacking (Breaking into your computer and stealing data)

What can be done with your personal information?

  • Bank, credit card and other financial fraud Government document fraud (obtain drivers license, get government benefits)
  • Employment fraud (get job using your Social Security number)
  •  Medical fraud (get medical services as you)

How can you prevent identity theft?

There are various things you can do to minimize the chance of becoming the victim of identity thieves:

  • Never share your password with anyone, not even with people you trust or IT staff
  • Never give out your personally identifiable information to strangers over the phone, email, or in person.
  • Observe your surroundings, and make sure no one is "shoulder surfing"
  • Avoid accessing your sensitive information from public computers.
  • Keep up-to-date antivirus and antispyware on your computer
  • Ensure your computer firewall is enabled and unnecessary services are disabled
  • Update you operating system and applications.
  • Ensure you have passwords or passcodes on your computers and mobile devices
  • Know the red flags, and monitor your accounts.
  • Use identity theft protection / credit monitoring services to quickly detect or prevent fraudulent use of your identity information. For a list of identity / credit monitoring services, you can take a look at this article comparing identity theft products.

How VCU Handles Identity Theft

VCU's identity theft prevention program is designed to detect, prevent, and mitigate identity theft in connection with new and existing covered accounts in order to protect the personal information entrusted to the university.

This is accomplished by taking steps to mitigate identity theft, as well as by identifying, detecting and responding to relevant warning signs of identity theft (red flags).

Who should read the Identity Theft Prevention policy?

All faculty and staff should read the Identity Theft Prevention policy. The policy describes the purpose of the program, program components and program administration.

What are covered accounts?

A covered account is an account that involves multiple payments or transactions and has a foreseeable risk of identity theft. Identified covered accounts are described in the Identity Theft Prevention policy.

What are some examples of red flags?

  • Notifications from credit reporting agencies
  • Suspicious documents
  • Suspicious personal identifying information
  • Suspicious account activity
  • Alerts from others

What should be done if red flags are detected?

  • One or more of the following steps should be taken.
  • Change passwords or disable account access
  • Investigate suspicious transactions
  • Close the covered account
  • Reopen the covered account with a new account number
  • Do not open a new covered account
  • Notify the Program Administrator
  • Notify law enforcement
  • Make a determination that no action is warranted

Who is the program administrator?

The program administrator is the VCU Information Security Officer. For more questions, please contact the VCU Office of Information Security