650 likes | 676 Views
Clemson University Red Flags Rule Training. Detecting, Preventing and Mitigating Identity Theft. Goals of Red Flag Training. To define commonly used terms related to Identity Theft To explain the federal rules intended to identify Identity Theft
E N D
Clemson University Red Flags Rule Training Detecting, Preventing and Mitigating Identity Theft
Goals of Red Flag Training • To define commonly used terms related to Identity Theft • To explain the federal rules intended to identify Identity Theft • To assist you in developing unit-specific procedures that will comply with the Identity Theft Prevention Program approved by the Board of Trustees
Identity Theft – Red Flags • A pattern, practice, or specific activity that indicates the possible existence of identity theft
Identifying Red Flags A Red Flag, or any situation closely resembling one, should be investigated for verification
Five Categories of Potential Indicators of Fraud • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources
Alerts, Notifications, and Warnings from a Credit Reporting Company • Fraud or active duty alert on a credit report. • Notice of a credit freeze in response to a request for a credit report • Notice of an address discrepancy • A credit report pattern inconsistent with person’s history: • Large increase in volume of inquiries • Unusual number of recently established credit • Account that was closed because of an abuse of account privileges
Suspicious Documents • Identification that looks altered or forged. • The person presenting the identification doesn’t look like the photo or match the physical description • Information on the identification that differs from what the person presenting the identification is telling you or doesn’t match with other information, like a signature card or recent check • An application that looks like it’s been altered, forged, or torn up and reassembled
Suspicious Personal Identifying Information • Inconsistencies with other known information • Inconsistencies in information the customer has given • An address, phone number or other personal information that’s been used on a known fraudulent account • An address or phone number that does not go to a legitimate contact • A Social Security number, phone number or address that has been used by many others to open accounts • Cannot answer challenge questions
Suspicious Account Activity • After change of address new interest in new accounts or lines of credit • New account being used in ways associated with fraud • An account used in ways inconsistent with established patterns • A sudden increase in activity in an account that had been inactive for a long time • Mail being returned repeatedly as undeliverable although transactions continue to be conducted
Notice from Other Sources • Notification by customers of abnormalities on account • Law enforcement is notified • Notification of theft of personal data • Any other notification of fraud or fraudulent accounts
Securing Clemson from other Fraud Attempts • The Red Flags Rule address external threats, but preventing internal threats are not addressed • Is your area “data-rich” • Do you know where all your data is • Is access to the data strictly controlled • Do you have both orientation and termination procedures related to data • Not all internal threats are malicious but just casual error
Security • Here is how to avoid becoming an ID Theft statistic • Store restricted information on secure servers, not on workstations • Password protect your computer and set your screensaver to come on automatically • Avoid providing restricted data over the telephone or by email • Cross-shred all restricted data documents before throwing them away • Keep conversations quiet-make sure they cannot be overheard when exchanging restricted data
Responding to red flags • Report known and suspected fraudulent activity immediately to your direct supervisor • This protects both Clemson’s customers and the University from damages and loss: • Report Red Flag incident to your supervisor • Either the Employee or supervisor, when alerted of a Red Flag, must complete and submit Notification of Possible Privacy Breach form • Upon resolution of the incident, the reporting supervisor will create a report outlining the incident which in-turn will be submitted to the Program Administrator
More Internal Information • Red Flags Rule Website • CFO Website
More external Information • Federal Trade Commission • SC Department of Consumer Affairs
Red Flags Rule Question 1 • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financially security • Specific activity that indicated the possible existence of ID theft • All of the above
Red Flags Rule Question 1 • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financial security • Specific activity that indicated the possible existence of ID theft • All of the above
Red Flags Rule Question 1 Incorrect • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financial security • Specific activity that indicated the possible existence of ID theft • All of the above • Answer: • (D) All of the above. • The Red Flags program gives us a way to identify, mitigate and prevent fraud from happening. Next Question
Red Flags Rule Question 1 Incorrect • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financial security • Specific activity that indicated the possible existence of ID theft • All of the above • Answer: • (D) All of the above. • The Red Flags program gives us a way to identify, mitigate and prevent fraud from happening. Next Question
Red Flags Rule Question 1 Incorrect • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financial security • Specific activity that indicated the possible existence of ID theft • All of the above • Answer: • (D) All of the above. • The Red Flags program gives us a way to identify, mitigate and prevent fraud from happening. Next Question
Red Flags Rule Question 1 Correct • Is the Red Flags program a • Way to identify fraudulent patterns • Way to practice secure ways of conducting business pertaining to financial security • Specific activity that indicated the possible existence of ID theft • All of the above • Answer: • (D) All of the above. • The Red Flags program gives us a way to identify, mitigate and prevent fraud from happening. Next Question
Red Flags Rule Question 2 • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above
Red Flags Rule Question 2 Incorrect • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 2 Incorrect • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 2 Incorrect • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 2 Incorrect • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 2 Incorrect • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 2 Correct • Which is an indicator of a Red Flag • Alerts, Notifications, and Warnings from a Credit Reporting Company • Suspicious Documents • Suspicious Personal Identifying Information • Suspicious Account Activity • Notice from Customers and Other Sources • All of the above • Answer: • (F) All of the above. • All are categories of Red Flags Next Question
Red Flags Rule Question 3 • Personal Identifying Information includes: • Any number or name • Any number or name used alone or in conjunction with other information • Any number or name that may be used alone or in conjunction with other information to identify a specific individual
