Identity Theft Protection
Thank you for taking the time to learn more about “identity theft.” Spending a few minutes reading this now may save you weeks of headaches later. Hopefully, after reading this information, you will be more prepared to protect yourself from identity theft, as well as know what you should do if you become a victim of identity theft.
I am grateful for the assistance of the Mid-Atlantic Great Lakes Region Organized Crime Law Enforcement Network (also known as MAGLOCLEN), of which my office is a member, for helping me bring this important information to you. Please read on and learn about identity theft and how to take preventative measures.
What is “identity theft” and how does identity theft occur?
Identity theft is a popular subject in today’s world, especially in light of recent technological advances. As District Attorney, I have first hand insight into identity theft, which is a major problem affecting approximately 7 million victims nationally in 2002.
There are several definitions of identity theft ranging from those used in the media to technical definitions used in the penal laws. In New York State, the law prohibits identity theft, making it a crime in violation of New York Penal Law Article 190. A Federal statute (18 U.S.C. Section 1028) likewise proscribes identity theft.
For simplicity sake, identity theft can broadly be defined as a fraud that occurs when someone wrongfully obtains and uses another person’s personal identifying information in a way that involves fraud or deception for economic gain.
People frequently do not realize how easily criminals can obtain someone’s personal information. Criminals can literally take over one’s identity by establishing telephone or cell service in the victim’s name, opening bank accounts, applying for credit to purchase automobiles, and even in some cases, filing for bankruptcy under the victim’s name to avoid paying the debts the criminal incurred or to avoid detection. While there are several ways criminals can gain access to personal information, a few are discussed here in order to better educate you and to hopefully help protect you from “identity theft.”
In public places, a criminal may listen to conversations where a victim has to give his or her information over the telephone or to someone at a hotel or rental car agency. This technique is called “shoulder surfing.”
Another way these criminals gain access to information is through “dumpster diving,” which involves rummaging through garbage cans or commercial trash bins to obtain copies of bank statements, checks, credit cards, or other documents that contain personal information, such as a name, address, or telephone number. We all throw away merchandise catalogs, which contain identifying information such as names and account numbers. In one recent scam, a woman scoured the trash at a post office for discarded catalogs, from which she used the information to order merchandise in other people’s names.
If pre-approved credit card applications are thrown away prior to destroying them, criminals may retrieve the information and activate the card without the victim’s knowledge. Similarly, raiding discarded personal computer hard drives is another relatively simple method for accessing personal information.
“Skimming” occurs when a criminal uses a magnetic card reader to obtain personal information from the magnetic strip on credit/debit cards. Typical “skimmers” are people in the service industry, particularly at gas stations, hotels and restaurants catering to out-of-town guests.
Below are three examples that show some other ways in which criminals have committed identity theft in our country.
- A man stole the identities of more than 100 people by working with a woman who had worked in the payroll department of a cellular telephone company. In that position, the woman had access to confidential employee information such as Social Security numbers, with which the man was able to access their stock trading accounts at an online brokerage and transfer money to another account that he had set up. One victim had more than $287,000.00 taken from his brokerage account without his knowledge.
- The Internal Revenue Service (IRS) recently released an alert about a fraudulent scam conducted via e-mail. Some taxpayers have received e-mails from a non-IRS source indicating that the taxpayer is under audit and needs to complete a questionnaire within 48 hours at avoid the assessment of penalties and interest. The e-mail refers to an “e-audit” and references IRS Form 1040. The taxpayer is asked for Social Security numbers, bank account numbers, and other confidential information. The IRS does not conduct e-audits, nor does it notify taxpayers of a pending audit via e-mail. Please be aware that this e-mail is not from the IRS. Any e-mail received of this nature should be saved so that a computer forensics investigation can be conducted to determine the originator.
- In July 2001, personal data that was provided to AT&T Wireless and Verizon Wireless was published on an Internet chat room. An unknown amount of personal information that contained Social Security numbers, driver’s license numbers, dates of birth, and credit card information of hundreds of people was released to an Internet chat room. Subsequent investigation found that a large number of the victims recently purchased cellular telephones via the AT&T Wireless and Verizon Wireless web sites.
Regardless of the method used, once personal information is fraudulently obtained, the criminal then assumes the victim’s identity and contacts credit card issuers, requesting to change the mailing address on the credit account. The imposter then charges on the account. Since the bills are going to another address, it may take months before the credit card company realizes a problem has arisen with that credit card.
In addition to knowing how past identity theft crimes have been committed, there are measures to help protect you from identity theft, which is the topic discuss in the second column
How does one avoid identity theft?
While there are no sure-fire methods, the following suggestions are some practical means to better protect you. Although obvious, people frequently forget that they should never give personal information to others, unless the requester is known and the information is necessary. If someone contacts a consumer offering something or stating that he has won a prize, and asks for personal information, request something in writing first. If information is sent in writing, contact the Better Business Bureau regarding the organization in question.
