more on Do you know where your identity has been?

[David Farber <dave () farber net>]

------ Forwarded Message
From: Tom Goltz <tgoltz () QuietSoftware com>
Date: Thu, 28 Apr 2005 20:59:21 -0400
To: <dave () farber net>
Cc: <bray () globe com>
Subject: Re: [IP] Do you know where your identity has been?

Quoting from "Do you know where your identity has been?" published April
24, 2005 in the Boston Globe, written by Hiawatha Bray:
> According to TowerGroup, a Needham consulting firm, most of the
> estimated 10 million cases of identity theft cited in 2002 were
> standard credit card and check forgery scams.
>
> Fewer than 200,000 were serious attempts to duplicate someone else's
> identity, in an effort to get new credit cards, drivers licenses, or
> passports.

An interesting set of numbers.  I'd like to know the source of these
numbers, as well as the methodology used to classify incidents as "serious
attempts" vs "standard fraud".

> State and federal lawmakers are rolling out legislation to toughen
> the penalties for identity theft and to force companies to lock down
> their customers' private data.
>
> Better laws might help, but only to a point. We've got to protect ourselves.

This might as well have been written by the credit industry.  Speaking as a
victim of identity theft, there is absolutely nothing that an individual
can do to effectively protect themselves against identity theft.

Do you know what your identity is worth?  Mine cost $200.  That's what a
criminal paid on a street corner in Los Angeles.  Add in $75 for a
low-grade forgery of a driver's license, and he was in business.  To this
day, I have been unable to discover how my personal information ended up on
that street corner.  I own and religiously use a high-quality confetti-cut
paper shredder.  I have never received sensitive financial correspondence
at the unsecured mailbox at my home, instead renting a locked post office
box.  I have made a policy of not disclosing my social security number
whenever possible.  My SSN has never been on my driver's license.  It has
never been printed on my checks.  I do not carry my social security card in
my wallet, nor any other document bearing my SSN.

In spite of all this, my identity was stolen, and used to open a half-dozen
credit accounts in my name, which were then used to obtain almost $20,000
in merchandise.  If the thief has just been a little smarter, he would have
doubled that figure.

What made all this possible?  A credit industry that refuses to do even the
most basic of checks when someone walks into a retail establishment and
asks to open a credit account.  The forged driver's license this thief was
using had several spelling errors.  It used the driver's license number of
a female with a different name.  The address on the driver's license was a
vacant lot in Costa Mesa, CA.  It was a California license, but the thief
was using a cell phone number with a New Hampshire area code.  For over six
weeks, only one company noticed, and they couldn't even be bothered to
notify the authorities of an attempt to steal a $15,000 car.  It wasn't
until the thief headed for Las Vegas and attempted to reproduce his scam
there that an alert store security manager noticed a problem.  This manager
not only had the thief arrested, but he tracked me down and notified me
that it had happened.

Another standard piece of advice is to regularly check your credit
reports.  Considering that it took over six months for the first of the
fraudulent accounts to appear on my credit report, it would have been
possible to steal tens or hundreds of thousands of dollars in merchandise
before the first hint of trouble appeared there.

That's even assuming you can get a copy of your reports.  When Las Vegas
police asked me to check my credit files to see if they could bring any
other charges against the thief they had in custody, I contacted all three
of the major credit bureaus and requested that they send me a copy of my
report immediately.  I was informed by all three companies that the
quickest I could get a copy of my own report was between thirty and ninety
days.  It took me almost two entire business days spent on the phone to get
that much!

Of course, anybody with a commercial account with one of these companies
can have all of my information in a matter of seconds for a small fee, no
questions asked.  The fact that this thief was likely to be released on
bail and long gone before those reports arrived didn't appear to matter to
the people I talked to.

I'd turn the statement above completely around: Taking measures to protect
yourself from identity theft might help, but only to a point.  Until
effective laws are passed forcing the credit industry, both lenders and
data brokers alike to take responsibility for their irresponsible actions,
identity theft and it's accompanying fraud will be nearly unstoppable.


------ End of Forwarded Message


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/