Red Flags Rule Question 3 Incorrect • Personal Identifying Information includes: • Any number or name • Any number or name used alone or in conjunction with other information • Any number or name that may be used alone or in conjunction with other information to identify a specific individual • Answer • (C) • Although C contains parts of A and B, PII is defined by information used in conjunction to identify a specific Individual Next Question
Red Flags Rule Question 3 Incorrect • Personal Identifying Information includes: • Any number or name • Any number or name used alone or in conjunction with other information • Any number or name that may be used alone or in conjunction with other information to identify a specific individual • Answer • (C) • Although C contains parts of A and B, PII is defined by information used in conjunction to identify a specific Individual Next Question
Red Flags Rule Question 3 Correct • Personal Identifying Information includes: • Any number or name • Any number or name used alone or in conjunction with other information • Any number or name that may be used alone or in conjunction with other information to identify a specific individual • Answer • (C) • Although C contains parts of A and B, PII is defined by information used in conjunction to identify a specific Individual Next Question
Red Flags Rule Question 4 • Which is an example of a suspicious document? • A drivers licenses that matches other information that is known • An insurance number and card to match • An apparent altered drivers licenses
Red Flags Rule Question 4 Incorrect • Which is an example of a suspicious document? • A drivers licenses that matches other information that is known • An insurance number and card to match • An apparent altered drivers licenses • Answer • (C) • Suspicious documents can be any record that appears forged, misprinted, or altered. Next Question
Red Flags Rule Question 4 Incorrect • Which is an example of a suspicious document? • A drivers licenses that matches other information that is known • An insurance number and card to match • An apparent altered drivers licenses • Answer • (C) • Suspicious documents can be any record that appears forged, misprinted, or altered Next Question
Red Flags Rule Question 4 Correct • Which is an example of a suspicious document? • A drivers licenses that matches other information that is known • An insurance number and card to match • An apparent altered drivers licenses • Answer • (C) • Suspicious documents can be any record that appears forged, misprinted, or altered Next Question
Red Flags Rule Question 5 • After you have identified Red Flags that are likely to occur within your department or office, what do you do next? • Set up procedures to detect those red flags in your day-to-day operations • Train all employees in the procedures • Periodically review your list of red flags to be sure they are still relevant • All of the above
Red Flags Rule Question 5 Incorrect • After you have identified Red Flags that are likely to occur within your department or office, what do you do next? • Set up procedures to detect those red flags in your day-to-day operations • Train all employees in the procedures • Periodically review your list of red flags to be sure they are still relevant • All of the above • Answer • (D) All of the above • When types of Red Flags have been identified departmentally; procedures, training and review must be put in place. Next Question
Red Flags Rule Question 5 Incorrect • After you have identified Red Flags that are likely to occur within your department or office, what do you do next? • Set up procedures to detect those red flags in your day-to-day operations • Train all employees in the procedures • Periodically review your list of red flags to be sure they are still relevant • All of the above • Answer • (D) All of the above • When types of Red Flags have been identified departmentally; procedures, training and review must be put in place. Next Question
Red Flags Rule Question 5 Incorrect • After you have identified Red Flags that are likely to occur within your department or office, what do you do next? • Set up procedures to detect those red flags in your day-to-day operations • Train all employees in the procedures • Periodically review your list of red flags to be sure they are still relevant • All of the above • Answer • (D) All of the above • When types of Red Flags have been identified departmentally; procedures, training and review must be put in place. Next Question
Red Flags Rule Question 5 Correct • After you have identified Red Flags that are likely to occur within your department or office, what do you do next? • Set up procedures to detect those red flags in your day-to-day operations • Train all employees in the procedures • Periodically review your list of red flags to be sure they are still relevant • All of the above • Answer • (D) All of the above • When types of Red Flags have been identified departmentally; procedures, training and review must be put in place. Next Question
Red Flags Rule Question 6 • The purpose of the Red Flags Rule program is to detect the warning signs of ID theft in day-to-day operations, take steps to prevent the crime and mitigate the damage it inflicts TrueFalse
Red Flags Rule Question 6 Correct • The purpose of the Red Flags Rule program is to detect the warning signs of ID theft in day-to-day operations, take steps to prevent the crime and mitigate the damage it inflicts TrueFalse • Answer • True • The Red Flags Rule program will guide you in spotting, mitigating and assist you in preventing fraud from occurring Next Question
Red Flags Rule Question 6 Incorrect • The purpose of the Red Flags Rule program is to detect the warning signs of ID theft in day-to-day operations, take steps to prevent the crime and mitigate the damage it inflicts True False • Answer • True • The Red Flags Rule program will guide you in spotting, mitigating and assist you in preventing fraud from occurring Next Question
Red Flags Rule Question 7 • External ID theft fraud attempts are the only threats to Clemson University TrueFalse
Red Flags Rule Question 7 Incorrect • External ID theft fraud attempts are the only threats to Clemson University True False • Answer • False • Internal threats are also a possibility. internal threats are not all malicious, some are caused by causal error. Next Question
Red Flags Rule Question 7 Correct • External ID theft fraud attempts are the only threats to Clemson University True False • Answer • False • Internal threats are also a possibility. internal threats are not all malicious, some are caused by causal error. Next Question
Red Flags Rule Question 8 • Which characteristics would make a department vulnerable to internal fraud? • The “data-rich” area • Where access to data is not strictly controlled • Where orientation and termination procedures related to data are not in place • All of the above
Red Flags Rule Question 8 Incorrect • Which characteristics would make a department vulnerable to internal fraud? • The “data-rich” area • Where access to data is not strictly controlled • Where orientation and termination procedures related to data are not in place • All of the above • Answer • (D) All of the Above • When these types of characteristics are present within a department or office, then the department becomes more attractive to internal and external fraudulent actions Next Question