There are many forms of identity theft ranging from the simple theft and illegal use of credit card numbers to
sophisticated web spoofing schemes that steal information from users by logging keystrokes.
In this article, I will cover some of the most common simple schemes, and I'll offer some prevention and protection
tips that might help you to avoid becoming a victim. In future articles I will go over more sophisticated schemes that
can be far more damaging, yet are generally more preventable.
Common Simple Schemes
You're at a restaurant, you have a meal...maybe it wasn't so good, and maybe the service was lousy, too, prompting you
to leave a smaller tip. Or maybe everything was stupendous, and you leave a fantastic tip. It really doesn't matter,
because when you hand over your credit card to your server, unless the transaction is run within your view (hidden card
scanners notwithstanding), you and your identity are making an assumption based upon trust - namely, that your server
will not steal from you, whatever the motivation.
Your trust is generally well-founded. After all, most servers are trying to make an honest living like the rest of
us. But not this time. This time around, the server takes your credit card and decides to double charge you while
skimming the overage from the cash drawer for him or herself - judging by that big tip you just left, you'll never miss
the cash. Or perhaps the server decides that your tip is not enough and runs a little extra on your card. Maybe your
server decides to take the card number to use at a later time for a fantastic one-of-a-kind shopping spree.
Weeks later, you receive your credit card statement. You may not notice the tip increase or even remember the amount of
the original tip. You might notice the double-charged meal, and you will almost certainly note the one-of-a-kind
shopping extravaganza. Even worse, you may not be looking at your credit card statement. You might be looking at your
bank statement, along with a long list of overdraft fees for insufficient funds, because you paid with your debit card:
the thief's purchases were directly linked to your bank account.
Though the above scenario is among the simplest forms of identity theft, it is also among the more difficult types to
prevent. After all, unless you only eat at restaurants where you are able to observe card transactions, it is virtually
impossible to ensure that your transactions are 100% safe. Phone, online, and internet purchases fall within the same
realm, the primary difference being that the criminals who steal your credit card numbers via phone or online are
effectively anonymous. Though prevention is more difficult in these cases, there are some steps you can take to protect
yourself and/or mitigate the damage, whether at a restaurant, over the phone, or online:
- Credit Card versus Debit Card. In any environment where you cannot observe the handling of
your card, whether that is in a restaurant, on the phone, or online, consider using a credit card instead of a debit
card. Even though most debit cards are insured identically to credit cards against theft and abuse, the hassle factor
and hours spent trying to recover from the fallout caused by a stolen debit card can be overwhelming. If your bank
account has been emptied, consider that you are the one who has to call your creditors, make re-payments, front the costs
of some penalties and late fees (even if they eventually get reimbursed), and endure the general embarrassment of having
to explain why you're not really a dead-beat just because your checks bounced. Making a single call to cancel a credit
card is much simpler.
- Cards with a Purpose. It is a good idea to have a credit card specifically designated for
transactions that cannot be directly observed. Designating credit cards for specific purposes and transactions, such as
online purchases, provides you the benefit of knowing how/where your card may have been compromised and provides some
security in that you'll still be able to use your other cards without worrying whether or not they have been compromised.
Notable exceptions to this rule would be online bill payments with trusted sources (e.g. utilities, insurance, mortgage,
etc.) where they require debit cards or direct bank account withdrawals. Nevertheless, you should monitor even trusted
sources regularly. It is not unheard of for large organizations to be hacked - just ask Microsoft, Apple, Sony,
Facebook, Twitter, The New York Times, the VA, and thousands of other organizations.
- Fraud Prevention and Account Alerts. Most banks and credit card institutions offer account
alerts and other fraud prevention tools, and they usually offer them for free. Using these tools is probably the best
way to control the damage once a card has been compromised. With most major institutions, you can set up email alerts
for any purchases made over a certain amount in any given day. You can also impose daily purchase limits to restrict how
much can be spent on a card each day. Many institutions offer services to monitor your cards for unusual activity, as
well. Take advantage of all of these services.
- Vigilance. It may sound cliché, but vigilance is one of the best ways to protect
yourself against all forms of identity theft. Many would be surprised at the frequency that they have been charged or
overcharged for something for which they still remain unaware. In recent years, I have personally seen double charges
and over charges from restaurants, cell phone companies, barbershops, online stores, and other establishments with
disturbing frequency. In most cases, the errors could be chalked up to human error or they might be fraud - the nature
of the transactions make it difficult differentiate. Regardless of the motive, the net result is the same: if you don't
catch the charge, you're paying without the benefit of receiving anything in return.
Even Gooder (More Simplistic Yet Effective Schemes)
There are endless numbers of simple schemes, but there are some that tend to be more effective than others, though
they are generally more preventable than the first scenario.
Smash and Grab
During the process of writing this article, one of my colleagues showed me a picture of his late model vehicle with
its window smashed in. His wife had left her purse in the vehicle while making a quick stop …just an in and out
errand. She had even attempted to conceal her purse so as not to be visible to random passers-by. Unfortunately,
someone was watching, and in just the four or five minutes that she was inside, the thief managed to smash the window and
grab her purse from behind the seat. By the time she got back, there was no sign of the perpetrator, but her purse was
gone and several hundred dollars of damage had been inflicted upon the vehicle.
This sort of identity theft can be among the worst because the consequences from the information obtained by the
criminal can follow the victim for a very long time. I say it "can" be among the worst because most criminals that smash
into cars are not usually savvy enough to fully exploit their plunder. Nevertheless, the fact that the possibility
exists for extreme harm means that you have to deal with these types of situations with extreme caution and vigilance.
