Article

In this article, forensic document examiner, Mark Songer D-ABFE, CFC, discusses some of the methods used by identity thieves to acquire personal data and strategies that individuals can use to guard against identity theft.

Many Faces of Identity Theft

With the announcement earlier in 2014 of a major data security breach from Home Depot, it seems that identity thieves never fall short of finding an endless supply of victims. The retailer stated that over 56 million credit and debit card numbers were compromised over a five-month period in one of the worst breaches of customer data ever recorded. The data theft began in April as hackers installed malware onto the retailer’s computer servers. Home Depot has assured consumers whose data was breached and exploited that the malware was removed. Home Depot has offered a year of free credit report monitoring to customers who risked their financial information during those five months. [1] However, this can be of little comfort for those who were victimized by the breach and expected better protection and privacy as a consumer.

According to a report written by the Department of Justice’s Bureau of Justice Statistics, it is estimated 16.6 million people experienced some type of identity theft in 2012. The financial fallout of these crimes was calculated at a staggering $24.7 billion dollars. What may be considered equally frightening is the way victims were said to have commonly discovered that they were indeed victims; through the monitoring of their financial institutions. [2] Financial institutions, such as US Bank, tote on their website that they are using “state-of-the art tools and monitoring systems to ensure your identity is safe… [3] However, with identity theft bringing in billions of dollars a year, one can speculate that consumers still have quite a way to go to help prevent their own identity from being stolen and exploited.

Though this seems to be the most prevalent way a criminal can tap into privacy of a consumer, there are a few other notable ways that identity crimes have been successful. Synthetic identity, mass marketing and senior citizen identity frauds are other ways that crooks invade the everyday lives of an unsuspecting victim. Financial institutions are not the only groups to have specialty units targeting identity theft. Federal, state and local law enforcement agencies have employed officers solely to target these crimes in their jurisdictions. [4]

Synthetic identity theft has become the antithesis to what we would call “true identity theft”. With synthetic identity theft, a criminal will use a fake name, address or phone number with the victim’s real social security number. This is a combination of real and fake information to obtain a fake or synthetic identity. As opposed to true identity theft in which a crook will take all of your real information to use for misappropriated gain. However, both of these types of identity theft allow the criminal to obtain credit, apply for mortgages, and obtain other goods and services in with the victim’s social security number.

Credit bureau monitoring does not help consumers figure out if they have a synthetic identity. Here’s why: since synthetic identity has your social security number, but not your name, it creates a sub-file that is linked to your credit report. This sub-file is hidden from your main credit file so it would not be something you would see yourself if you pulled up your credit report online. Bigger problems occur if there is negative reporting on that sub-file which could impact your credit score. And, because of the nature of a sub-file, credit monitoring or a fraud alert will not stop the criminal from continuing to use the fake credentials. [5]

Synthetic identity theft and fraud can be problematic for the credit bureaus to detect and resolve. The information they are using is partially correct so it creates a problem for the credit agency to try and fit the pieces of the puzzle. Considering the amount of credit profiles that are being updated every day, one can speculate that it probably takes some time for this type of fraud to be resolved.

Another troublesome venture for criminals trying to steal your identity is the use of mass marketing fraud. This crime is generally any type of fraud scheme that uses one or more mass-communication techniques and technologies. This can be the Internet, use of telephone, the mail, and group meetings with the intent to fraudulently solicit, conduct transactions or transmit monetary proceeds to a financial institution or others knowingly involved in the scheme. [6]

According to the Department of Justice Criminal Fraud website, mass-marketing fraud schemes generally fall into three main categories: advance-fee fraud, bank and financial account schemes and investment opportunities.[6]

An example of an advance-fee fraud scheme is an online business opportunity that affords a victim to work from home. These ventures solicit individuals to pay upfront monies that range from a few hundred to a few thousand dollars to set up their business. Unknowing to the consumer, they are being scammed. By the time the victim realizes that it is a scam, the fraudster’s contact information no longer is valid and has already moved on to the next victim.

