With final exams being held through Dec. 21, Boston University students are left little time to complete – or for some, start – their holiday shopping. But, while the ease of the internet lets students shop without leaving their dorm rooms, it also leaves them more susceptible to the growing trend of identity theft and credit card fraud.
Information Technology Consulting Services Director Jim Stone said students and online shoppers in general should understand and educate themselves about the severity of these two illegal acts, in particular identity theft.
“With credit card fraud you’re protected and get your money back, although it’s a headache,” he said. “Identity theft is a lot more serious and difficult to get out of.”
According to a 2005 Federal Trade Commission report, approximately 10 million Americans fall victim to identity theft a year. In 2004, sums stolen through identity theft were estimated at $52.6 billion.
There are generally two ways in which identity thieves get the necessary information to take an individual’s identity and money. According to Stone, one method called “spoofing” is a type of spam mail designed to look like it originated from a person or organization an online user could be familiar with.
In addition to spoofing, another prevalent method of theft is known as the “phishing” tactic, which occurs when someone receives an email from what looks like a known company like Ebay or PayPal. The company may state that the customer must update their billing information within 24 hours or risk losing their account. A link is included, which directs the person to a website that appears to be the trusted company’s website. They may have the company logo on their site to appear legitimate.
Stone said this is how an individual mistakenly volunteers to give their personal information away.
“These people go to great lengths to trick people,” he said. “And unfortunately, a lot of people fall for this.”
Students say this somewhat recent phenomenon is something they are quite familiar with.
School of Management sophomore Cole Bramley said that he has witnessed several attempts to access his account have been made by groups posing as actual companies.
“I’ve actually received those PayPal emails and I could just tell they were different from the actual PayPal site,” he said. “I took note of it and reported it to their company.”
Bramley said without skeptically looking at each transaction or online ploy, internet users leave themselves vulnerable to credit card fraud.
Stone says there are ways to prevent becoming a victim, like avoiding links that send you to a website asking for personal information, or deleting attachments sent by email that the recipient is not expecting. He also recommends that students and other online shoppers look for a symbol of a lock in the right hand corner of the internet browser they use.
“This symbol tells you the site you are on is secure,” he said. “I would never purchase something online without knowing that lock symbol is there. If a company does not have it, it means their computing technology is not very good and you should stay away.”
Stone said students should also bookmark sites they regularly use for online banking and purchases, as it prevents typos which may lead to fake sites, where web users tend to continue using the fake website until it is too late.
“Do not make a habit of typing the URL every time,” he says. “These fake sites that have similar URL names can become very difficult to tell apart from the legit websites.”
But, other students who have not experienced identity theft said the warnings bear little weight.
“Personally, I don’t do anything to protect myself mainly because I assume the website I enter my information through is safe,” College of General Studies sophomore Michael Barbo said. “I know it’s an issue, but it usually will not cross my mind because I honestly don’t think it can happen to me.”
Other students say it is important to be aware of the dangers associated with online shopping, especially if it is not from a reputable website.
“I’ve gotten spam email with these very links and I just delete it,” SMG sophomore Andrew Gold said. “It’s a combination of instinct and education that stops me from clicking them. It’s really better to be safe than sorry.”
Stone says many bank companies as well as personal vendors go to great lengths to protect their customers from identity theft and credit card fraud. An example is Equifax, one of three major credit card agencies that offer protection packets which clients can purchase. Equifax notifies their customers of any irregular transactions in their accounts.
“In the end they want to see that you’re safe,” Stone said. “They also don’t want the customer to assume their company led to this.”
A way to fight away credit card fraud is through virtual credit cards, which Stone said offer their users the option of shopping online with virtually single-use credit card numbers that expire within one or two months. A virtual number is only good on the website where the customer made their purchase and becomes all but useless to an online thief.
But some students say the whole concept sounds like a hassle more than a benefit.
“In theory it may sound like a good idea, but it just sounds like a hassle to me,” Bramley said. “I guess it also depends on the sensitivity one feels about putting personal information out there.”
Stone says BU does not offer protection against identity theft and credit card fraud primarily because the university does not follow what websites its students visit.
“We don’t censor things or watch what students are doing online,” he said. “We can educate them, but there’s not much the university can add. And philosophically, we don’t think that is something the university should be doing.”
Students say they appreciate that the university stays away from their private online activity.
“I understand that it could be a good thing in that they would be trying to protect us, but it can also be a bad thing as well,” Barbo said. “Overall, I feel the negatives that come along with the university watching what we’re doing outweigh the positives of us being safe from online thieves and fraud.”
In the end, Stone said students should trust their instincts when determining whether a website is secure for them to trust their information to it.
“Watch what you’re doing – be careful what information you provide and to whom you provide it,” he said. “When in doubt, just don’t do it.”