• News
  • SAN DIEGO
  • Finance

Victims of identity theft often know the thief

Identity theft is now the No. 1 crime in the United States, with an estimated 10 million American consumers having their personal information used to open fraudulent bank, credit card and utility accounts, obtain loans or commit other crimes. Identity theft has now topped the list of consumer complaints to the Federal Trade Commission for the fourth consecutive year and accounts for nearly half of all FTC complaints.

The majority of identity theft crimes are not committed by anonymous strangers, as most people tend to believe, according to Kevin Landel, vice president of technology for California Coast Credit Union. He says victims often know the thieves who pilfer their identities.

"By far, the biggest source of ID theft is still fraud perpetrated by a family member, friend or relative, using simple shared passwords or over-the-shoulder techniques, stolen mail, lost receipts and stolen checks," Landel explained.

A 2004 study showed that 43 percent of ID theft victims believed they knew their imposters, as opposed to having their identities or personal information stolen anonymously by electronic means. Results from a different study by The Ponemon Institute in 2006 support that contention, indicating that the use of malware programs that steal data were reported in only 10 percent of cases.

Despite the fact that most individuals fall victim to this crime through exposure to people they know, electronic theft is attracting more attention from law enforcement today due to the ability of technologically savvy thieves to collect thousands of records at one time. Though the incidence of physical ID theft is still more commonplace, reported electronic theft statistics are nonetheless sobering in defining the magnitude of this growing dilemma. One form of electronic identity theft on the rise is phishing.

Phishing is a criminal activity using computers and electronic techniques to fraudulently acquire personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using e-mail or instant messaging.

"According to the Anti-Phishing Working Group, there were a total of 23,670 phishing Web sites in July of 2006, compared to just 4,564 in July of 2005," Landel said. "That's more than a five-fold increase in one year. And in a recent study done by the University of Indiana, results showed that 14 percent of phishing scams are successful. In other words, people do fall for the scams."

Current examples of identity theft scams in cyberspace include the "awards" scam, in which a financial institution ostensibly deposits $25 in an individual's account in return for filling out a survey. This scam plays off the assumed relationship between the financial institution and the individual, but Landel cautions that individuals should be mindful about providing personal account information unless it's on a secure site.

A false billing scam uses cell phone text messages as a lure to an infected Web site. The messages are sent to phone users thanking them for subscribing to a fictitious dating service and then claim that a daily fee will be added to the users' cell phone account unless they unsubscribe to the service at its online Web site. When users go to the site to unsubscribe, malware is downloaded to their computer to steal their information.

Instant messaging is also being regularly exploited to either relay stolen information or to spread malware, Landel said.

Once thieves have the information, they open new bank accounts or credit cards, file for bankruptcy, create counterfeit checks or debit cards and drain accounts, or purchase cars by taking out loans in the victim's name. This financial nightmare can take anywhere from four months to a year to straighten out.

In response to this growing problem, businesses -- especially financial institutions -- are making changes, beginning with increased consumer education and staff training. In San Diego, a number of credit unions, including California Coast, are hanging FBI posters explaining the latest scams and are training their tellers to better recognize them. They also are beginning to change their methods of communicating with their customers.

"Companies are warning customers that they should never enter their private information online unless they're sure the site they're visiting is legitimate," Landel said. "They should always log into their online banking site, for example, to change settings or verify information. And they should never respond to an e-mail that asks them to accomplish that by clicking on a link in an e-mail."

While it's virtually impossible to prevent ID theft entirely, it is possible to minimize risk simply by managing personal information carefully and staying ever-vigilant, Landel said. That goes for both businesses and individuals.

Start by ordering a copy of your credit report and making sure it's accurate and includes only activities you've authorized. Place passwords on your various accounts and use a combination of letters, numbers and symbols rather than a birth date, Social Security or phone number. Secure the personal information in your home -- especially if you have roommates, employ outside help or have service work done in your home. And inquire about security procedures in the workplace. Find out who has access to personal information, verify that records are kept in a secure location and ask about disposal procedures for those records.

The explosion of the information age, along with the ability today to obtain easy credit, has led to an alarming increase in ID theft activity. Consumer education and heightened vigilance can be effective weapons in the battle to control who has access to personal information and how that information is safeguarded.


Barrett is a staff writer for Beck Ellman Heald Agency.

Related Link: www.idtheftcenter.org

User Response
0 UserComments