The Department of Justice’s fraud website compiled a helpful list of steps that consumers can take to help individuals recognize if they are being used in mass marketing schemes. These can include, but are not limited to:

  • Do not judge what is being offered by first impressions. Though it may sound tempting or too good to be true, more often than not it typically is and a criminal is hoping you fall for the bait. An example that can be used is finding a product (via an Internet link you click on) that is unbelievably cheap. The website is an easy way for criminals to install malware to track your personal and financial information.
  • Demands from a company to pay “advance fees” are a red flag. Bottom line is a legitimate business will not try to intimidate or bully you into sending funds before you receive goods or services that have been promised. It would be in your best interest to try and research the company with which you intend to do business. A simple search could potentially save you lost monies and a giant headache.
  • Beware about giving out your personal information over the telephone or online. A random call or e-mail from someone claiming they are from your financial institution will never call to ask you to verify this information. If you are in doubt, hang up. And, then call the customer service number you have for your bank or give them a visit in person. Emails from someone that is giving you no useful identifying data is also a red flag. This could mean that this person is not willing to allow to be contacted in the future because they are selling you a false sale of goods. [6]

While mass marketing identity theft continues to be profitable for thieves, it is senior citizens that remain the largest target of identity theft crimes.

According to the Federal Trade Commission’s 2013 statistical report, identity thefts from senior citizens are their top consumer complaint. Seniors represent nearly 36 percent of all identity theft victims. Another 49 percent of victims over 50 years of age are victims of fraud that entails a criminal lying about their identity and delivering documents or requests for personal information.[7]

Seniors can be targeted by phone calls, mail or emails. Scammers contact seniors claiming to be a legitimate company, a government entity or financial institution. Victims are then tricked into sharing their account passwords, social security numbers, bank account numbers, and credit card numbers. Armed with the illegally obtained information, criminals can obtain government documents, new credit card accounts or other financial transactions in the victim’s name.

Several schemes that prey on the elderly are reverse mortgage scams, funeral and burial frauds, healthcare or prescription medicine fraud, along with host of telemarketing schemes. The elderly can also fall victim to identity theft from a person pretending to help with groceries, but is a thief or even a store employee that makes off with their purse. Wallets and purses provide thieves with PIN numbers, checks, credit cards, driver’s licenses and other personal identification. Some useful tips to prevent this type of theft include:

  • DO NOT carry your social security card in your purse or wallet. Make sure that it is not written anywhere inside your wallet in the event your wallet becomes lost or stolen.
  • NEVER write bankcard access number or PIN on the back of your debit/credit card. Never write this number down and carry it with you or store in your cell phone.
  • Do not give into peer pressure to make a purchase. Do your homework and carefully go over all information. Also, check out the company that wants your business.
  • Promptly pick up your mail. If you expect to be out of town, request that the post office hold your mail for you to pick up at a later date. If possible, putting a lock on your mailbox will keep unwanted hands out!
  • Late bank or credit card statements could be a red flag. If you have yet to receive these, call your financial institution immediately. In the wrong hands, these statements can allow crooks to gain financial access into your world.
  • YES you want receipts! As much as you want to be eco-friendly by not having the clerk print up a receipt for a small purchase, you may be doing yourself a favor in the long run. Unauthorized transactions have occurred with a store employee helping themselves to extra monies from your account.
  • Shred all receipts, credit card offers you receive in the mail, account statements, expired credit cards and other documents that contain critical information. A small home office sized shredder costs ~$20; it’s a wise investment that can prevent financial hardship down the road.
  • Do not leave your personal information lying around at home or work.
  • Install the highest levels of firewall and virus-detection security your computer can handle.
  • Check your credit report each year to look for suspicious activity. This can be more frequent if you have fallen victim to identity theft in the past. [8]

If you have become a victim of identity theft, it is important to report it to the proper authorities. Notifying your bank is foremost when finding that monies have been stolen from your account. Stop payment on any outstanding checks that may not have cleared, change your Automated Teller Machine (ATM) card, account, and Personal Identification Number (PIN). Also, contact other financial institutions that had accounts set up without your knowledge and close those accounts immediately. Finding the check verification companies that have been used in setting up an account or used in the purchase of goods or services need to be informed. 9Utility and cell phone service accounts that have been illegally obtained in your name should be shut off. This is a jumping off point to begin to rectify the problems that victimized consumers must deal to gain some control over their identity.

The California Public Interest Research Group (CalPIRG) and the Privacy Rights Clearinghouse offers the following comprehensive list of other actions to be taken according to the type of identity theft that has occurred:

  1. Contact the Federal Trade Commission (FTC) to report the situation, whether online, or
  2. By telephone toll-free at 1-877-ID THEFT (877-438-4338) or TDD at 1-866-653-4261, or
  3. By mail to Consumer Response Center, FTC, 600 Pennsylvania Avenue, N.W., Washington, DC 20580.