Below are some points to follow:
- Check financial institution information and credit reports at least annually, and look for what should and should not be there. What should appear on your credit report are your bank accounts, credit card accounts, and monthly bank and credit card statements. If they are not there, call the companies to see why. What should not appear in the report is anything that the consumer did not authorize.
- Safeguard your driver’s license and other forms of identification at all times, even in your home or office.
- Personalized information needed to commit an identity theft is vital, but not limited to the following examples: mother’s maiden name, the victim’s name, address, date of birth, Social Security number, telephone number, address, e-mail address, last known address, checking/savings number, etc.
- Maintain careful records of banking and financial accounts.
- Shred all documents that contain personal information.
- Be vigilant at ATM machines and cash registers.
- Do not leave bills in the mailbox. Rather, when mailing bills, use the post office or locked mailboxes.
- Cancel all credit cards that are no longer in use.
- Never carry Social Security cards, birth certificates, or passports on your person unless traveling over international lines.
- Never give credit card information over the telephone unless you initiate the call.
- Never put Social Security numbers or telephone numbers on any unnecessary checks or credit receipts.
- Remove names from promotional lists.
- Be careful of what information could be provided to Internet websites.
- Do not trust e-mails. As mentioned above, the Internal Revenue Service (IRS) is conducting an investigation on a scam where victims are requested to provide personal information for the purpose of an “e-audit.” This e-mail is not from the IRS and should be saved so a computer forensic investigation can be conducted to find the originator.
- Do not give out credit card information unless the latest security protocols are in place. Periodically check your computer to ensure that updated security systems are functioning. For example, to be sure that the computer in question is accessing these protocols you should go to Tools, Internet Options, Advanced, Security Section, and then check the box that warns if changing between secure and not secure mode. When this option is in place, you will be prompted when entering and exiting these secure sites. To double check if the protocol is in place, make sure there is a lock in the “locked” position located in the lower right hand side of the toolbar. If you need additional assistance or would like more information about computer security, please consult your computer’s owner’s manual or contact the technical support network.
- Do not trust a web site just because it says it is secure.
- Always read the fine print.
- Use shredding software or remove or destroy hard drives before discarding computers.
While I frequently prosecute these kinds of cases, I prefer crime prevention. Therefore, please follow the above tips and be careful. If you should become a victim of identity theft, you should take some important steps, which is the topic of the third column.
What can a victim do?
I hope that no one is victimized by identity theft. However, if someone suspects he or she may be victim of identity theft, please contact the New York State Police, Saratoga County Sheriff’s Office, or local police department and file a report identifying what accounts may have been compromised. The victim should also contact the Department of Motor Vehicles to see if a driver’s license was issued in his or her name and request a fraud alert be placed on his/her name.
If a civil action has been issued against the victim for actions of debt, the victim should contact the debt collector and/or an attorney. The victim should advise the collector that he or she is the victim of identity theft and obtain the procedures required to clear his/her name.
Victims should also contact the fraud departments of the three major credit bureaus:
- Equifax (1-800 685-1111 or 1-800-525-6285)
- Experian (1-888-397-3742), and
- Trans Union (1-800 916-8800 or 1-800-680-7289).
After the victim reports the theft of their credit card information, he or she should request that the credit bureau place an identity theft flag on the report. At this time, a victim can request the credit bureaus to contact them personally, by telephone or writing, before approving any credit requests in the future. The victim should also ask the credit bureaus to remove any inquiries that have been placed on the report as a result of the fraudulent accounts.
All creditors should be contacted, including store loan agencies, and be advised of the situation at hand. A victim should request to fill out an affidavit stating that purchases made were not authorized. Obtain copies of all fraudulent applications or contracts, and keep a log of all contacts with law enforcement and financial institutions. If it becomes necessary for the victim to appear in court, these financial records will be very important in resolving the case.
Along with contacting a police agency and the credit bureaus, a victim should also contact the following:
- Their credit card companies, banks, etc.
- The Federal Trade Commission (FTC) to report the situation at (877) ID-THEFT, or mail to: Consumer Responses Center, FTC, 600 Pennsylvania Avenue NW, Washington, DC 20580.
- Contact the nearest United States Postal Inspection Service for mail related identity theft.
- Contact the Social Security Administration to report Social Security fraud at 1-800-829-0433.
- Contact the Internal Revenue Service (IRS) if you suspect the improper use of personal information in connection with tax violations, by calling 1-800-829-0433.
- Lastly, contact the United States Secret Service. The Secret Service investigates all types of fraud, and may be able to tie the victim’s case to another suspected fraud ring.
Should criminal charges be filed in Saratoga County, a victim should also contact the Crime Victim’s Unit of the Saratoga County District Attorney’s Office (518) 885-6612, and a Crime Victim Advocate will assist the victim as the case proceeds through the criminal justice system. Although being victimized by identity theft is not pleasant, the good news is that in time a victim can take control and get his/her life back in order.
Thank you again for taking the time to educate yourself. Please take additional time to follow the above suggestions and reduce your risk of becoming a victim of identity theft.