Not only does the criminal have direct access to any cash and credit cards that were in the purse, posing an immediate
threat, but an enterprising criminal can use what is in the purse to much more devastating effect over the weeks and
months to come.
Aside from the obvious threat of burglary by virtue of knowing a person’s name and address, there is a lot of
information that might be used. Consider that the license has her name, address, and date of birth. What about her
Social Security card? Many people carry them. That information alone will allow the thief to apply for credit cards,
loans, file false tax returns, purchase goods on credit from local stores, and the list goes on. Was there a checkbook?
If so, aside from the obvious threat of writing checks directly out of the check book, the thief now has a bank account
and routing number to exploit. If the crook happens to be somewhat sophisticated (unlikely but possible), he could go so
far as to print his own checks while using her account information. It would only take a laser printer with a special
printing resin to do so; it may not be common knowledge for the average criminal, but it’s not exactly a secret,
Because of the potential of what can happen in a crime such as this in a worst case scenario where all of the
information is harvested, I will, for now, cover only the prevention aspect. From personal experience, I can tell you
that the process of unraveling extreme forms of identity theft can be involved. Indeed, they require an entire article
unto themselves to go over the various steps you’ll need to take to undo the harm of full-blown identity theft and
to further protect yourself from future damage to your credit and finances.
Some crimes are opportunistic. Some are not. It doesn’t matter. If a crook sees a woman get out of a car, and
she’s not carrying a purse, there’s a pretty fair chance that her purse is in the car. Whether or not the
purse is hidden becomes a moot point in such a scenario, because most criminals will likely figure this out.
Fortunately, prevention in this case is 100% effective. Simply put, don’t leave your purse, wallet, phone, laptop,
iPad or any other item of value unattended in your car or elsewhere in a public area. Understand that experienced
criminals can perform a smash and grab within a minute or two - less time than it takes you to walk from your parked car
to the door of your local Walmart. There is no window of time that is safe for your valuables in your car (including
your kids!) if you are not physically with them.
Mailing it Home
When you mail out your bill payments, do you place the mail in your mailbox and put the flag up? What about when you
fill out a credit application that you received in the mail? How about your tax return? Well, guess what? When you put
that flag up, it doesn't require special "Mail Carrier Vision" to see. In reality, that little flag is a burning, bright
beacon set to attract any identity thief who might happen to be nearby. Incoming mail can be at risk, too, though you
can purchase USPS secure mailboxes to protect that.
This sort of identity theft is often more calculated than the other types mentioned in this article, because the
thieves may observe a house for a period of time to figure out when mail delivery occurs, what time people are home, and
determine the best times to stop by unnoticed. They may then frequent your mailbox over time to selectively choose items
(tax season might net a juicy little check for them) or to simply steal your outgoing checks, credit
applications and other personal information.
Preventing the Attraction
Again, this is one in which prevention is 100% effective. For those of you who receive mail at home that might put you at risk for theft, such as money or sensitive information, you can purchase USPS-approved secure mailboxes - these are mailboxes that enable the mail carrier to drop off your mail through a slot and for which you have a key to retrieve the mail - the carrier does not have a key and will not deal with locks directly for home mailboxes.
For outgoing mail, you simply shouldn't put checks or other personal information into your unsecure mailbox. Designate days for which you will stop by a nearby secure USPS mailbox or post office to drop off bill payments and anything containing personal data that might put you at risk. It may sound like a hassle, but setting such a routine is nowhere near the hassle of having to deal with creditors, banks, and lenders who are calling to collect on loans you've never taken out. They don't care if you've had your identity stolen, and they will continue to hound you no matter what you tell them. They just want their money, and they don't care who they get it from.
It's also a *big* hassle when the IRS rejects your tax return because some criminal filed a false tax return in your name. It's even more of a hassle when you have to go to the police station to get a police report to send with an affidavit to the IRS all to declare that you didn't file the first tax return. A year later, when the IRS is still sending you nasty notices about incorrectly filing the first tax return as a single person, telling you that they are getting ready to take action, even though you've already established to them that the first return was fraudulent, it is a *really really really big* hassle. Of course the biggest hassle of all is finding out that no law enforcement agency will actually investigate the fraud while you're left to your own devices to muddle through the mess, and you're on your own in any efforts to prevent further abuse.
Trust me. Stopping by the postoffice once or twice a week isn't really much of a hassle at all.
To sum it up, it is a good idea to use credit cards for unobserved transactions such as restaurants, online purchases, and phone purchases. It is also useful to separate your credit cards out for specific purposes so that if one gets compromised, you can identify the source and feel secure in the knowledge that you've compartmentalized the damage. When you have to use your debit card online for certain kinds of trusted services, be watchful, and check your statements frequently. Use the spending and fraud alert services offered by your banking and credit card institutions. Be vigilant.
Avoid leaving valuables unattended...anywhere...Don't give criminals an easy way to take your identity or your stuff.
Don't shine a spotlight on your personal information and hard-earned dollars - crooks are like moths, they'll be the first go into the light but not in a good way. Forget the little flag, and go to the post office or a secure mailbox to mail out personal information and payments.
Finally, as you probably gathered from my writing, I have some personal experience with identity theft; and no, not as the one committing it. Over the next couple of articles, I'll go into some more in depth and intricate schemes, and I'll relate to you some personal experiences, while offering additional steps that you can take both to help prevent it from happening to you and to protect yourself if you happen to be targeted.
If you found the article interesting, please feel free to Like it and/or share it with others.