Under the Identity Theft and Assumption Deterrence Act, the FTC is responsible for receiving and processing complaints from people who believe they may be victims of identity theft, providing informational materials to those people, and referring those complaints to appropriate entities, including the major credit reporting agencies and law enforcement agencies. The FTC offers more information on their identity theft Website.

You may also need to contact other agencies for other types of identity theft:

  1. Your local post office if there is belief that your mail or mailing address has been used to commit identity theft or fraud.
  2. Call the Social Security Administration at 800-269-0271 to report the fraudulent social security use of a social security number or claims.
  3. The Internal Revenue Service at 800-829-0433 to report fraud concerning illegal use of identity and tax code violations.

The 3 major credit-reporting companies in the United States each have designated fraud units.

Equifax

  1. Concerns about fraud call (800) 525-6285 or write to P.O. Box 740250, Atlanta, GA 30374-0250.
  2. For a copy of your credit report, call (800) 685-1111 or write to P.O. Box 740241, Atlanta, GA 30374-0241.
  3. Your credit report gives you a toll free number to call for disputed credit reporting.
  4. To opt out of pre-approved offers of credit, call (888) 567-8688 or write to Equifax Options, P.O. Box 740123, Atlanta GA 30374-0123.

Experian

  1. Concerns about fraud call (888) Experian or (888) 397-3742, fax to (800) 301-7196, or write to P.O. Box 1017, Allen, TX 75013.
  2. For a copy of your credit report, call (888) Experian or write to: P.O. Box 2104, Allen TX 75013.
  3. Your credit report gives you a toll free number to call for disputed credit reporting.
  4. To opt out of pre-approved offers of credit and marketing lists, call (888) 5OPTOUT or write to P.O. Box 919, Allen, TX75013.

Transunion

  1. Concerns about fraud call (800) 680-7289 or write to P.O. Box 6790, Fullerton, CA 92634.
  2. For a copy of your credit report call (800) 888-4213 or write to P.O. Box 390, Springfield, PA 19064.
  3. Your credit report gives you a toll free number to call for disputed credit reporting.
  4. To opt out of pre-approved offers of credit and marketing lists, call (800) 680-7293 or (888) 5OPTOUT or write to P.O Box 97328, Jackson, MS 39238.9

Sources:

  1. The Home Depot.The Home Depot Completes Malware Elimination and Enhanced Encryption of Payment Data in All U.S. Stores. Atlanta, GA. 18 Sept. 2014. Web. 20 Sept. 2014. <https://corporate.homedepot.com/MediaCenter/Documents/Press%20Release.pdf+&cd=1&hl=en&ct=clnk&gl=us&client=safari>.
  2. Harrell, Erika PhD and Langton, Harrell PhD. Victim’s of Identity Theft 2012. Washington: U.S. Dept. of Justice, Office of Justice Programs, Bureau of Justice Statistics, Dec. 2013. Web. 20 Sept. 2014. <http://www.bjs.gov/content/pub/pdf/vit12.pdf>.
  3. U.S. Bank/Bancorp. Identity Theft. Web. 20 Sept. 2014. <https://www.usbank.com/cgi_w/cfm/personal/achieve_goals/id_theft.cfm>.
  4. Washington: U.S. Dept. of Justice, Financial Fraud Enforcement Task Force.About the Task Force. Web. 19 Sept. 2014.<http://www.stopfraud.gov>.
  5. Britnell, Lanny. Identity Theft America: The Changing Face of Identity.Washington: Federal Trade Commission. Web. 21 Sept. <http://www.ftc.gov/sites/default/files/documents/public_comments/credit-report-freezes-534030-00033/534030-00033.pdf>.
  6. Washington: U.S. Department of Justice, Criminal Division, Fraud.Mass Marketing Fraud. Web.22 Sept 2014. <http://www.justice.gov/criminal/fraud/internet/>.
  7. Washington: Federal Trade Commission. 2013 Consumer Fraud Report: Consumer Network Sentinel Datebook January-December 2012. Web. 26 Sept 2014.<http://www.ftc.gov/reports/consumer-sentinel-network-data-book-january-december-2012>.
  8. Washington: U.S. Dept. of Justice, Federal Bureau of Investigation.Common Fraud Schemes: Seniors. Web. 22 Sept. 2014. <http://www.fbi.gov/scams-safety/fraud/seniors>.


 

Featured Expert

Mark Songer, FDE

Mark Songer is a former FBI Special Agent and Forensic Examiner specializing in Forensic Document Examinations. He is a qualified expert in both Federal and State Courts. For more information, you can reach Mark at mark@robsonforensic.com