Identity theft is now the No. 1 crime in the United States, with an estimated 8.9 million American consumers reporting that their personal information was used to open fraudulent bank, credit card and utility accounts, obtain loans or commit other crimes.
Every 79 seconds, someone becomes a new victim of identity theft, which has now topped the list of consumer complaints to the Federal Trade Commission (FTC) and accounts for nearly half of all complaints the commission receives.
According to the FTC, losses to financial institutions and businesses total nearly $53 billion a year. Last year, identity fraud was the source of 25 percent of credit card fraud and 16 percent of bank or loan fraud.
Interestingly, strangers do not commit the majority of identity theft crimes, as some people might believe, according to Kevin Landel, vice president of technology for California Coast Credit Union. He says victims often know the thieves who pilfer their identities.
"Approximately 47 percent of ID theft is still fraud perpetrated by a family member, friend or relative, using simple shared passwords or over-the-shoulder snooping, stolen mail, stolen checks or misplaced receipts," Landel explained.
Maintaining an awareness of your personal information security can help protect you. Lock up the personal information you have in your home, especially if you have roommates, parties, employ outside help or have service work done in your home. Shred everything with personal information on it before throwing it away, from direct mail to financial information to medical records. Order and review your credit report regularly, making sure that it's accurate and includes only activity you've authorized. Review your bills and account statements regularly, too. Paying your bills online, checking your accounts online and receiving statements electronically are additional ways to protect your personal and financial information.
A large percentage of individuals falls victim to this crime through people they know, but electronic theft is attracting more attention from law enforcement today. Technology-savvy thieves can collect thousands of records at one time. Even though physical ID theft remains more common, reported electronic theft statistics are quite sobering in defining the magnitude of this growing dilemma.
One form of electronic identity theft that remains very prevalent is phishing. According to the Anti-Phishing Working Group, there were a total of 37,438 phishing Web sites in May.
Phishing uses computers and electronic techniques to fraudulently acquire personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using e-mail or instant messaging.
Landel cautions that legitimate financial institutions do not request personal information in an unsecured e-mail, and that people should be extremely cautious about providing personal account information unless it's in a communication that they initiated. He also emphasizes the importance of using secure sites when conducting business online.
Skilled thieves use many different methods, both low and high tech, physical and electronic, to steal personal data.
On the low-tech side, thieves continue to steal wallets, purses and mail that includes bank and credit card statements; they file change of address forms to redirect mail. They also rummage through trash at homes or businesses searching for personal information. They obtain credit reports posing as a landlord or employer, or steal files from businesses where victims are customers, employees, patients or students.
Once thieves possess this personal information, they will open new bank accounts, credit cards or phone accounts. They will file for bankruptcy after racking up debt, negotiate counterfeit checks or use counterfeit debit cards to drain existing accounts, or purchase cars by taking out loans in the victim's name. It can take from four months to over a year to straighten out the financial nightmares that often result.
In response to this ongoing problem, Landel says businesses, especially financial institutions, are making changes, beginning with increased consumer education and staff training.
In San Diego, a number of credit unions are posting ID theft prevention tips on their Web sites, displaying posters created by the FBI that explain the latest scams, and training both staff and members to better recognize the signs of scams.
In addition to financial institutions, many businesses are changing their methods of communicating with their customers, Landel said. They are eliminating links from their e-mails, and implementing security practices such as providing 800 numbers for customers to verify their messages, and showing pictures chosen by individual customers to ensure they know that they are on the company's legitimate Web site.
"Companies are warning customers that they should never enter their private information online unless they're sure the site they're visiting is legitimate," he added. "They should always log into their online banking site through their secure browser, for example. And they should never respond to e-mails that ask them to access or update their accounts by clicking on links in the e-mail."
While it's virtually impossible to prevent ID theft entirely, it is possible to minimize one's risk simply by managing personal information carefully and staying vigilant, Landel says. That goes for both businesses and individuals. Be careful who you deal with online or over the phone just like you would in person. Responding to unsolicited e-mail is the electronic equivalent of strolling down a dark alley.
In addition, place passwords on your various accounts. Make them as complex as the software will allow, with a combination of upper and lower case letters, numbers and symbols, rather than using easily guessed passwords like birth dates, social security or phone numbers.
Inquire about security procedures in the workplace to protect your information, too. Find out who has access to personal information, verify that records are kept in a secure location and ask about disposal procedures for those records.
Individuals who become ID theft victims should take action immediately and keep precise records of all conversations and correspondence. If you are victimized, first notify the three major credit bureaus and place a fraud alert on your credit report. Then close accounts that have been tampered with or been opened fraudulently. File a police report and obtain a copy for your records. It's also advisable to register a complaint with the FTC online. Finally, follow up in writing to document contacts you've made on the phone or in person.
The explosion of the information age, along with the ability today to obtain easy credit, has led to an alarming increase in ID theft activity. While difficult to prevent entirely, consumer education and heightened vigilance can be effective weapons in the battle to control who has access to personal information and how that information is safeguarded.
Heald is principal of Beck Ellman Heald.