By filling in a subscription or competition postcard and dropping it in the post box, you could be exposing yourself to ID theft — one of the fastest growing crimes facing consumers.
Identity theft occurs when a customer’s personal or banking details are illegally obtained and used to access the customer’s bank accounts. Criminals use information such as ID numbers and account numbers to carry out these activities. Once armed with this information, the criminals withdraw funds from accounts or buy goods without the customer’s knowledge.
As consumers, we need to be more cautious about how we deal with our personal information. Most magazine subscription offers provide readers with a pre-paid postcard on which to send their personal information, including banking details. By putting this information on a postcard and popping it in the post, this information becomes available to anyone at a glance. This may include your full name, postal address, email, telephone number, ID number and credit card details, including the three-digit CVC number on the back of your credit card. With this information a fraudster would find it easy to use either your credit card details for online transactions or access your bank account.
M&G Money spoke to the head of subscriptions at one magazine to find out why it compromises its customers’ information in this way. Apparently, inserting postcards into magazines is the cheapest, easiest option for them. But publishers should at least provide a warning and ask customers to fax the information directly to the magazine rather than post it. According to the subscription head, some subscribers do fax the form or send the postcard without the full credit card details, at which point the magazine is then able to contact them and ask for the information.
But this is still risky, as a fraudster can easily pose as an employee from the magazine and contact you for your credit card details and other personal information. The best way is to fax the subscription or to call the magazine and provide your information verbally.
The South African Banking Risk Information Centre (Sabric) urges consumers to be vigilant about disclosing personal and banking details. According to Gilbert Swats, CEO of Sabric, criminals are able to get hold of information through correspondence, such as letters and bank statements containing personal and banking information.
Consumers are urged to destroy letters containing confidential information, such as banking details.
“Customers should always exercise caution when they receive calls or letters asking them to provide personal and banking information. Always verify with the institution in question to make sure that you do not become a victim,” says Swats.
Shopping online can also carry risks if you deal with a merchant who does not take steps to protect your information.
Chris Savides, chairperson of the South African Forum for E-tailers (Safe), says it is important to check the site to see that it has a published privacy and security policy to protect your personal information. “Read the policy and, if you are not happy, phone them and ask them about it. Don’t just hit the ‘read: terms and conditions’ button.” After all, the policy could state that your personal information will be given to the highest Âbidder and you will have just agreed to it. If it is a merchant you are not familiar with look to see if it is Visa compliant or has the Sur E-Tail logo, which means it is part of Safe, the online retailers’ forum. If a merchant is a member, it means that it guarantees encrypted transactions, upholds a published privacy policy, subscribes to the principles of Âpermission- based marketing, adheres to a published refunds policy and Âdisplays accurate contact details.
Sabric adds that customers who make transactions online should be extremely cautious about which sites they use for internet banking. Customers should never use bank sites through links sent to them. They are advised always to log on to their banks’ sites directly. Customers can also check the security of a website by looking for a padlock in the bottom right hand corner, as well as for a security certificate.
Don’t let your ID be stolen
- Avoid sending postcards or competition entry forms containing banking information.
- Destroy correspondence containing personal information, for example bank statements.
- If entering a competition, always verify with the publication if it is running the competition.
- Do not divulge confidential information such as PIN numbers, banking details and ID numbers to people requesting to “verify” or “update” your details. Verify the source of the call and ask them to call you later.
- Only do online transactions with verified sites. Check out www.safeonline.co.za to view participating merchants.