Annex 1 - Fraud and Identity Theft: Do's and Don'ts to Protect Yourself and Your SIN
Memorize your Social Insurance Number (SIN).
Keep your SIN card in a secure location (for example, a safety deposit box).
Shred all paper records containing personal information. Make sure that personal information is removed from old hard drives and other storage devices (for example, carbon fax rolls) before they are disposed of or sold.
Protect your electronic information with confidential passwords that are at least seven characters in length. Do not spell anything or follow logical patterns. Use a combination of upper-case and lower-case characters, numbers, and symbols (for example, E.E0n2$).
When an organization requests your SIN, ask if they are legally required to collect the SIN. If not, offer other forms of identification instead (for example, your driver's licence) or ensure you are satisfied it is necessary to provide.
Empty your computer desktop's Recycling Bin immediately after deleting personal electronic information from your computer. Erase the online History folder and Temporary Internet Files regularly.
Guard your mail from theft by promptly removing it from the mail box as soon as it is delivered, and by notifying Canada Post to hold your mail if you are going to be away.
Use a personal firewall on your computer system, especially if you have an “always on” Internet connection where a hacker may access your files even when your computer is off.
Use caution when locating a website through an Internet search engine. It isn't always possible to identify fraud online.
Report a lost or stolen card to Service Canada's Social Insurance Registration Office at 1-800-206-7218 and select option “3” or 1-506-548-7961 if calling from outside Canada.
Never use your SIN card as a piece of identification because it puts your SIN and the security of your personal information at risk unnecessarily.
Don't carry your SIN card in your wallet, purse or vehicle. If it's stolen, thieves may be able to access information to steal your identity.
Don't leave documents containing personal information, especially the SIN, out in the open.
Don't share your passwords with anyone. Be sure to change them regularly.
Never reveal your SIN to anyone unless you are certain the person asking is legally entitled to that information or you are satisfied it is necessary.
Don't use automatic log-in features that save your user names and passwords on your computer.
Don't give your SIN over the phone unless you initiate the call and you know with whom you are dealing.
Never reply to e-mails that request personal information. Reputable websites will not ask clients to disclose this kind of information via e-mail.
Don't transmit your personal information, including the SIN, on wireless devices (for example, cell phones, Blackberries, etc.) unless you know that this transmission is secure.